Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...


When having unreachable code it allows programs to be vulnerable to attacks and threat, as discovered "Understanding the Origins of Mobile App Vulnerabilities: A Large-scale Measurement Study of Free and Paid Apps"by  [Watanabe, Akiyama, Kanei, Shioji, Takata, Sun, Ishi, Shibahara, Yagi, Mori, 2017].

Thus when creating new libraries or functions...

  1. Be wary when using and placement of statements such as break, continue, and return, as they're indicators that segments of code are at risk of being unreachable; as stated by "Case-Based Reasoning Research and Development: 24th International Conference" [Goel, Diaz-Agudo, Roth-Berghofer, 2016] .  
    1. Use Structured Programming, explained by [Joyner 2013], to help better the design of code therefore reducing the unnecessary use of break and continue; 

  2. Modularize code as much as possible rather than combining methods/methods/classes/etc. into one.
    1.  [Chou, Chang, Kuo 2011]  explains why this is an issue in their paper; they state ...
      "In order to support design reuse, a circuit may have multiple modes and configurations so that it can be used in different applications. When verifying a specific configuration, a substantial amount of unused code may be discovered because the code may be written for other modes."


  3. Avoiding putting in dead code, such as empty function or placeholders, an issue stated by [Chou, Chang, Kuo 2011]. If dead code is temporarily used as place holder, remove before release of app.

...

DRD10-X. Do not release apps that are debuggableIssues of bugs and discrepency within the code relates to this rule.

Bibliography

[Chou, Chang, Kuo 2011]Hong-Zu Chou, Kai-Hui Chang, Sy-Yen Kuo, Facilitating unreachable code diagnosis and debugging, IEEE Press Piscataway, NJ, USA, 2011
  
  

 

...

[Watanabe, Akiyama, Kanei, Shioji, Takata, Sun, Ishi, Shibahara, Yagi, Mori, 2017]Taukya Watanabe, Mitsuaki Akiyama, Fumihiro Kanei, Eitaro Shioji, Yuta Takata, So Bun, Yuta Ishi, Toshiki Shibahara, Takeshi Yagi, Tatsuya Mori, Understanding the Origins of Mobile App Vulnerabilities: A Large-scale Measurement Study of Free and Paid Apps, IEEE Press Piscataway, NJ, USA, 2017
[Joyner 2013]Ian Joyner, Simply Structured Programming, 2013
[Goel, Diaz-Agudo, Roth-Berghofer, 2016]
Ashok Goel, M Belen Diaz-Agudo, Thomas Roth-Berghofer, Case-Based Reasoning Research and Development: 24th International Conference, ICCBR 2016, Atlanta, GA, USA, 2016