This blog was created by Arafat Tanin, Software Security Engineer, OpenRefactory and edited by Charlie Bedard. Introduction In the enchanting realm of Java, a powerful sorcery, known as serialization, enables objects to transcend their earthly forms and be reborn as byte streams. During my recent days working as a part of a team that is …
This blog was created by Arafat Tanin, Software Security Engineer, OpenRefactory and edited by Charlie Bedard. When working with Java and its extensive standard library, you may often find yourself dealing with collections like HashSet and HashMap. These collections rely on the equals(Object) and hashCode() methods of the objects they store. But do you know why these methods …
This blog was created by Ataf Fazledin Ahamed, Software Security Engineer, OpenRefactory and edited by Charlie Bedard. Story For the last month and a half, I have been looking at the source code of some of the most popular open source software projects as a part of my job. The task sounds simple. We …
Munawar Hafiz, CEO of OpenRefactory, writes this blog post. ChatGPT’s bug finding capability is limited to small code snippets, less than a hundred lines of code. When it finds bugs correctly, its explanation of the bug is better than all other static analysis tools in the market. ChatGPT makes mistakes in detecting bugs and suggesting …
It’s easy to overlook the occasional software bugs and glitches, but some of the most negligible software errors could result in substantial financial costs if left unfixed. Case in point, a software bug in self-driving cars made them automatically brake after falsely detecting emergencies. This caused close to 12,000 units to get recalled in 2021 …
The story of iCR finding the nastiest injection bugs Munawar Hafiz, CEO of OpenRefactory writes this blog post. I was scheduled to give a talk at JavaOne on Intelligent Code Repair (iCR) being able to find the LDAP injection vulnerability aka Log4Shell in the vulnerable Log4J code. I have given a short version of that …
The vulnerabilities are coming!
The vulnerabilities are coming! Read More »
