Static analyzer Svace for finding defects in a source program code

被引:15
|
作者
Ivannikov, V. P. [1 ]
Belevantsev, A. A. [1 ]
Borodin, A. E. [1 ]
Ignatiev, V. N. [1 ]
Zhurikhin, D. M. [1 ]
Avetisyan, A. I. [1 ]
机构
[1] Russian Acad Sci, Inst Syst Programming, Moscow 109004, Russia
来源
PROGRAMMING AND COMPUTER SOFTWARE | 2014年 / 40卷 / 05期
关键词
static analysis; data-flow analysis; vulnerabilities; interprocedural analysis; annotation-based analysis;
D O I
10.1134/S0361768814050041
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
This paper describes Svace, a tool for static program analysis developed at the Institute for Systems Programming, Russian Academy of Sciences. This tool allows one to find defects and potential vulnerabilities in the source program code written in C/C++ languages. The main features of the tool are simplicity of use, wide variety of supported types of warnings, scalability up to programs of millions of code lines, and acceptable quality of analysis (30-80% of true positive warnings).
引用
收藏
页码:265 / 275
页数:11
相关论文
共 50 条
  • [21] Study of defects in a program code in Python']Python
    Bronshteyn, I. E.
    PROGRAMMING AND COMPUTER SOFTWARE, 2013, 39 (06) : 279 - 284
  • [22] Integration of Static and Dynamic Code Analysis for Understanding Legacy Source Code
    Kirchmayr, Wilhelm
    Moser, Michael
    Nocke, Ludwig
    Pichler, Josef
    Tober, Rudolf
    32ND IEEE INTERNATIONAL CONFERENCE ON SOFTWARE MAINTENANCE AND EVOLUTION (ICSME 2016), 2016, : 543 - 552
  • [23] Practical Emulation of Software Defects in Source Code
    Pereira, Goncalo
    Barbosa, Raul
    Madeira, Henrique
    2016 12TH EUROPEAN DEPENDABLE COMPUTING CONFERENCE (EDCC 2016), 2016, : 130 - 140
  • [24] Source Code Metrics for Software Defects Prediction
    Rebro, Dominik Arne
    Rossi, Bruno
    Chren, Stanislav
    38TH ANNUAL ACM SYMPOSIUM ON APPLIED COMPUTING, SAC 2023, 2023, : 1469 - 1472
  • [25] Automatic Grader for Programming Assignment Using Source Code Analyzer
    Yulianto, Susilo Veri
    Liem, Inggriani
    2014 International Conference on Data and Software Engineering (ICODSE), 2014,
  • [26] RE-ANALYZER - FROM SOURCE CODE TO STRUCTURED ANALYSIS
    OHARE, AB
    TROAN, EW
    IBM SYSTEMS JOURNAL, 1994, 33 (01) : 110 - 130
  • [27] A SOURCE CODE AND NON-SOURCE CODE PLAGIARISM DETECTION RESEARCH FOR C PROGRAM
    Zhong Mei
    Li Yanchen
    Liu Dongsheng
    2011 3RD INTERNATIONAL CONFERENCE ON COMPUTER TECHNOLOGY AND DEVELOPMENT (ICCTD 2011), VOL 3, 2012, : 543 - 547
  • [28] IMGDroid: A Static Analyzer for Detecting Image Loading Defects in Android Applications
    Song, Wei
    Han, Mengqi
    Huang, Jeff
    2021 IEEE/ACM 43RD INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: COMPANION PROCEEDINGS (ICSE-COMPANION 2021), 2021, : 164 - 165
  • [29] Hierarchical Static Test Method in C Source Code
    Xu, Lulu
    Zhang, Liping
    2013 SIXTH INTERNATIONAL SYMPOSIUM ON COMPUTATIONAL INTELLIGENCE AND DESIGN (ISCID), VOL 2, 2013, : 382 - 385
  • [30] From Source Code Analysis to Static Software Testing
    Wang Wei
    Han Lilong
    Meng Yunxiu
    Bai He
    PROCEEDINGS OF 2014 IEEE WORKSHOP ON ADVANCED RESEARCH AND TECHNOLOGY IN INDUSTRY APPLICATIONS (WARTIA), 2014, : 1280 - 1283
12345