Code Review Application : Simplifying code review through data flow visualization

Sammanfattning: From a security standpoint, manual code review is widely regarded as a dependable practice, particularly in systems with heightened security needs. However, it is also a time-consuming and laborious task that requires careful consideration. To address this issue, this project aims to explore the feasibility of an application that would present graphical presentations of data flow, which would simplify the manual review process. Input data is an excellent starting point when searching for security vulnerabilities in a program. For that reason, input data traversal is of significant interest when conducting code review with respect to security. The application will track the input data flow through function calls in the program to facilitate the task of identifying which functions require closer examination. The development of such anapplication is a significant undertaking, and therefore, the decision is made to limit the scope of the project to a proof of concept that will function on smaller programs.The findings indicate that the developed application possesses the capability to perform input data backtracking across function calls. However, it is important to note that a functional forward tracking algorithm has not been integrated into the application at present. Despite this limitation, the feasibility of fully realizing the project is perceived to hold promising potential within the code review market.