SlideShare une entreprise Scribd logo

Static Code Analysis and Cppcheck

Z
Zachary Blair

Cppcheck is a free static code analysis tool that finds bugs in C and C++ code without executing the program. It works by tokenizing, simplifying, and checking code for patterns that may indicate bugs. Some checks look for buffer overruns, unused functions, memory leaks, and invalid arguments. Cppcheck is cross-platform, has a GUI and command line interface, and has found hundreds of bugs in open source projects.

Technologie
1  sur  33
Télécharger pour lire hors ligne
 Static Code Analysis  Survey of Tools  Cppcheck
 Goal: Provide confidence that code is correct just by looking at it (without building or executing it).  Helps us find easy bugs buried in thousands of lines of code (not something people are great at).
 Formal Methods  Code Metrics  Reviews and Inspection
 Formal Methods: ◦ Mathematical! ◦ Require a mathematical model and assertions! ◦ Often require modeling the system as a finite state machine and verifying each state and transition.  Code Metrics  Reviews and Inspection
 Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics  Reviews and Inspection
 Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics: • Identify areas where bugs are likely. • Based on measures of code complexity rooted in graph theory (e.g. Cyclomatic complexity).  Reviews and Inspection
 Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics: Good, but doesn’t directly identify defects.  Reviews and Inspection
 Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics: Good, but doesn’t directly identify defects.  Reviews and Inspection • Just look at the code and try to find suspicious patterns. • Basically what we do when performing code reviews.
 Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics: Good, but doesn’t directly identify defects.  Reviews and Inspection Works pretty well!
 Static Code Analysis  Survey of Tools  Cppcheck
 Three Popular Commercial Tools: ◦ PC-Lint ◦ Klocwork Insight ◦ Coverity Prevent  One Free Software Tool: ◦ Cppcheck
 PC-Lint ◦ Commercial ◦ Works for C code ◦ Often reports many false positives. ◦ Probably the cheapest after Cppcheck (which is free)  Klocwork Insight  Coverity Prevent  Cppcheck
 PC-Lint  Klocwork Insight ◦ Commercial ◦ A spin-out of Nortel Networks ◦ Also includes project management and project visualization capabilities.  Coverity Prevent  Cppcheck
 PC-Lint  Klocworks Insight  Coverity Prevent ◦ Commercial ◦ Identified over 6000 bugs across 53 open-source projects. ◦ Developed from research at Stanford University.  Cppcheck
 PC-Lint  Klocworks Insight  Coverity Prevent  Cppcheck ◦ Open source ◦ Under active development. ◦ Has found > 400 bugs in open-source projects. ◦ Free!
 Static Code Analysis  Survey of Tools  Cppcheck
 Detects bugs in C and C++ source that compilers normally do not warn about!  Cross-platform (Windows, Linux, etc)  Fancy Qt-based GUI client! ◦ Also available in a command-line version  Usable via plugins from various IDEs (but not VS): ◦ Eclipse ◦ Code::Blocks ◦ Hudson, Jenkins
 Packages maintained for FreeBSD, Debian and Ubuntu systems (sudo apt-get install cppcheck)  Used to find bugs in many open-source projects: ◦ Linux Kernel: > 40 bugs found+fixed ◦ VLC Player: > 20 bugs found+fixed ◦ Others: 7-zip, curl, git, etc
 Bounds checking for array overruns  Memory and resource leaks  Unused private class functions  Use of deprecated functions  Wrong # of arguments given to printf or scanf  Switch cases that fall through suspiciously  Dozens of others…
Possible buffer overrun Memory leak: buf Should be “delete[] buf” Resource leak: file
Cppcheck finds many of the issues with that code (but not all)
Buffer overrun Suspicious format specifier for a pointer to a C string (but not necessary a bug)
 Bounds checking for array overruns  Unused private class functions  Use of deprecated functions  Memory and resource leaks  Dozens of others…
Preprocessor Source File Tokenizer Simplifier Results Checks Happy Developer
void foo(char* str) { if (str == 0) printf(str); else printf("Whoa"); } Tokenizer Simplifier void foo ( char * str ) { if ( ! str ) { printf ( str ) ; } else { printf ( "Whoa" ) ; } }
void foo(char* str) { if (str == 0) printf(str); else printf("Whoa"); } Indentation, spacing, NULL-checks and braces are normalized Tokenizer to simplify checks! Simplifier void foo ( char * str ) { if ( ! str ) { printf ( str ) ; } else { printf ( "Whoa" ) ; } }
void foo ( char * str ) { if ( ! str ) { printf ( str ) ; } else { printf ( "Whoa" ) ; } } Results Checks  Each check iterates over the tokens, and reports if it finds a suspicious pattern!  Checks implemented as C functions or XML documents that describe the pattern to look for.  Results categorized as error, warning, style, performance, portability, or informative.
 Cppcheck is a free tool for finding bugs in C++ source code.  It works by parsing the source code, splitting it into tokens and finding suspicious patterns in the tokens.
 Official project page: ◦ http://cppcheck.sourceforge.net/  Official source repository: ◦ https://github.com/danmar/cppc heck
Static Code Analysis and Cppcheck

