Analisadores de Código

De ccppbrasil.org

Lista de programas que fazem análise em código C/C++.


C

  • CQual — A tool for adding type qualifiers in C.
  • SNav — Red Hat Source Navigator.
  • Sparse — a tool designed to find faults in the Linux kernel.
  • Splint — an open source evolved version of Lint (C language).
  • Frama-C — Frama-C is a suite of tools dedicated to the analysis of the source code of software written in C.
  • Astrée - A tool for proving the absence of runtime errors (overflows, failed assertions, etc.), taylored to critical embedded control code (was applied to Airbus A340 and A380 avionics code)
  • Deputy - Deputy is a C compiler that is capable of preventing common C programming errors, including out-of-bounds memory accesses as well as many other common type-safety errors.
  • CCured - CCured is a source-to-source translator for C. It analyzes the C program to determine the smallest number of run-time checks that must be inserted in the program to prevent all memory safety violations.
  • RATS - RATS is a tool for scanning C, C++, Perl, PHP and Python source code and flagging common security related programming errors such as buffer overflows and TOCTOU (Time Of Check, Time Of Use) race conditions.
  • LLVM/Clang Static Analyzer - standalone tool that find bugs in C and Objective-C programs.
  • MOPS - MOPS is a tool for finding security bugs in C programs and for verifying conformance to rules of defensive programming.
  • BOON - BOON is a tool for automatically finding buffer overrun vulnerabilities in C source code.
  • BLAST - BLAST is a software model checker for C programs.

C/C++

  • ABRAXAS Software codeCheck — programmable C/C++ Standards Checking Tool.
  • CHECKMARXCxSuite - a Source Code Analysis suite of products allowing developers and auditors identify software security vulnerabilities.
  • CMT++ — code metrics tool for C/C++ (also for Java).
  • CP Miner, sold commercially as Pattern Miner — detects copy-paste errors and provides refactoring support for C and C++ code.
  • FlexeLint and PC-Lint — Multi-platform static code analysis tools for C and C++ code.
  • Green Hills Software DoubleCheck — static analysis for C and C++ code.
  • HP Code Advisor — A static analysis tool for C and C++ programs
  • LDRA Testbed — A software analysis and testing tool suite for C & C++.
  • Microsoft Visual Studio — Visual Studio Team System includes a static code analyzer.
  • PREfast — A Microsoft tool which identifies defects in C/C++ source code.
  • QA-C (and QA-C++) — deep static analysis of C for quality assurance and guideline enforcement.
  • SPARROW — Semantic-based static analysis tool for C/C++ which automatically detects buffer overruns, memory leaks, etc.
  • Viva64 — analyzes C, C++ code for detect 64-bit portability issues.



Link Wikipédia [[1]]

Obtido em "http://ccppbrasil.org/wiki/Analisadores_de_C%C3%B3digo"
Ferramentas pessoais