SlideShare una empresa de Scribd logo

Static Code Analysis and Cppcheck

Z
Zachary Blair

Cppcheck is a free static code analysis tool that finds bugs in C and C++ code without executing the program. It works by tokenizing, simplifying, and checking code for patterns that may indicate bugs. Some checks look for buffer overruns, unused functions, memory leaks, and invalid arguments. Cppcheck is cross-platform, has a GUI and command line interface, and has found hundreds of bugs in open source projects.

Tecnología
1 de 33
Descargar para leer sin conexión
 Static Code Analysis  Survey of Tools  Cppcheck
 Goal: Provide confidence that code is correct just by looking at it (without building or executing it).  Helps us find easy bugs buried in thousands of lines of code (not something people are great at).
 Formal Methods  Code Metrics  Reviews and Inspection
 Formal Methods: ◦ Mathematical! ◦ Require a mathematical model and assertions! ◦ Often require modeling the system as a finite state machine and verifying each state and transition.  Code Metrics  Reviews and Inspection
 Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics  Reviews and Inspection
 Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics: • Identify areas where bugs are likely. • Based on measures of code complexity rooted in graph theory (e.g. Cyclomatic complexity).  Reviews and Inspection
 Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics: Good, but doesn’t directly identify defects.  Reviews and Inspection
 Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics: Good, but doesn’t directly identify defects.  Reviews and Inspection • Just look at the code and try to find suspicious patterns. • Basically what we do when performing code reviews.
 Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics: Good, but doesn’t directly identify defects.  Reviews and Inspection Works pretty well!
 Static Code Analysis  Survey of Tools  Cppcheck
 Three Popular Commercial Tools: ◦ PC-Lint ◦ Klocwork Insight ◦ Coverity Prevent  One Free Software Tool: ◦ Cppcheck
 PC-Lint ◦ Commercial ◦ Works for C code ◦ Often reports many false positives. ◦ Probably the cheapest after Cppcheck (which is free)  Klocwork Insight  Coverity Prevent  Cppcheck
 PC-Lint  Klocwork Insight ◦ Commercial ◦ A spin-out of Nortel Networks ◦ Also includes project management and project visualization capabilities.  Coverity Prevent  Cppcheck
 PC-Lint  Klocworks Insight  Coverity Prevent ◦ Commercial ◦ Identified over 6000 bugs across 53 open-source projects. ◦ Developed from research at Stanford University.  Cppcheck
 PC-Lint  Klocworks Insight  Coverity Prevent  Cppcheck ◦ Open source ◦ Under active development. ◦ Has found > 400 bugs in open-source projects. ◦ Free!
 Static Code Analysis  Survey of Tools  Cppcheck
 Detects bugs in C and C++ source that compilers normally do not warn about!  Cross-platform (Windows, Linux, etc)  Fancy Qt-based GUI client! ◦ Also available in a command-line version  Usable via plugins from various IDEs (but not VS): ◦ Eclipse ◦ Code::Blocks ◦ Hudson, Jenkins
 Packages maintained for FreeBSD, Debian and Ubuntu systems (sudo apt-get install cppcheck)  Used to find bugs in many open-source projects: ◦ Linux Kernel: > 40 bugs found+fixed ◦ VLC Player: > 20 bugs found+fixed ◦ Others: 7-zip, curl, git, etc
 Bounds checking for array overruns  Memory and resource leaks  Unused private class functions  Use of deprecated functions  Wrong # of arguments given to printf or scanf  Switch cases that fall through suspiciously  Dozens of others…
Possible buffer overrun Memory leak: buf Should be “delete[] buf” Resource leak: file
Cppcheck finds many of the issues with that code (but not all)
Buffer overrun Suspicious format specifier for a pointer to a C string (but not necessary a bug)
 Bounds checking for array overruns  Unused private class functions  Use of deprecated functions  Memory and resource leaks  Dozens of others…
Preprocessor Source File Tokenizer Simplifier Results Checks Happy Developer
void foo(char* str) { if (str == 0) printf(str); else printf("Whoa"); } Tokenizer Simplifier void foo ( char * str ) { if ( ! str ) { printf ( str ) ; } else { printf ( "Whoa" ) ; } }
void foo(char* str) { if (str == 0) printf(str); else printf("Whoa"); } Indentation, spacing, NULL-checks and braces are normalized Tokenizer to simplify checks! Simplifier void foo ( char * str ) { if ( ! str ) { printf ( str ) ; } else { printf ( "Whoa" ) ; } }
void foo ( char * str ) { if ( ! str ) { printf ( str ) ; } else { printf ( "Whoa" ) ; } } Results Checks  Each check iterates over the tokens, and reports if it finds a suspicious pattern!  Checks implemented as C functions or XML documents that describe the pattern to look for.  Results categorized as error, warning, style, performance, portability, or informative.
 Cppcheck is a free tool for finding bugs in C++ source code.  It works by parsing the source code, splitting it into tokens and finding suspicious patterns in the tokens.
 Official project page: ◦ http://cppcheck.sourceforge.net/  Official source repository: ◦ https://github.com/danmar/cppc heck
Static Code Analysis and Cppcheck

