Static analyzer Svace for finding defects in a source program code

被引:15
|
作者
Ivannikov, V. P. [1 ]
Belevantsev, A. A. [1 ]
Borodin, A. E. [1 ]
Ignatiev, V. N. [1 ]
Zhurikhin, D. M. [1 ]
Avetisyan, A. I. [1 ]
机构
[1] Russian Acad Sci, Inst Syst Programming, Moscow 109004, Russia
来源
PROGRAMMING AND COMPUTER SOFTWARE | 2014年 / 40卷 / 05期
关键词
static analysis; data-flow analysis; vulnerabilities; interprocedural analysis; annotation-based analysis;
D O I
10.1134/S0361768814050041
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
This paper describes Svace, a tool for static program analysis developed at the Institute for Systems Programming, Russian Academy of Sciences. This tool allows one to find defects and potential vulnerabilities in the source program code written in C/C++ languages. The main features of the tool are simplicity of use, wide variety of supported types of warnings, scalability up to programs of millions of code lines, and acceptable quality of analysis (30-80% of true positive warnings).
引用
收藏
页码:265 / 275
页数:11
相关论文
共 50 条
  • [31] A Proposal for Source Code Assessment Through Static Analysis
    de Souza, Ricardo Lemos
    Ferreira, Fabiana Zaffalon
    Botelho, Silvia da Silva
    2020 IEEE FRONTIERS IN EDUCATION CONFERENCE (FIE 2020), 2020,
  • [32] An Effective Visual System for Static Analysis of Source Code
    Wan, Ying
    Tan, Chuanqi
    Wang, Zhigang
    Wang, Guoqiang
    Hong, Xiaojin
    MATERIALS SCIENCE AND INFORMATION TECHNOLOGY, PTS 1-8, 2012, 433-440 : 5453 - +
  • [33] Static analysis of source code written by novice programmers
    Delev, Tomche
    Gjorgjevikj, Dejan
    PROCEEDINGS OF 2017 IEEE GLOBAL ENGINEERING EDUCATION CONFERENCE (EDUCON2017), 2017, : 824 - 830
  • [34] Clustering Support for Static Concept Location in Source Code
    Scanniello, Giuseppe
    Marcus, Andrian
    2011 IEEE 19TH INTERNATIONAL CONFERENCE ON PROGRAM COMPREHENSION (ICPC), 2011, : 1 - 10
  • [35] Is Static Analysis Able to Identify Unnecessary Source Code?
    Haas, Roman
    Niedermayr, Rainer
    Roehm, Tobias
    Apel, Sven
    ACM TRANSACTIONS ON SOFTWARE ENGINEERING AND METHODOLOGY, 2020, 29 (01)
  • [36] On Development of a Framework for Massive Source Code Analysis Using Static Code Analyzers
    Chistyakov, Alexander
    Pripadchev, Artem
    Radchenko, Irina
    CEE-SECR'17: PROCEEDINGS OF THE 13TH CENTRAL & EASTERN EUROPEAN SOFTWARE ENGINEERING CONFERENCE IN RUSSIA, 2017,
  • [37] Source code and task graphs in program optimization
    Löwe, W
    Zimmermann, W
    Dickert, S
    Eisenbiegler, J
    HIGH-PERFORMANCE COMPUTING AND NETWORKING, 2001, 2110 : 273 - 282
  • [38] Modeling source code in bimodal for program comprehension
    Wen D.
    Zhang X.
    Diao Y.
    Zhao Z.
    Jiang H.
    Lin H.
    Neural Computing and Applications, 2024, 36 (22) : 13815 - 13832
  • [39] Tool demonstration: Finding duplicated code using program dependences
    Komondoor, R
    Horwitz, S
    PROGRAMMING LANGUAGES AND SYSTEMS, PROCEEDINGS, 2001, 2028 : 383 - 386
  • [40] ConfMapper: Automated Variable Finding for Configuration Items in Source Code
    Zhou, Shulin
    Liu, Xiaodong
    Li, Shanshan
    Dong, Wei
    Liao, Xiangke
    Xiong, Yun
    2016 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY AND SECURITY COMPANION (QRS-C 2016), 2016, : 228 - 235
12345