Eliminating Vulnerabilities in Third-Party Code with Binary Analysis
Over the last few years, third-party code has moved from a minor factor in software development to a dominant force in the industry. According to VDC Research, the majority of software that runs on embedded devices is now developed by external sources, as opposed to in-house development teams. As a result of this outsourcing, the behaviors of significant parts of applications are actually hidden from most of today's popular code analysis tools. This paper describes how to use binary analysis to inspect your third-party code for security vulnerabilities and other errors.