Recommandé

Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Linaro
 
Facebook Forensics Toolkit(FFT)
Facebook Forensics Toolkit(FFT)Facebook Forensics Toolkit(FFT)
Facebook Forensics Toolkit(FFT)
Shuvo Sarker
 
RSA algorithm
RSA algorithmRSA algorithm
RSA algorithm
Arpana shree
 
"Emerging Processor Architectures for Deep Learning: Options and Trade-offs,"...
"Emerging Processor Architectures for Deep Learning: Options and Trade-offs,"..."Emerging Processor Architectures for Deep Learning: Options and Trade-offs,"...
"Emerging Processor Architectures for Deep Learning: Options and Trade-offs,"...
Edge AI and Vision Alliance
 
How to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your NetworkHow to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your Network
Sqrrl
 
[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇
[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇
[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇
CODE BLUE
 
Hacking QNX
Hacking QNXHacking QNX
Hacking QNX
ricardomcm
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenes
primeteacher32
 

Recommandé

Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Linaro
 
Facebook Forensics Toolkit(FFT)
Facebook Forensics Toolkit(FFT)Facebook Forensics Toolkit(FFT)
Facebook Forensics Toolkit(FFT)
Shuvo Sarker
 
RSA algorithm
RSA algorithmRSA algorithm
RSA algorithm
Arpana shree
 
"Emerging Processor Architectures for Deep Learning: Options and Trade-offs,"...
"Emerging Processor Architectures for Deep Learning: Options and Trade-offs,"..."Emerging Processor Architectures for Deep Learning: Options and Trade-offs,"...
"Emerging Processor Architectures for Deep Learning: Options and Trade-offs,"...
Edge AI and Vision Alliance
 
How to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your NetworkHow to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your Network
Sqrrl
 
[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇
[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇
[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇
CODE BLUE
 
Hacking QNX
Hacking QNXHacking QNX
Hacking QNX
ricardomcm
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenes
primeteacher32
 
The Low-Risk Path to Building Autonomous Car Architectures
The Low-Risk Path to Building Autonomous Car ArchitecturesThe Low-Risk Path to Building Autonomous Car Architectures
The Low-Risk Path to Building Autonomous Car Architectures
Real-Time Innovations (RTI)
 
Review of QNX
Review of QNXReview of QNX
Review of QNX
Robert-Emmanuel Mayssat
 
Intro to Jupyter Notebooks
Intro to Jupyter NotebooksIntro to Jupyter Notebooks
Intro to Jupyter Notebooks
Francis Michael Bautista
 
Malware Static Analysis
Malware Static AnalysisMalware Static Analysis
Malware Static Analysis
Hossein Yavari
 
MONAI and Open Science for Medical Imaging Deep Learning: SIPAIM 2020
MONAI and Open Science for Medical Imaging Deep Learning: SIPAIM 2020MONAI and Open Science for Medical Imaging Deep Learning: SIPAIM 2020
MONAI and Open Science for Medical Imaging Deep Learning: SIPAIM 2020
Stephen Aylward
 
Linux forensics
Linux forensicsLinux forensics
Linux forensics
Santosh Khadsare
 
CNIT 127 Ch 1: Before you Begin
CNIT 127 Ch 1: Before you BeginCNIT 127 Ch 1: Before you Begin
CNIT 127 Ch 1: Before you Begin
Sam Bowne
 
Embedded Rust
Embedded RustEmbedded Rust
Embedded Rust
Jens Siebert
 
Kali linux os
Kali linux osKali linux os
Kali linux os
Samantha Lawrence
 
Trusted Platform Module (TPM)
Trusted Platform Module (TPM)Trusted Platform Module (TPM)
Trusted Platform Module (TPM)
k33a
 
