A development team is testing an in-house-developed application for bugs. During the test, the application crashes several times due to null pointer exceptions.
Which of the following tools, if integrated into an IDE during coding, would identify these bugs routinely?
A. Issue tracker
B. Static code analyzer
C. Source code repository
D. Fuzzing utility
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
D – Fuzzing utility.
NullPointerExpection can happen when code variable has no value assigned, thus null.
Test for nullpointer by dividing it by 0. Enter empty string. Enter ridiculously out of bound value.
Fuzzing can be incorporated into every stage of the SDLC (Software Development Life Cycle). Fuzzer can be integrated into IDE (Integrated Development Environment.) What good is the program or Fuzzing if it takes 6 month to develop and finally get the finished product to test on Fuzzer?
“Static code analyzer” should always be done, but reading 1,000 lines of code by human is quite a challenge. Reading it and make sense of it. Know the interoperability and predicting result. If you are the one who code it, you have a good chance of catching nullpointer. But if it’s someone else’s code, it will be very challenging. And it’s no where as good as actually testing the code for result.
You guys are right. I misread the question. It should be integrated to IDE, so we’re talking about static analysis. Fuzzing would be useful to find memory issues in a dynamic analysis. B is the correct answer.
B
Null pointer is a reference to a location in memory where there is a null value. Not on a fuzzer’s radar.
B.
D would be used to actually test the application and would not necessarily identify the bugs during coding
D. Fuzzing utility