thepoppingone/sample-eightball

Sample source code containing vulnerabilities to illustrate Fortify usage

Fortify EightBall Sample

This project provides sample source code containing multiple vulnerabilities, including:

• Path Manipulation
• Unreleased Resource: Streams
• J2EE Bad Practices: Leftover Debug Code

Please see the following documents for more information about this EightBall example:

• Build and use the sample program
• Scan the sample program using a local Fortify SCA installation
• Scan the sample program on a Fortify ScanCentral environment
• Scan the sample program using Fortify on Demand (FoD)