Recomendados

The Spectre of Meltdowns
The Spectre of MeltdownsThe Spectre of Meltdowns
The Spectre of Meltdowns
Andriy Berestovskyy
 
Building fast interpreters in Rust
Building fast interpreters in RustBuilding fast interpreters in Rust
Building fast interpreters in Rust
Ingvar Stepanyan
 
Booting Android: bootloaders, fastboot and boot images
Booting Android: bootloaders, fastboot and boot imagesBooting Android: bootloaders, fastboot and boot images
Booting Android: bootloaders, fastboot and boot images
Chris Simmonds
 
Qemu Introduction
Qemu IntroductionQemu Introduction
Qemu Introduction
Chiawei Wang
 
Using Splunk for Information Security
Using Splunk for Information SecurityUsing Splunk for Information Security
Using Splunk for Information Security
Splunk
 
Apache HBaseの現在 - 火山と呼ばれたHBaseは今どうなっているのか
Apache HBaseの現在 - 火山と呼ばれたHBaseは今どうなっているのかApache HBaseの現在 - 火山と呼ばれたHBaseは今どうなっているのか
Apache HBaseの現在 - 火山と呼ばれたHBaseは今どうなっているのか
Toshihiro Suzuki
 
Attacker's Perspective of Active Directory
Attacker's Perspective of Active DirectoryAttacker's Perspective of Active Directory
Attacker's Perspective of Active Directory
Sunny Neo
 
Reconnaissance of Virtio: What’s new and how it’s all connected?
Reconnaissance of Virtio: What’s new and how it’s all connected?Reconnaissance of Virtio: What’s new and how it’s all connected?
Reconnaissance of Virtio: What’s new and how it’s all connected?
Samsung Open Source Group
 

Recomendados

The Spectre of Meltdowns
The Spectre of MeltdownsThe Spectre of Meltdowns
The Spectre of Meltdowns
Andriy Berestovskyy
 
Building fast interpreters in Rust
Building fast interpreters in RustBuilding fast interpreters in Rust
Building fast interpreters in Rust
Ingvar Stepanyan
 
Booting Android: bootloaders, fastboot and boot images
Booting Android: bootloaders, fastboot and boot imagesBooting Android: bootloaders, fastboot and boot images
Booting Android: bootloaders, fastboot and boot images
Chris Simmonds
 
Qemu Introduction
Qemu IntroductionQemu Introduction
Qemu Introduction
Chiawei Wang
 
Using Splunk for Information Security
Using Splunk for Information SecurityUsing Splunk for Information Security
Using Splunk for Information Security
Splunk
 
Apache HBaseの現在 - 火山と呼ばれたHBaseは今どうなっているのか
Apache HBaseの現在 - 火山と呼ばれたHBaseは今どうなっているのかApache HBaseの現在 - 火山と呼ばれたHBaseは今どうなっているのか
Apache HBaseの現在 - 火山と呼ばれたHBaseは今どうなっているのか
Toshihiro Suzuki
 
Attacker's Perspective of Active Directory
Attacker's Perspective of Active DirectoryAttacker's Perspective of Active Directory
Attacker's Perspective of Active Directory
Sunny Neo
 
Reconnaissance of Virtio: What’s new and how it’s all connected?
Reconnaissance of Virtio: What’s new and how it’s all connected?Reconnaissance of Virtio: What’s new and how it’s all connected?
Reconnaissance of Virtio: What’s new and how it’s all connected?
Samsung Open Source Group
 