Forensic Investigation of Android Operating System
Forensic Investigation of Android Operating SystemForensic Investigation of Android Operating System
Forensic Investigation of Android Operating System
nishant24894
 
Linux Char Device Driver
Linux Char Device DriverLinux Char Device Driver
Linux Char Device Driver
Gary Yeh
 
Digital certificates
Digital certificatesDigital certificates
Digital certificates
Buddhika Karunanayaka
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
Haris Ahmed
 
Introduction to TensorFlow Lite
Introduction to TensorFlow Lite Introduction to TensorFlow Lite
Introduction to TensorFlow Lite
Koan-Sin Tan
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key Cryptography
Gopal Sakarkar
 
Hexawise Introduction
Hexawise IntroductionHexawise Introduction
Hexawise Introduction
Justin Hunter
 
Mininet Basics
Mininet BasicsMininet Basics
Mininet Basics
Eueung Mulyana
 
What is SDN and how to approach it with Python
What is SDN and how to approach it with PythonWhat is SDN and how to approach it with Python
What is SDN and how to approach it with Python
Justin Park
 
Python training
Python trainingPython training
Python training
Kunalchauhan76
 
An Introduction to PC-Lint
An Introduction to PC-LintAn Introduction to PC-Lint
An Introduction to PC-Lint
Ralf Holly
 
CppCheck - Static code analysis tool
CppCheck - Static code analysis toolCppCheck - Static code analysis tool
CppCheck - Static code analysis tool
Avneet Kaur
 

Contenu connexe

Tendances

What is SDN and how to approach it with Python
What is SDN and how to approach it with PythonWhat is SDN and how to approach it with Python
What is SDN and how to approach it with Python
Justin Park
 

Tendances (20)

The Low-Risk Path to Building Autonomous Car Architectures
The Low-Risk Path to Building Autonomous Car ArchitecturesThe Low-Risk Path to Building Autonomous Car Architectures
The Low-Risk Path to Building Autonomous Car Architectures
 
Review of QNX
Review of QNXReview of QNX
Review of QNX
 
Intro to Jupyter Notebooks
Intro to Jupyter NotebooksIntro to Jupyter Notebooks
Intro to Jupyter Notebooks
 
Malware Static Analysis
Malware Static AnalysisMalware Static Analysis
Malware Static Analysis
 
MONAI and Open Science for Medical Imaging Deep Learning: SIPAIM 2020
MONAI and Open Science for Medical Imaging Deep Learning: SIPAIM 2020MONAI and Open Science for Medical Imaging Deep Learning: SIPAIM 2020
MONAI and Open Science for Medical Imaging Deep Learning: SIPAIM 2020
 
Linux forensics
Linux forensicsLinux forensics
Linux forensics
 
CNIT 127 Ch 1: Before you Begin
CNIT 127 Ch 1: Before you BeginCNIT 127 Ch 1: Before you Begin
CNIT 127 Ch 1: Before you Begin
 
Embedded Rust
Embedded RustEmbedded Rust
Embedded Rust
 
Kali linux os
Kali linux osKali linux os
Kali linux os
 
Trusted Platform Module (TPM)
Trusted Platform Module (TPM)Trusted Platform Module (TPM)
Trusted Platform Module (TPM)
 
Forensic Investigation of Android Operating System
Forensic Investigation of Android Operating SystemForensic Investigation of Android Operating System
Forensic Investigation of Android Operating System
 
Linux Char Device Driver
Linux Char Device DriverLinux Char Device Driver
Linux Char Device Driver
 
Digital certificates
Digital certificatesDigital certificates
Digital certificates
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
 
Introduction to TensorFlow Lite
Introduction to TensorFlow Lite Introduction to TensorFlow Lite
Introduction to TensorFlow Lite
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key Cryptography
 
Hexawise Introduction
Hexawise IntroductionHexawise Introduction
Hexawise Introduction
 
Mininet Basics
Mininet BasicsMininet Basics
Mininet Basics
 
What is SDN and how to approach it with Python
What is SDN and how to approach it with PythonWhat is SDN and how to approach it with Python
What is SDN and how to approach it with Python
 
Python training
Python trainingPython training
Python training
 

En vedette

CppCheck - Static code analysis tool
CppCheck - Static code analysis toolCppCheck - Static code analysis tool
CppCheck - Static code analysis tool
Avneet Kaur
 
