// Static Analyzer // ------------------------------------------------------------------------ // A static analyzer tool parses the source code and gives some information // ofknown programmer faults. With such tools you can find some critical // and security buggs very easy. The analyzer checks the code with // predefined rules and shows you many warnings and errors, also false // positive failures. To avoid the false positive warning/error output the // user can modify the rules. // PC-lint for C/C++ from Gimpel Software (http://www.gimpel.com/) // - static analyzer with defined rules for MISRA-standard // - command line tool, easy to integrate for many IDEs // (e.g. MPLAB from Microchip) // - Win, Dos, OS2 // - *.lnt files for rule checker configuration // (e.g. co-picc.lnt for hitex C-compiler) // - usage: lint co-picc.lnt test.c // Splint for C (http://splint.org/) // - static analyzer // - command line tool // - Win, Source-Code available // - usage: splint test.c // Flawfinder for C/C++ (http://www.dwheeler.com/flawfinder/) // - reports possible security weaknesses - "flaws" // (race conditions, access violations, buffer overflows, ...) // - Linux, Source-Code available // RATS // - Rough Auditing Tool for Security // (https://www.fortify.com/ssa-elements/threat-intelligence/rats.html) // - analyzes C, C++, Perl, PHP and Python source code for // security weakness (race conditions, access violations, // weak random, buffer overflows, ...) // - Win, Source-Code available // - usage: rats --warning 1 --html test.c >output.html // 1 ... only major failures // 2 ... middle warning density // 3 ... show all failures // --html ... output html formated // --xml ... output xml formated // other useful tools: // - BLAST - Berkeley Lazy Abstraction Software Verification Tool // (http://mtc.epfl.ch/software-tools/blast/index-epfl.php) // - PScan (http://deployingradius.com/pscan/) // - ITS4 (http://www.cigital.com/its4/) // - Frama-C (http://frama-c.com/)