Cloud Monitoring with Prometheus
Cloud Monitoring with PrometheusCloud Monitoring with Prometheus
Cloud Monitoring with Prometheus
QAware GmbH
 
The Tofu Interconnect D for the Post K Supercomputer
The Tofu Interconnect D for the Post K SupercomputerThe Tofu Interconnect D for the Post K Supercomputer
The Tofu Interconnect D for the Post K Supercomputer
inside-BigData.com
 
한컴MDS_Virtual Target Debugging with TRACE32
한컴MDS_Virtual Target Debugging with TRACE32한컴MDS_Virtual Target Debugging with TRACE32
한컴MDS_Virtual Target Debugging with TRACE32
HANCOM MDS
 
Design and Implementation of GCC Register Allocation
Design and Implementation of GCC Register AllocationDesign and Implementation of GCC Register Allocation
Design and Implementation of GCC Register Allocation
Kito Cheng
 
Prometheus monitoring
Prometheus monitoringPrometheus monitoring
Prometheus monitoring
Hien Nguyen Van
 
Java Performance Analysis on Linux with Flame Graphs
Java Performance Analysis on Linux with Flame GraphsJava Performance Analysis on Linux with Flame Graphs
Java Performance Analysis on Linux with Flame Graphs
Brendan Gregg
 
PCI Drivers
PCI DriversPCI Drivers
PCI Drivers
Anil Kumar Pugalia
 
Microsoft LAPS - Local Administrator Password Solution
Microsoft LAPS - Local Administrator Password SolutionMicrosoft LAPS - Local Administrator Password Solution
Microsoft LAPS - Local Administrator Password Solution
Int64 Software Ltd
 
[若渴計畫] Challenges and Solutions of Window Remote Shellcode
[若渴計畫] Challenges and Solutions of Window Remote Shellcode[若渴計畫] Challenges and Solutions of Window Remote Shellcode
[若渴計畫] Challenges and Solutions of Window Remote Shellcode
Aj MaChInE
 
RedisConf17- Using Redis at scale @ Twitter
RedisConf17- Using Redis at scale @ TwitterRedisConf17- Using Redis at scale @ Twitter
RedisConf17- Using Redis at scale @ Twitter
Redis Labs
 
Android binder-ipc
Android binder-ipcAndroid binder-ipc
Android binder-ipc
magoroku Yamamoto
 
OPcacheの新機能ファイルベースキャッシュの内部実装を読んでみた
OPcacheの新機能ファイルベースキャッシュの内部実装を読んでみたOPcacheの新機能ファイルベースキャッシュの内部実装を読んでみた
OPcacheの新機能ファイルベースキャッシュの内部実装を読んでみた
Yoshio Hanawa
 
Android audio system(audioflinger)
Android audio system(audioflinger)Android audio system(audioflinger)
Android audio system(audioflinger)
fefe7270
 
Embedded Android : System Development - Part II (HAL)
Embedded Android : System Development - Part II (HAL)Embedded Android : System Development - Part II (HAL)
Embedded Android : System Development - Part II (HAL)
Emertxe Information Technologies Pvt Ltd
 
Implementing ossec
Implementing ossecImplementing ossec
Implementing ossec
Jeronimo Zucco
 
USB Drivers
USB DriversUSB Drivers
USB Drivers
Anil Kumar Pugalia
 
Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)
Brendan Gregg
 
Rust: Unlocking Systems Programming
Rust: Unlocking Systems ProgrammingRust: Unlocking Systems Programming
Rust: Unlocking Systems Programming
C4Media
 
Monitoring With Prometheus
Monitoring With PrometheusMonitoring With Prometheus
Monitoring With Prometheus
Knoldus Inc.
 
