Static analyzer Svace for finding defects in a source program code

被引：15

作者：

Ivannikov, V. P. ^{[1
]}

Belevantsev, A. A. ^{[1
]}

Borodin, A. E. ^{[1
]}

Ignatiev, V. N. ^{[1
]}

Zhurikhin, D. M. ^{[1
]}

Avetisyan, A. I. ^{[1
]}

机构：

[1] Russian Acad Sci, Inst Syst Programming, Moscow 109004, Russia

来源：

PROGRAMMING AND COMPUTER SOFTWARE | 2014年 / 40卷 / 05期

关键词：

static analysis; data-flow analysis; vulnerabilities; interprocedural analysis; annotation-based analysis;

D O I：

10.1134/S0361768814050041

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

This paper describes Svace, a tool for static program analysis developed at the Institute for Systems Programming, Russian Academy of Sciences. This tool allows one to find defects and potential vulnerabilities in the source program code written in C/C++ languages. The main features of the tool are simplicity of use, wide variety of supported types of warnings, scalability up to programs of millions of code lines, and acceptable quality of analysis (30-80% of true positive warnings).

引用

页码：265 / 275

页数：11

共 50 条

[41] Extending K-scope Fortran Source Code Analyzer with Visualization of Performance Profiling Data and Remote Parsing of Source Code
Terai, Masaaki
Bryzgalov, Peter
Maeda, Toshiyuki
Minami, Kazuo
2014 IEEE INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING AND COMMUNICATIONS, 2014 IEEE 6TH INTL SYMP ON CYBERSPACE SAFETY AND SECURITY, 2014 IEEE 11TH INTL CONF ON EMBEDDED SOFTWARE AND SYST (HPCC,CSS,ICESS), 2014, : 866 - 873
[42] Third-party Source Code Compliance using Early Static Code Analysis
Takhma, Youness
Rachid, Tajjeeddine
Harroud, Hamid
Abid, Mohamed Riduan
Assem, Nasser
PROCEEDINGS OF THE 2015 INTERNATIONAL CONFERENCE ON COLLABORATION TECHNOLOGIES AND SYSTEMS, 2015, : 132 - 139
[43] Code Analysis with Static Application Security Testing for Python Program
Li Ma
Huihong Yang
Jianxiong Xu
Zexian Yang
Qidi Lao
Dong Yuan
Journal of Signal Processing Systems, 2022, 94 : 1169 - 1182
[44] JxPlatform: A Tool Platform for Static Analysis of Java Source Code
Maruyama, Katsuhisa
Computer Software, 2024, 41 (04) : 28 - 48
[45] SCL: Static enforcement and exploration of developer intent in source code
Hou, Daqing
29TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: ICSE 2007 COMPANION VOLUME, PROCEEDINGS, 2007, : 57 - +
[46] Poster: Recommending Unnecessary Source Code Based on Static Analysis
Haas, Roman
Niedermayr, Rainer
Roehm, Tobias
Apel, Sven
2019 IEEE/ACM 41ST INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: COMPANION PROCEEDINGS (ICSE-COMPANION 2019), 2019, : 274 - 275
[47] Enhancing Source Code Representations for Deep Learning with Static Analysis
Guan, Xueting
Treude, Christoph
PROCEEDINGS 2024 32ND IEEE/ACM INTERNATIONAL CONFERENCE ON PROGRAM COMPREHENSION, ICPC 2024, 2024, : 64 - 68
[48] Source Code Analysis for Static Prediction of Dynamic Memory Usage
Kim, Sangwho
Ryou, Jaecheol
2019 INTERNATIONAL CONFERENCE ON PLATFORM TECHNOLOGY AND SERVICE (PLATCON), 2019, : 46 - 49
[49] A Static Analyzer for Detecting Tensor Shape Errors in Deep Neural Network Training Code
Jhoo, Ho Young
Kim, Sehoon
Song, Woosung
Park, Kyuyeon
Lee, DongKwon
Yi, Kwangkeun
2022 ACM/IEEE 44TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: COMPANION PROCEEDINGS (ICSE-COMPANION 2022), 2022, : 337 - 338
[50] Towards Summarizing Program Statements in Source Code Search
Marin, Victor J.
Bansal, Iti
Rivero, Carlos R.
PROCEEDINGS OF THE 35TH ANNUAL ACM SYMPOSIUM ON APPLIED COMPUTING (SAC'20), 2020, : 118 - 120

← 1 2 3 4 5 →