Abstract: A system and method for automated management of a multi-component software installation. The software product comprises multiple components that can operate independently, but which may operate better (e.g., with more or different functionality) if able to call another component (a “supplying” component). A persistent data store records the installation status of the components (e.g., as static Boolean values). Each installed component that depends on another component (i.e., can benefit from calling an element of the other component) is coded to compile conditionally, based on whether the supplying component is installed. If installed, the supplying component can be linked at compile time; if the supplying component is not installed, the installed component compiles and runs without the benefit of the supplying component.

Abstract: One embodiment of the present invention provides a system that facilitates performing conditional compilation. The system operates by analyzing programming language source code prior to compilation to locate a preprocessing directive that specifies a condition to be evaluated, and also identifies source code to be conditionally included during compilation of the source code. Next, the system generates evaluation source code that evaluates the condition. The system then evaluates the condition by evaluating ordinary programming language and environmental variables within the evaluation source code. Note that the run-time variables are also available at run-time during execution of a compiled version of the original source code. Next, the system conditionally includes source code associated with a result of the evaluation and compiles the revised source code.

Abstract: A vulnerability analysis tool is provided for identifying SQL injection threats. The tool is able to take advantage of the fact that the code for many database applications is located in modules stored within a database. The tool constructs a data flow graph based on all, or a specified subset, of the application code within the database. The tool identifies, within the data flow graph, the nodes that represent values used to construct SQL commands. Paths to those nodes are analyzed to determine whether any SQL injection threats exist.

Abstract: A vulnerability analysis tool is provided for identifying SQL injection threats. The tool is able to take advantage of the fact that the code for many database applications is located in modules stored within a database. The tool constructs a data flow graph based on all, or a specified subset, of the application code within the database. The tool identifies, within the data flow graph, the nodes that represent values used to construct SQL commands. Paths to those nodes are analyzed to determine whether any SQL injection threats exist.

Abstract: A system and method for automated management of a multi-component software installation. The software product comprises multiple components that can operate independently, but which may operate better (e.g., with more or different functionality) if able to call another component (a “supplying” component). A persistent data store records the installation status of the components (e.g., as static Boolean values). Each installed component that depends on another component (i.e., can benefit from calling an element of the other component) is coded to compile conditionally, based on whether the supplying component is installed. If installed, the supplying component can be linked at compile time; if the supplying component is not installed, the installed component compiles and runs without the benefit of the supplying component.

Abstract: One embodiment of the present invention provides a system that facilitates performing conditional compilation. The system operates by analyzing programming language source code prior to compilation to locate a preprocessing directive that specifies a condition to be evaluated, and also identifies source code to be conditionally included during compilation of the source code. Next, the system generates evaluation source code that evaluates the condition. The system then evaluates the condition by evaluating ordinary programming language and environmental variables within the evaluation source code. Note that the run-time variables are also available at run-time during execution of a compiled version of the original source code. Next, the system conditionally includes source code associated with a result of the evaluation and compiles the revised source code.

Abstract: A vulnerability analysis tool is provided for identifying SQL injection threats. The tool is able to take advantage of the fact that the code for many database applications is located in modules stored within a database. The tool constructs a data flow graph based on all, or a specified subset, of the application code within the database. The tool identifies, within the data flow graph, the nodes that represent values used to construct SQL commands. Paths to those nodes are analyzed to determine whether any SQL injection threats exist.