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM SystemsXPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
The Linux Foundation
 
An Introduction to PC-Lint
An Introduction to PC-LintAn Introduction to PC-Lint
An Introduction to PC-Lint
Ralf Holly
 
CppCheck - Static code analysis tool
CppCheck - Static code analysis toolCppCheck - Static code analysis tool
CppCheck - Static code analysis tool
Avneet Kaur
 

Más contenido relacionado

La actualidad más candente

The Tofu Interconnect D for the Post K Supercomputer
The Tofu Interconnect D for the Post K SupercomputerThe Tofu Interconnect D for the Post K Supercomputer
The Tofu Interconnect D for the Post K Supercomputer
inside-BigData.com
 
[若渴計畫] Challenges and Solutions of Window Remote Shellcode
[若渴計畫] Challenges and Solutions of Window Remote Shellcode[若渴計畫] Challenges and Solutions of Window Remote Shellcode
[若渴計畫] Challenges and Solutions of Window Remote Shellcode
Aj MaChInE
 
Android audio system(audioflinger)
Android audio system(audioflinger)Android audio system(audioflinger)
Android audio system(audioflinger)
fefe7270
 
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM SystemsXPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
The Linux Foundation
 

La actualidad más candente (20)

Cloud Monitoring with Prometheus
Cloud Monitoring with PrometheusCloud Monitoring with Prometheus
Cloud Monitoring with Prometheus
 
The Tofu Interconnect D for the Post K Supercomputer
The Tofu Interconnect D for the Post K SupercomputerThe Tofu Interconnect D for the Post K Supercomputer
The Tofu Interconnect D for the Post K Supercomputer
 
한컴MDS_Virtual Target Debugging with TRACE32
한컴MDS_Virtual Target Debugging with TRACE32한컴MDS_Virtual Target Debugging with TRACE32
한컴MDS_Virtual Target Debugging with TRACE32
 
Design and Implementation of GCC Register Allocation
Design and Implementation of GCC Register AllocationDesign and Implementation of GCC Register Allocation
Design and Implementation of GCC Register Allocation
 
Prometheus monitoring
Prometheus monitoringPrometheus monitoring
Prometheus monitoring
 
Java Performance Analysis on Linux with Flame Graphs
Java Performance Analysis on Linux with Flame GraphsJava Performance Analysis on Linux with Flame Graphs
Java Performance Analysis on Linux with Flame Graphs
 
PCI Drivers
PCI DriversPCI Drivers
PCI Drivers
 
Microsoft LAPS - Local Administrator Password Solution
Microsoft LAPS - Local Administrator Password SolutionMicrosoft LAPS - Local Administrator Password Solution
Microsoft LAPS - Local Administrator Password Solution
 
[若渴計畫] Challenges and Solutions of Window Remote Shellcode
[若渴計畫] Challenges and Solutions of Window Remote Shellcode[若渴計畫] Challenges and Solutions of Window Remote Shellcode
[若渴計畫] Challenges and Solutions of Window Remote Shellcode
 
RedisConf17- Using Redis at scale @ Twitter
RedisConf17- Using Redis at scale @ TwitterRedisConf17- Using Redis at scale @ Twitter
RedisConf17- Using Redis at scale @ Twitter
 
Android binder-ipc
Android binder-ipcAndroid binder-ipc
Android binder-ipc
 
OPcacheの新機能ファイルベースキャッシュの内部実装を読んでみた
OPcacheの新機能ファイルベースキャッシュの内部実装を読んでみたOPcacheの新機能ファイルベースキャッシュの内部実装を読んでみた
OPcacheの新機能ファイルベースキャッシュの内部実装を読んでみた
 
Android audio system(audioflinger)
Android audio system(audioflinger)Android audio system(audioflinger)
Android audio system(audioflinger)
 
Embedded Android : System Development - Part II (HAL)
Embedded Android : System Development - Part II (HAL)Embedded Android : System Development - Part II (HAL)
Embedded Android : System Development - Part II (HAL)
 
Implementing ossec
Implementing ossecImplementing ossec
Implementing ossec
 
USB Drivers
USB DriversUSB Drivers
USB Drivers
 
Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)
 
Rust: Unlocking Systems Programming
Rust: Unlocking Systems ProgrammingRust: Unlocking Systems Programming
Rust: Unlocking Systems Programming
 
Monitoring With Prometheus
Monitoring With PrometheusMonitoring With Prometheus
Monitoring With Prometheus
 
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM SystemsXPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
 

Destacado

CppCheck - Static code analysis tool
CppCheck - Static code analysis toolCppCheck - Static code analysis tool
CppCheck - Static code analysis tool
Avneet Kaur
 
