Dev Blog - Bufferoverflow
February 12, 2022
Being bored and not wanting to study, I randomly checked up my Github repo and realized the static analyzer flagged a critical vulnerability in my code. For those of you not familiar with static analyzer, it is a security tool that reviews/analyzes code to determine if there are any obvious security vulnerabilities in your code. On Github, there is a pipeline workflow feature that allows you to execute specific scripts/actions for any code changes you push called Github Actions. Github has made it convenient to setup security analysis on your repo. The static analyzer I am using is called CodeQL, a tool created by Github. Here’s an example of the report that was flagged: