Electronic Communications of the EASST
Automatically Finding Bugs in Open Source Programs
Abstract
We consider properties desirable for static analysis tools targeted at finding bugs in the real open source code, and review tools based on various approaches to defect detection. A static analysis tool is described, that includes a framework for flow-sensitive interprocedural dataflow analysis and scales to analysis of large
programs. The framework enables implementation of multiple checkers searching for specific bugs, such as null pointer dereference and buffer overflow, abstracting from the checkers details such as alias analysis.
programs. The framework enables implementation of multiple checkers searching for specific bugs, such as null pointer dereference and buffer overflow, abstracting from the checkers details such as alias analysis.
Full Text:
PDFDOI: http://dx.doi.org/10.14279/tuj.eceasst.20.256
DOI (PDF): http://dx.doi.org/10.14279/tuj.eceasst.20.256.271
Hosted By Universitätsbibliothek TU Berlin.