Study finds copying code from Stack Overflow leads to reduced security for GitHub project

Now finding code directly from the Web to copy to a project is a regular practice for programmers, and Stack Overflow is the main source of code. However, recent studies have shown that copying code from Stack Overflow into a project increases the probability of a vulnerability significantly.

The researchers analyzed 1,325 Stack Overflow posts and obtained more than 72,000 of them in C++ code, and found 69 vulnerabilities with 29 types.

These vulnerabilities occurred in 2589 GitHub warehouses, and the researchers notified the affected GitHub project authors, but only a few chose to fix known hazards.

The researchers showed how the code with the vulnerability was primarily brought into GitHub from Stack Overflow, including incorrect checks and incorrect coding of incorrect, abnormal, or unusual input validations most often found, such as incomplete copying code.

研究发现从Stack Overflow复制代码的习惯导致GitHub项目安全性下降

For more information, check out:

Add a Comment

Your email address will not be published. Required fields are marked *