...
Failure to verify a digital signature, whether manually or programmatically, can result in the execution of malicious code.
Rule | Severity | Likelihood | Detectable | RepairableRemediation Cost | Priority | Level |
|---|---|---|---|---|---|---|
SEC06-J | High | Probable | No | NoMedium | P12P6 | L1L2 |
Automated Detection
Automated detection is not feasible in the fully general case. However, an approach similar to Design Fragments [Fairbanks 2007] could assist both programmers and static analysis tools.
...