Static analysis refers to the software tools (or their use) to analyze application code for arbitrary properties, such as errors (uninitialized variables, possible SQL injection-attack, is this code-dead, is there duplicate code, can an argument be null), or structure (what is the call graph for ...
0
votes
0answers
6 views
Actionscript 3 static analyzer with @NotNull/@Nullable support
I would like to use static analysis to prevent "TypeError: Error #1009: Cannot access a property or method of a null object reference".
As far as I know there is a static analyzers for Java that use ...
0
votes
0answers
20 views
How to get FxCop working with Sonar for a C# solution?
I am currently trying to use FxCop to analyze the assemblies generated by my solution within Sonar and am getting the following message when Sonar calls FxCop to scan each project:
INFO No assembly ...
5
votes
1answer
90 views
Complexity of IDE error detection and auto-completion dependent upon language syntax?
Are fewer checks/less rigorous code analysis required to provide development environment error feedback and auto completion for programming languages that are composed largely of human-readable ...
1
vote
1answer
53 views
“continue” and “break” for static analysis [closed]
I know there have been a number of discussions of whether break and continue should be considered harmful generally (with the bottom line being - more or less - that it depends; in some cases they ...
7
votes
3answers
190 views
Is there an alternative to PVS-Studio?
My employer is currently contemplating buying licenses for PVS-Studio to help us find potential defects in our code base. I'd like to find an alternative that conforms to the following before we ...
1
vote
3answers
63 views
Tool to detect C++ template issues
I recently spent some time hunting down a typo in my C++ templates. g++ did not complain about the typo, so I was wondering if there is a tool which can check for this type of problem in the future?
...
0
votes
0answers
27 views
CheckStyle Custom Check — Retrieve All Parameter Names
I'm attempting to retrieve all parameter names in all methods found in a given source file using CheckStyle. Here is the relevant code:
public int[] getDefaultTokens()
{
return new int[] { ...
13
votes
2answers
151 views
Typesafe varargs in C with gcc
Many times I want a function to receive a variable number of arguments, terminated by NULL, for instance
#define push(stack_t stack, ...) _push(__VARARG__, NULL);
func _push(stack_t stack, char *s, ...
2
votes
1answer
58 views
How to access file given to cilly in my CIL module
I have added a new feature to CIL(C Intermediate Language). I am able to execute my new module using
$cilly --dotestmodule --save-temps -D HAPPY_MOOD -o test test.c
Now, in my testmodule, I want to ...
0
votes
2answers
38 views
Static Analyzer - Memory Leak
In Xcode while releasing the object in dealloc method by like [self.object release] this line is shown as memory leak using static code analyzer but it not showing as leak while running instruments.
...
1
vote
1answer
59 views
Which static analysis tool to use for scanning data flow from one method to another?
Say there are two methods in my library:
void com.somepackage.SomeClass.someSink(String s)
and
int com.someotherpackage.SomeOtherClass.someSource(int i)
The first method is used as a data sink, ...
7
votes
2answers
98 views
How to analyse a Java source code that has errors
I'm currently writing a program to analyse Java source code for constructs such as a function/method of a certain name, return type and parameters, eg. I could test to see if there is a function with ...
7
votes
3answers
162 views
Are there convenient tools to automatically check C++ coding conventions beyond style checks?
Are there good tools to automatically check C++ projects for coding conventions like e.g.:
all thrown objects have to be classes derived from std::exception (i.e. throw 42; or throw "runtime error"; ...
1
vote
1answer
69 views
how to make scan-build(clang) work together with prebuilt android gcc?
Im trying to carry out static source code analysis for my android native project written in C/C++ using scan-build.
I tried the instructoins on this page(http://clang.llvm.org/get_started.html#build) ...
0
votes
2answers
71 views
static analyzer [closed]
In advance I apologize for my English. I know it is not enough and the google translater help me to write this question. In general I have this problem: I have to write a static code analyzer but I ...