Александр Сомов "C++: препроцессор, компилятор, компоновщик"
Александр Сомов "C++: препроцессор, компилятор, компоновщик"Александр Сомов "C++: препроцессор, компилятор, компоновщик"
Александр Сомов "C++: препроцессор, компилятор, компоновщик"
Yandex
 

Destacado (19)

An Introduction to PC-Lint
An Introduction to PC-LintAn Introduction to PC-Lint
An Introduction to PC-Lint
 
CppCheck - Static code analysis tool
CppCheck - Static code analysis toolCppCheck - Static code analysis tool
CppCheck - Static code analysis tool
 
Static Analysis and the FDA Guidance for Medical Device Software
Static Analysis and the FDA Guidance for Medical Device SoftwareStatic Analysis and the FDA Guidance for Medical Device Software
Static Analysis and the FDA Guidance for Medical Device Software
 
Static Code Analysis and AutoLint
Static Code Analysis and AutoLintStatic Code Analysis and AutoLint
Static Code Analysis and AutoLint
 
Static Code Analysis
Static Code AnalysisStatic Code Analysis
Static Code Analysis
 
The Art of Writing Efficient Software
The Art of Writing Efficient SoftwareThe Art of Writing Efficient Software
The Art of Writing Efficient Software
 
Using gcov and lcov
Using gcov and lcovUsing gcov and lcov
Using gcov and lcov
 
Prepare for PHP Test Fest 2009
Prepare for PHP Test Fest 2009Prepare for PHP Test Fest 2009
Prepare for PHP Test Fest 2009
 
Александр Сомов "C++: препроцессор, компилятор, компоновщик"
Александр Сомов "C++: препроцессор, компилятор, компоновщик"Александр Сомов "C++: препроцессор, компилятор, компоновщик"
Александр Сомов "C++: препроцессор, компилятор, компоновщик"
 
Frama c
Frama cFrama c
Frama c
 
Static code analysis
Static code analysisStatic code analysis
Static code analysis
 
Automation using RobotFramework for embedded device
Automation using RobotFramework for embedded deviceAutomation using RobotFramework for embedded device
Automation using RobotFramework for embedded device
 
Sonarqube 20160509
Sonarqube 20160509Sonarqube 20160509
Sonarqube 20160509
 
Code coverage & tools
Code coverage & toolsCode coverage & tools
Code coverage & tools
 
SVN에서 GIT으로 전환하기
SVN에서 GIT으로 전환하기SVN에서 GIT으로 전환하기
SVN에서 GIT으로 전환하기
 
Splints
SplintsSplints
Splints
 
Splint and tractions
Splint and tractionsSplint and tractions
Splint and tractions
 
Top 10 static code analysis tool
Top 10 static code analysis toolTop 10 static code analysis tool
Top 10 static code analysis tool
 
Splint ppt by rupeshkumar
Splint ppt by rupeshkumarSplint ppt by rupeshkumar
Splint ppt by rupeshkumar
 

Similar a Static Code Analysis and Cppcheck

Code Analysis-run time error prediction
Code Analysis-run time error predictionCode Analysis-run time error prediction
Code Analysis-run time error prediction
NIKHIL NAWATHE
 
CodeChecker Overview Nov 2019
CodeChecker Overview Nov 2019CodeChecker Overview Nov 2019
CodeChecker Overview Nov 2019
Olivera Milenkovic
 
API Testing: The heart of functional testing" with Bj Rollison
API Testing: The heart of functional testing" with Bj RollisonAPI Testing: The heart of functional testing" with Bj Rollison
API Testing: The heart of functional testing" with Bj Rollison
TEST Huddle
 
Reducing Redundancies in Multi-Revision Code Analysis
Reducing Redundancies in Multi-Revision Code AnalysisReducing Redundancies in Multi-Revision Code Analysis
Reducing Redundancies in Multi-Revision Code Analysis
Sebastiano Panichella
 
Embedded c & working with avr studio
Embedded c & working with avr studioEmbedded c & working with avr studio
Embedded c & working with avr studio
Nitesh Singh
 
[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...
[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...
[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...
GangSeok Lee
 

Similar a Static Code Analysis and Cppcheck (20)

Code Analysis-run time error prediction
Code Analysis-run time error predictionCode Analysis-run time error prediction
Code Analysis-run time error prediction
 
CodeChecker Overview Nov 2019
CodeChecker Overview Nov 2019CodeChecker Overview Nov 2019
CodeChecker Overview Nov 2019
 
Why Rust? - Matthias Endler - Codemotion Amsterdam 2016
Why Rust? - Matthias Endler - Codemotion Amsterdam 2016Why Rust? - Matthias Endler - Codemotion Amsterdam 2016
Why Rust? - Matthias Endler - Codemotion Amsterdam 2016
 
Improving code quality with Roslyn analyzers
Improving code quality with Roslyn analyzersImproving code quality with Roslyn analyzers
Improving code quality with Roslyn analyzers
 
CNIT 127: Ch 18: Source Code Auditing
CNIT 127: Ch 18: Source Code AuditingCNIT 127: Ch 18: Source Code Auditing
CNIT 127: Ch 18: Source Code Auditing
 
Embedded system
Embedded systemEmbedded system
Embedded system
 
Control hijacking
Control hijackingControl hijacking
Control hijacking
 
API Testing: The heart of functional testing" with Bj Rollison
API Testing: The heart of functional testing" with Bj RollisonAPI Testing: The heart of functional testing" with Bj Rollison
API Testing: The heart of functional testing" with Bj Rollison
 
Using Static Binary Analysis To Find Vulnerabilities And Backdoors in Firmware
Using Static Binary Analysis To Find Vulnerabilities And Backdoors in FirmwareUsing Static Binary Analysis To Find Vulnerabilities And Backdoors in Firmware
Using Static Binary Analysis To Find Vulnerabilities And Backdoors in Firmware
 
Reducing Redundancies in Multi-Revision Code Analysis
Reducing Redundancies in Multi-Revision Code AnalysisReducing Redundancies in Multi-Revision Code Analysis
Reducing Redundancies in Multi-Revision Code Analysis
 
How to Connect SystemVerilog with Octave
How to Connect SystemVerilog with OctaveHow to Connect SystemVerilog with Octave
How to Connect SystemVerilog with Octave
 
Embedded c & working with avr studio
Embedded c & working with avr studioEmbedded c & working with avr studio
Embedded c & working with avr studio
 
[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...
[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...
[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...
 
report
reportreport
report
 
C101 – Intro to Programming with C
C101 – Intro to Programming with CC101 – Intro to Programming with C
C101 – Intro to Programming with C
 
The operation principles of PVS-Studio static code analyzer
The operation principles of PVS-Studio static code analyzerThe operation principles of PVS-Studio static code analyzer
The operation principles of PVS-Studio static code analyzer
 
C Programming Training in Ambala ! Batra Computer Centre
C Programming Training in Ambala ! Batra Computer CentreC Programming Training in Ambala ! Batra Computer Centre
C Programming Training in Ambala ! Batra Computer Centre
 
0-Slot14-15-16-Libraries.pdf
0-Slot14-15-16-Libraries.pdf0-Slot14-15-16-Libraries.pdf
0-Slot14-15-16-Libraries.pdf
 
PVS-Studio. Static code analyzer. Windows/Linux, C/C++/C#. 2017
PVS-Studio. Static code analyzer. Windows/Linux, C/C++/C#. 2017PVS-Studio. Static code analyzer. Windows/Linux, C/C++/C#. 2017
PVS-Studio. Static code analyzer. Windows/Linux, C/C++/C#. 2017
 
Week1 Electronic System-level ESL Design and SystemC Begin
Week1 Electronic System-level ESL Design and SystemC BeginWeek1 Electronic System-level ESL Design and SystemC Begin
Week1 Electronic System-level ESL Design and SystemC Begin
 

Último

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 

Último (20)

FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 

Static Code Analysis and Cppcheck

  • 1.
  • 2. Static Code Analysis  Survey of Tools  Cppcheck
  • 3. Goal: Provide confidence that code is correct just by looking at it (without building or executing it).  Helps us find easy bugs buried in thousands of lines of code (not something people are great at).
  • 4. Formal Methods  Code Metrics  Reviews and Inspection
  • 5. Formal Methods: ◦ Mathematical! ◦ Require a mathematical model and assertions! ◦ Often require modeling the system as a finite state machine and verifying each state and transition.  Code Metrics  Reviews and Inspection
  • 6. Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics  Reviews and Inspection
  • 7. Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics: • Identify areas where bugs are likely. • Based on measures of code complexity rooted in graph theory (e.g. Cyclomatic complexity).  Reviews and Inspection
  • 8. Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics: Good, but doesn’t directly identify defects.  Reviews and Inspection
  • 9. Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics: Good, but doesn’t directly identify defects.  Reviews and Inspection • Just look at the code and try to find suspicious patterns. • Basically what we do when performing code reviews.
  • 10. Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics: Good, but doesn’t directly identify defects.  Reviews and Inspection Works pretty well!
  • 11. Static Code Analysis  Survey of Tools  Cppcheck
  • 12. Three Popular Commercial Tools: ◦ PC-Lint ◦ Klocwork Insight ◦ Coverity Prevent  One Free Software Tool: ◦ Cppcheck
  • 13. PC-Lint ◦ Commercial ◦ Works for C code ◦ Often reports many false positives. ◦ Probably the cheapest after Cppcheck (which is free)  Klocwork Insight  Coverity Prevent  Cppcheck
  • 14. PC-Lint  Klocwork Insight ◦ Commercial ◦ A spin-out of Nortel Networks ◦ Also includes project management and project visualization capabilities.  Coverity Prevent  Cppcheck
  • 15. PC-Lint  Klocworks Insight  Coverity Prevent ◦ Commercial ◦ Identified over 6000 bugs across 53 open-source projects. ◦ Developed from research at Stanford University.  Cppcheck
  • 16. PC-Lint  Klocworks Insight  Coverity Prevent  Cppcheck ◦ Open source ◦ Under active development. ◦ Has found > 400 bugs in open-source projects. ◦ Free!
  • 17. Static Code Analysis  Survey of Tools  Cppcheck
  • 18. Detects bugs in C and C++ source that compilers normally do not warn about!  Cross-platform (Windows, Linux, etc)  Fancy Qt-based GUI client! ◦ Also available in a command-line version  Usable via plugins from various IDEs (but not VS): ◦ Eclipse ◦ Code::Blocks ◦ Hudson, Jenkins
  • 19. Packages maintained for FreeBSD, Debian and Ubuntu systems (sudo apt-get install cppcheck)  Used to find bugs in many open-source projects: ◦ Linux Kernel: > 40 bugs found+fixed ◦ VLC Player: > 20 bugs found+fixed ◦ Others: 7-zip, curl, git, etc
  • 20. Bounds checking for array overruns  Memory and resource leaks  Unused private class functions  Use of deprecated functions  Wrong # of arguments given to printf or scanf  Switch cases that fall through suspiciously  Dozens of others…
  • 21.
  • 22. Possible buffer overrun Memory leak: buf Should be “delete[] buf” Resource leak: file
  • 23. Cppcheck finds many of the issues with that code (but not all)
  • 24.
  • 25. Buffer overrun Suspicious format specifier for a pointer to a C string (but not necessary a bug)
  • 26. Bounds checking for array overruns  Unused private class functions  Use of deprecated functions  Memory and resource leaks  Dozens of others…
  • 27. Preprocessor Source File Tokenizer Simplifier Results Checks Happy Developer
  • 28. void foo(char* str) { if (str == 0) printf(str); else printf("Whoa"); } Tokenizer Simplifier void foo ( char * str ) { if ( ! str ) { printf ( str ) ; } else { printf ( "Whoa" ) ; } }
  • 29. void foo(char* str) { if (str == 0) printf(str); else printf("Whoa"); } Indentation, spacing, NULL-checks and braces are normalized Tokenizer to simplify checks! Simplifier void foo ( char * str ) { if ( ! str ) { printf ( str ) ; } else { printf ( "Whoa" ) ; } }
  • 30. void foo ( char * str ) { if ( ! str ) { printf ( str ) ; } else { printf ( "Whoa" ) ; } } Results Checks  Each check iterates over the tokens, and reports if it finds a suspicious pattern!  Checks implemented as C functions or XML documents that describe the pattern to look for.  Results categorized as error, warning, style, performance, portability, or informative.
  • 31.  Cppcheck is a free tool for finding bugs in C++ source code.  It works by parsing the source code, splitting it into tokens and finding suspicious patterns in the tokens.
  • 32.  Official project page: ◦ http://cppcheck.sourceforge.net/  Official source repository: ◦ https://github.com/danmar/cppc heck