Recently, a friend's company wants to find someone to develop a futures trading system suitable for his company, but I am afraid that people may put some backdoor code in the Program (for fear that people may steal company's confidential files, accounts, funds, etc.), so I would like to ask a team to review the code before the program is put into use, check whether the system contains such code.
Code Review: I checked the code review information. The main work is as follows:
1: Check whether the developer code is standard.
2: Check whether modules made by specific developers affect other modules.
3: During software upgrade, check whether the modified or added code affects other parts.
I did not mention how backdoor code is reviewed in code review in all materials and cases. Do you have any idea about how to review backdoor code in the program? Is there any existing review software? Or can I only perform manual review?
In addition, this futures trading system is developed in the vs2010 environment using the C ++ language.
Source: http://www.douban.com/note/443843464/
Discuss code review issues