Sponsors

  • Microsoft
  • Nebula
  • Google
  • SugarCRM
  • Facebook
  • HP
  • Intel
  • Rackspace Hosting
  • WSO2
  • Alfresco
  • BlackBerry
  • CUBRID
  • Dell
  • eBay
  • Heroku
  • InfiniteGraph
  • JBoss
  • LeaseWeb
  • Liferay
  • Media Temple, Inc.
  • OpenShift
  • Oracle
  • Percona
  • Puppet Labs
  • Qualcomm Innovation Center, Inc.
  • Rentrak
  • Silicon Mechanics
  • SoftLayer Technologies, Inc.
  • SourceGear
  • Urban Airship
  • Vertica
  • VMware
  • (mt) Media Temple, Inc.

Sponsorship Opportunities

For information on exhibition and sponsorship opportunities at the convention, contact Sharon Cordesse at scordesse@oreilly.com

Download the OSCON Sponsor/Exhibitor Prospectus

Contact Us

View a complete list of OSCON contacts

Network
Join Attendee Network
 

Cornac: Static Audit for PHP

Damien Seguy (Expert Services Consultant)
11:30am Thursday, 07/28/2011
PHP
 Location: D137
Tags: php, open_source, audit, static
Presentations: Cornac_ Static Audit for PHP Presentation [ZIP],
Cornac_ Static Audit for PHP Presentation 2 [PDF],
external link
Average rating: ***..
(3.00, 5 ratings)

Most of the time, auditing PHP code is done manually. One need to read the code to understand it, and find flaws (security, business, quality…)

Static analysis takes over manual auditing by providing means to search all the code, without leaving a stone unturned : it still needs to do this according to direction.

During this session, we’ll cover the use an open static analysis tool, also known as cornac, that will provide us invaluable information such as : PHP 5.3 compabitility, security flaws, inclusion tree, unused variables and arguments, GPC manipulations, stange names and classes inventories.

This is the best way to take a look at one’s code with hindsight. We’ll share with the audience code metrics and must-check structures of code.

Presentation

View SlidesHide Slides

People planning to attend this session also want to see:

Photo of Damien Seguy

Damien Seguy

Expert Services Consultant

Damien Seguy is a LAMP consultant.

Damien coaches large teams about industrialisation and security. He works actively in the field of performances and technology study to startup and large institutions in France. He is also co-author of several books, Zend Certifications, phather of the elePHPant plush toy. He founded AFUP and PHP Québec.

Comments on this page are now closed.

Comments

Picture of Damien Seguy
Damien Seguy
08/18/2011 2:15am PDT

Here : www.slideshare.net/dseguy

Sorry for the delay.

Gauthier de Valensart
08/16/2011 4:22am PDT

Is there any way to get your Oscon 2011 presentation slides?

Thank you