Fast analysis of source code in C and C plus

被引:0
|
作者
Savitskii, V. O. [1 ]
Sidorov, D. V. [1 ]
机构
[1] Russian Acad Sci, Inst Syst Programming, Moscow 109004, Russia
来源
PROGRAMMING AND COMPUTER SOFTWARE | 2013年 / 39卷 / 01期
关键词
Source Code; Null Pointer; Open Source Project; Syntax Tree; Incremental Analysis;
D O I
10.1134/S0361768813010064
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Static analysis is a popular tool for detecting the vulnerabilities that cannot be found by means of ordinary testing. The main problem in the development of static analyzers is their low speed. Methods for accelerating such analyzers are described, which include incremental analysis, lazy analysis, and header file caching. These methods make it possible to considerably accelerate the detection of defects and to integrate the static analysis tools in the development environment. As a result, defects in a file edited in the Visual Studio development environment can be detected in 0.5 s or faster, which means that they can be practically detected after each keystroke. Therefore, critical vulnerabilities can be detected and corrected at the stage of coding.
引用
收藏
页码:49 / 55
页数:7
相关论文
共 50 条
  • [1] Analysis and Code Model Extraction for C/C plus plus Source Code
    Wagner, Christian
    Margaria, Tiziana
    Pagendarm, Hans-Georg
    [J]. 2009 14TH IEEE INTERNATIONAL CONFERENCE ON ENGINEERING OF COMPLEX COMPUTER SYSTEMS (ICECCS), 2009, : 110 - +
  • [2] Fast analysis of source code in C and C++
    V. O. Savitskii
    D. V. Sidorov
    [J]. Programming and Computer Software, 2013, 39 : 49 - 55
  • [3] Static Analysis of Functors' Mathematical Properties in C plus plus Source Code
    Babati, Bence
    Pataki, Norbert
    [J]. INTERNATIONAL CONFERENCE ON NUMERICAL ANALYSIS AND APPLIED MATHEMATICS (ICNAAM-2018), 2019, 2116
  • [4] An analysis of programming language statement frequency in C, C plus plus , and Java']Java source code
    Zhu, Xiaoyan
    Whitehead, E. James
    Sadowski, Caitlin
    Song, Qinbao
    [J]. SOFTWARE-PRACTICE & EXPERIENCE, 2015, 45 (11): : 1479 - 1495
  • [5] A Comparison of Open-Source Static Analysis Tools for Vulnerability Detection in C/C plus plus Code
    Arusoaie, Andrei
    Ciobaca, Stefan
    Craciun, Vlad
    Gavrilut, Dragos
    Lucanu, Dorel
    [J]. 2017 19TH INTERNATIONAL SYMPOSIUM ON SYMBOLIC AND NUMERIC ALGORITHMS FOR SCIENTIFIC COMPUTING (SYNASC 2017), 2017, : 161 - 168
  • [6] Enforcing Techniques and Transformation of C/C plus plus Source Code to Heterogeneous Hardware
    Gyimesi, Gabor
    Ban, Denes
    Siket, Istvan
    Ferenc, Rudolf
    Brugnoni, Silvano
    Corbat, Thomas
    Sommerlad, Peter
    Suter, Toni
    [J]. 2016 INT IEEE CONFERENCES ON UBIQUITOUS INTELLIGENCE & COMPUTING, ADVANCED & TRUSTED COMPUTING, SCALABLE COMPUTING AND COMMUNICATIONS, CLOUD AND BIG DATA COMPUTING, INTERNET OF PEOPLE, AND SMART WORLD CONGRESS (UIC/ATC/SCALCOM/CBDCOM/IOP/SMARTWORLD), 2016, : 1173 - 1180
  • [7] Vulnerability Detection in C/C plus plus Source Code With Graph Representation Learning
    Wu, Yuelong
    Lu, Jintian
    Zhang, Yunyi
    Jin, Shuyuan
    [J]. 2021 IEEE 11TH ANNUAL COMPUTING AND COMMUNICATION WORKSHOP AND CONFERENCE (CCWC), 2021, : 1519 - 1524
  • [8] Cloud-Based Source Code Security and Vulnerabilities Analysis Tool for C/C plus plus Software Systems
    Crifasi, Elliott
    Pike, Sean
    Stuedemann, Zechariah
    Alnaeli, Saleh M.
    Altahat, Zaid
    [J]. 2018 IEEE INTERNATIONAL CONFERENCE ON ELECTRO/INFORMATION TECHNOLOGY (EIT), 2018, : 651 - 654
  • [9] Implementation of an Obfuscation Tool for C/C plus plus Source Code Protection on the XScale Architecture
    Cho, Seongje
    Chang, Hyeyoung
    Cho, Yookun
    [J]. SOFTWARE TECHNOLOGIES FOR EMBEDDED AND UBIQUITOUS SYSTEMS, PROCEEDINGS, 2008, 5287 : 406 - +
  • [10] ReSYCLator: Transforming CUDA C plus plus source code into SYCL
    Stauber, Tobias
    Sommerlad, Peter
    [J]. PROCEEDINGS OF THE INTERNATIONAL WORKSHOP ON OPENCL (IWOCL'19), 2019,
12345