static-analysis

What is wrong with an inner class not using an outer class in Java?

I'm using a static analyzer in Eclipse to examine my code. One class, foo, has an inner class, bar. I am getting the following error: JAVA0043 Inner class 'bar' does not use outer class 'foo' Why is this an error? As long as the outer class uses the inner class isn't that sufficient to make this information hiding useful and correc...

Catching overflow of left shift of constant 1 using compiler warning?

We're writing code inside the Linux kernel so, try as I might, I wasn't able to get PC-Lint/Flexelint working on Linux kernel code. Just too many built-in symbols etc. But that's a side issue. We have any number of compilers, starting with gcc, but others also. Their warnings options have been getting stronger over time, to where they ...

Fortify Source Analyzer and Apache Lenya

Hey everyone! First off, any help is much appreciated! I am trying to use Fortify Source Code Analyzer for a research project at my school to test the security for open source Java web applications. I am currently working on Apache Lenya. I am working with the last stable release (Lenya v2.0.2). Inside the root directory there is a fil...

Code quality and analysis tools for C#? How do you analyze your code?

I am a big NDepend fan and so I read quite a bit from Patrick Smacchia. I was reading a post of his this morning regarding "Where do developers care for Software Quality" in which he looks at the NDepends site log files in Google Analytics to see where people come from to have a look at NDepend. The results are semi-interesting. Howev...

FxCop - CA1034 error - WHY?

I am running static code analysis with FxCop 1.36 and I keep getting warning CA1034: NestedTypesShouldNotBeVisible. I would understand if the parent class were declared as internal or private, but it is public. Why would it be bad for TimerReset to be declared public? Am I missing something, or is this something that can be ignored?...

Static Analysis Tools for Database Design

I'm looking for Static Analysis Tools for Database Tier. I got some answers for reviewing PLSQL, TSQL code, i'm wondering what are the options available for reviewing database design for naming conventions of tables and their columns, foreign key constraints and triggers etc. There is MSDN article which talks about ApexSQL Enforce, but ...

Developing a static source code analysis tool for proprietary API?

There is a proprietary API that is built on top of C++. So it uses all the features of C++ and then has its own APIs. There are some APIs that function exactly the same as C++ API (like for malloc there is Stralloc), these APIs are provided for performance reasons. Though there are many static code analyzers available for C++, we cannot...

How do I enforce assigning to arguments of methods using FindBugs?

As an alternative to littering my code with thousands of final keywords in front of my parameters, I'm trying to enforce it using FindBugs. It doesn't seem possible to do this, but there should be a way, shouldn't there? Thanks ...

FindBugs and Maven

I would like Maven to generate a FindBugs report where the bugs are grouped by severity, not by file. Then I would be able to focus on the most serious bugs immediately. I have seen similar functionality with the FindBugs plugin for Eclipse. Is this possible with Maven? ...

ASP.NET / C# Equivalent of Microsoft Source Code Analyzer for SQL Injection (MSSCASI_ASP)?

Microsoft Source Code Analyzer for SQL Injection (MSSCASI_ASP) is a static code analyzer for classic ASP VBScript code that can help identify pages that might have a sql injection vulnerability. That tool seems to only support vbscript ("The tool understands only ASP code that is written in VBScript"), and I think it only supports Class...

Should the Code Contracts static checker be able to check arithmetic bound?

(Also posted on the MSDN forum - but that doesn't get much traffic, as far as I can see.) I've been trying to provide an example of Assert and Assume. Here's the code I've got: public static int RollDice(Random rng) { Contract.Ensures(Contract.Result<int>() >= 2 && Contract.Result<int>() <= 12); if (rng ==...

Security static analysis tools

I'm familiar with the typical usages of tools like FindBugs and PMD as they relate to finding sub-optimal code. What I'm not familiar with are the static analysis tools designed specifically for finding security flaws in code. e.g. sql-injection, spoofing, and other security flaws. What kinds of experiences and recommendations do pe...

Custom analysis rules for Microsoft Source Code Analyzer for SQL Injection (MSSCASI_ASP)?

Microsoft Source Code Analyzer for SQL Injection (MSSCASI_ASP) is a static code analyzer for classic ASP VBScript code that can help identify pages that might have a SQL injection vulnerability. It seems like a nice tool, but now that I've found Microsoft Code Analysis Tool for .Net (CAT.NET) -- a static analyzer designed to help find SQ...

How can I supress static code analysis during build?

We have a solution with 15 projects, which all has code analysis enabled. The solution easily takes 60+ seconds to build, which is a very long time when sitting waiting. If I disable code analysis it builds in 10 sesonds. I would love to be able to disable code analysis on an ad-hoc basis. But still I want code analysis when building ...

How to turn off JSLint indentation warnings?

I find that JSLint produces lots of warnings of the form: Expected 'foo' to have an indentation at X instead at Y. The JSLint options documentation describes an indent option that recognizes a numerical value representing the amount of space for each level of indentation. This option allows me to say things like use 2 spaces per level...

How can I make a static analysis call graph for Perl?

I am working on a moderately complex Perl program. As a part of its development, it has to go through modifications and testing. Due to certain environment constraints, running this program frequently is not an option that is easy to exercise. What I want is a static call-graph generator for Perl. It doesn't have to cover every edge ca...

High-level/semantic optimization

I'm writing a compiler, and I'm looking for resources on optimization. I'm compiling to machine code, so anything at runtime is out of the question. What I've been looking for lately is less code optimization and more semantic/high-level optimization. For example: free(malloc(400)); // should be completely optimized away Even if thes...

Is there a tool for extracting all variable, module, and function names from a Perl module file?

My apologies if this is a duplicate; I may not know the proper terms to search for. I am tasked with analyzing a Perl module file (.pm) that is a fragment of a larger application. Is there a tool, app, or script that will simply go through the code and pull out all the variable names, module names, and function calls? Even better would ...

Find where a function (or macro) is called with a given argument

I need to know if it's possible to use a tool like ctags or cscope to find all the usages of a function but filter the results depending on the value of one of its parameters. For example, let's assume we have a function void foo(int a, int b) that is used a thousand times along all the source tree and I need to check if it's being call...

What form of alias analysis does Visual C++ use?

I'm trying to figure out what form of alias analysis is used in Visual C++. Its also known as pointer analysis, mod-ref analysis, points-to analysis or side-effect analysis, and is pretty close to escape analysis or shape analysis (should you have seen those terms bandied about). If anyone knows where MSDN discusses this sort of thing, ...