Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Splint Code Analyzers for C [closed]

We are planning to use Splint as code analyzer for our C code base. But we never tried Splint tool before so we want your input on it's benifts, pros and cons.

like image 921
Thi Avatar asked Aug 09 '10 09:08

Thi


People also ask

Which of the following is a type of C or C static code analysis tool?

Helix QAC is an excellent static analysis testing tool for C and C++ code from Perforce (formerly PRQA).

What is static code analysis C?

Static analysis, also called static code analysis, is a method of computer program debugging that is done by examining the code without executing the program. The process provides an understanding of the code structure and can help ensure that the code adheres to industry standards.

What are code analyzers?

A tool that analyzes source code without executing the code. Static code analyzers are designed to review bodies of source code (at the programming language level) or compiled code (at the machine language level) to identify poor coding practices.

Which tool is used for code analysis?

Source code analysis tools, also known as Static Application Security Testing (SAST) Tools, can help analyze source code or compiled versions of code to help find security flaws. SAST tools can be added into your IDE. Such tools can help you detect issues during software development.


1 Answers

Lint tools are useful for finding common problems and errors that code reviews tend to miss. My opinion is that you have nothing to lose when doing static code analysis. The only down side is that you might get a lot of false positives or warnings that might be unimportant (i.e. coding style recommendation). You just have to develop good filtering skills. Static analyzers might also not catch everything, but hey it is better than nothing.

Here is a white paper from the SANS institute that might interest you: http://www.sans.org/reading_room/whitepapers/securecode/secure-software-development-code-analysis-tools_389

like image 100
waffleman Avatar answered Oct 02 '22 15:10

waffleman