Schrötter, MaxFalk, MaximilianSchnor, BettinaGreubel, AndréStrickroth, SvenStriewe, Michael2023-10-162023-10-162023https://dl.gi.de/handle/20.500.12116/42564The Low-Level programming language C is widely used for Operating Systems, Embedded Systems and other performance critical applications. Since these applications are often security critical, they require secure programming. The C language on the other hand allows novice programmers to write insecure code easily. This makes it especially important to teach secure programming and give students feedback on potential security issues. One critical bug that is often overlooked is the incorrect handling of errors. In this paper, we present an Error Handling Analyzer (EHA) for the CoFee framework. The EHA detects missing error handling and incorrect error handling using the Clang Static Analyzer. We evaluated EHA on 100 student submissions and found that error handling bugs are a common mistake and that EHA can detect more than 80 % of the error handling bugs in these submissions.enAutomated AssessmentContinuous IntegrationContinuous FeedbackSituated LearningSecure ProgrammingText/Conference Paper10.18420/abp2023-1