Goals of code review

  • Find problems before they hit production
  • Identify vulnerabilities before they get exploited
  • Knowledge transfer from reviewer feedback
  • Save cost by preventing problems
Note: * Similar example as before: access control not set up correctly * Maybe a developer just allowed any access during development and forgot to change it * Always verify that the route requirements for access are correct
Note: * Browsers are starting to block 3rd party cookies, so the img exploit will be mitigated a bit * An attacker can still trick you into clicking a vulnerable link, so CSRF remains * Drupal 8 has some help in the routing system with _csrf_token * Whenever you see a controller performing any data changing actions then there must be a confirmation form or _csrf_token.
Note: * In Drupal 7 routing works differently, scenario is the same
Note: * Same system boundary problem as with SQL injection * This time directly Remote Code Execution on the shell outside PHP * An attacker can mix in instructions