Automatically Finding Bugs in Open Source Programs

Vladimir Nesov

Abstract


We consider properties desirable for static analysis tools targeted at finding bugs in the real open source code, and review tools based on various approaches to defect detection. A static analysis tool is described, that includes a framework for flow-sensitive interprocedural dataflow analysis and scales to analysis of large
programs. The framework enables implementation of multiple checkers searching for specific bugs, such as null pointer dereference and buffer overflow, abstracting from the checkers details such as alias analysis.

Full Text:

PDF


DOI: http://dx.doi.org/10.14279/tuj.eceasst.20.256

DOI (PDF): http://dx.doi.org/10.14279/tuj.eceasst.20.256.271

Hosted By Universit├Ątsbibliothek TU Berlin.