Open-source static code analysis tools for C++
Possible Duplicate: What open source C++ static analysis tools are available? Which open-source static C++ (not just C) code analysis tools are most suitable for porting code to 64-bit platforms? ...
Possible Duplicate: What open source C++ static analysis tools are available? Which open-source static C++ (not just C) code analysis tools are most suitable for porting code to 64-bit platforms? ...
What's the best tool (commercial/open source) you've used for dynamic review/memory analysis of a C++ application? EDIT: removed 'static' as there is already a great question on this topic (thanks Iulian!) ...
I have a method that starts like this: public static UnboundTag ResolveTag(Type bindingType, string name, string address) { Contract.Requires(bindingType != null); var tags = GetUnboundTagsRecursively(bindingType).ToArray(); The contract for the implementation of GetUnboundTagsRecursively (implemented in the s...
Okay, I have yet another Code Contracts question. I have a contract on an interface method that looks like this (other methods omitted for clarity): [ContractClassFor(typeof(IUnboundTagGroup))] public abstract class ContractForIUnboundTagGroup : IUnboundTagGroup { public IUnboundTagGroup[] GetAllGroups() { Contract.Ensu...
I'm working on an analysis for Java programs that requires side-effect information about method calls. For standard library classes, I would like to compile a list of methods with read-only parameters. That is, methods that don't modify their arguments, or anything reachable from their arguments. I can infer a lot from the javadocs, b...
I help maintain and build on a fairly large Swing GUI, with a lot of complex interaction. Often I find myself fixing bugs that are the result of things getting into odd states due to some race condition somewhere else in the code. As the code base gets large, I've found it's gotten less consistent about specifying via documentation whi...
I'm trying to run splint on a C source that includes complex.h from the standard C library to support complex arithmetic. Unfortunately, splint fails with the following error. Splint 3.1.2 --- 03 May 2009 /usr/include/bits/cmathcalls.h:54:31: Parse Error: Non-function declaration: _Complex : extern double. (For help on...
This is an object I made to do some flash cards. The first method (I left out the main part) generates a NSMutabaleArray of Card objects with the passed in operator and works fine. The second method, "drawFromDeck" gets called on a Deck object from my view controller and also works fine, but the Static Analyzer says I may be leaking an...
A lot of languages (perhaps all of them) are designed to make writing programs easier. They all have different domains, and aim to simplify developing programs in these domains (C makes developing low-level programs easier, Java makes developing complex business logic easier, et al.). Perhaps other purposes are sacrificed in sake of writ...
Original Question: Given a method I would like to determine if an object returned is created within the execution of that method. What sort of static analysis can or should I use? Reworked Questions: Given a method I would like to determine if an object created in that method may be returned by that method. So, if I go through and add a...
Is there a way to do a Build and Analyze like in Xcode using xcodebuild? I'm using Xcode 3.2.2 ...
Hi all, The code below is from SAMATE Reference Dataset. I used it to test a static analysis tool. As you can see the code should prevent SQL-Injection both by using a sanitization method as well as using a prepared statement. Since SCA tools cannot know custom santitzation methods, the will not detect that the allowed method is used t...
I've noticed a pattern that can make refactoring MVC2 apps difficult. When you change the name of an argument for an action you must update the values everywhere that action is used. For example, public ActionResult List(string p) in the view <%= Html.ActionLink("List", "Directory", new { p = "somePath" }, null) %> What if I want t...
I'm using ReSharper 5.0, and am wondering how its code analysis function knows to higlight the following assemblies == null with the comment "Expression is always false". var directory = new DirectoryInfo("somedir"); FileInfo[] assemblies = directory.GetFiles("*.dll"); if (assemblies == null <<--- this is highlighted with "Expression i...
I'm looking for .NET static code analysis tools that can detect things like unit tests without an assert, too many asserts in one test, and other anomalies. ...
Wesner Moise used to write about a static analysis tool called nStatic for .NET which looked really exciting. This was a few years and nothing has been published since. Does anyone know what's happened to the tool, or in fact, Wesner himself?! I hope he's OK, his last post about nStatic development explained that he'd had some health ...
Hi, Can some one provide me with a list of leading binary research tools for Windows OS and windows applications? I found BinScope from microsoft itself but was wondering if there are any other better tools around? Thanks, Omer ...
I'd like to extend the 2010 static code analysis metrics (mostly fix it so the rollup is max instead of sum). Where is the extensibility point? Is it an MEF component somewhere? ...
Here are two methods that return a dictionary of my custom four-propery objects. They make arrays of strings, floats and BOOLs to put in the Chemical objects, then build a dictionary from the arrays. I'm new enough to the whole memory management game that I'm not always sure when I own something and when to release it. I'm making all ...
This is a cppcheck warning message. Variable 'BUFFER_INFO' hides typedef with same name The BUFFER_INFO is defined as following. typedef struct tagBufferInfo { CRITICAL_SECTION cs; Buffer* pBuffer1; Buffer* pBuffer2; Buffer* pLoggingBuffer; Buffer* pSendingBuffer; }BUFFER_INFO, *PBUFFER_INFO; And I wrote, PBUFF...