Александр Сомов "C++: препроцессор, компилятор, компоновщик"
Александр Сомов "C++: препроцессор, компилятор, компоновщик"Александр Сомов "C++: препроцессор, компилятор, компоновщик"
Александр Сомов "C++: препроцессор, компилятор, компоновщик"
Yandex
 

En vedette (19)

An Introduction to PC-Lint
An Introduction to PC-LintAn Introduction to PC-Lint
An Introduction to PC-Lint
 
CppCheck - Static code analysis tool
CppCheck - Static code analysis toolCppCheck - Static code analysis tool
CppCheck - Static code analysis tool
 
Static Analysis and the FDA Guidance for Medical Device Software
Static Analysis and the FDA Guidance for Medical Device SoftwareStatic Analysis and the FDA Guidance for Medical Device Software
Static Analysis and the FDA Guidance for Medical Device Software
 
Static Code Analysis and AutoLint
Static Code Analysis and AutoLintStatic Code Analysis and AutoLint
Static Code Analysis and AutoLint
 
Static Code Analysis
Static Code AnalysisStatic Code Analysis
Static Code Analysis
 
The Art of Writing Efficient Software
The Art of Writing Efficient SoftwareThe Art of Writing Efficient Software
The Art of Writing Efficient Software
 
Using gcov and lcov
Using gcov and lcovUsing gcov and lcov
Using gcov and lcov
 
Prepare for PHP Test Fest 2009
Prepare for PHP Test Fest 2009Prepare for PHP Test Fest 2009
Prepare for PHP Test Fest 2009
 
Александр Сомов "C++: препроцессор, компилятор, компоновщик"
Александр Сомов "C++: препроцессор, компилятор, компоновщик"Александр Сомов "C++: препроцессор, компилятор, компоновщик"
Александр Сомов "C++: препроцессор, компилятор, компоновщик"
 
Frama c
Frama cFrama c
Frama c
 
Static code analysis
Static code analysisStatic code analysis
Static code analysis
 
Automation using RobotFramework for embedded device
Automation using RobotFramework for embedded deviceAutomation using RobotFramework for embedded device
Automation using RobotFramework for embedded device
 
Sonarqube 20160509
Sonarqube 20160509Sonarqube 20160509
Sonarqube 20160509
 
Code coverage & tools
Code coverage & toolsCode coverage & tools
Code coverage & tools
 
SVN에서 GIT으로 전환하기
SVN에서 GIT으로 전환하기SVN에서 GIT으로 전환하기
SVN에서 GIT으로 전환하기
 
Splints
SplintsSplints
Splints
 
Splint and tractions
Splint and tractionsSplint and tractions
Splint and tractions
 
Top 10 static code analysis tool
Top 10 static code analysis toolTop 10 static code analysis tool
Top 10 static code analysis tool
 
Splint ppt by rupeshkumar
Splint ppt by rupeshkumarSplint ppt by rupeshkumar
Splint ppt by rupeshkumar
 

Similaire à Static Code Analysis and Cppcheck

Code Analysis-run time error prediction
Code Analysis-run time error predictionCode Analysis-run time error prediction
Code Analysis-run time error prediction
NIKHIL NAWATHE
 
CodeChecker Overview Nov 2019
CodeChecker Overview Nov 2019CodeChecker Overview Nov 2019
CodeChecker Overview Nov 2019
Olivera Milenkovic
 
API Testing: The heart of functional testing" with Bj Rollison
API Testing: The heart of functional testing" with Bj RollisonAPI Testing: The heart of functional testing" with Bj Rollison
API Testing: The heart of functional testing" with Bj Rollison
TEST Huddle
 
Reducing Redundancies in Multi-Revision Code Analysis
Reducing Redundancies in Multi-Revision Code AnalysisReducing Redundancies in Multi-Revision Code Analysis
Reducing Redundancies in Multi-Revision Code Analysis
Sebastiano Panichella
 
Embedded c & working with avr studio
Embedded c & working with avr studioEmbedded c & working with avr studio
Embedded c & working with avr studio
Nitesh Singh
 
[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...
[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...
[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...
GangSeok Lee
 

Similaire à Static Code Analysis and Cppcheck (20)

Code Analysis-run time error prediction
Code Analysis-run time error predictionCode Analysis-run time error prediction
Code Analysis-run time error prediction
 
CodeChecker Overview Nov 2019
CodeChecker Overview Nov 2019CodeChecker Overview Nov 2019
CodeChecker Overview Nov 2019
 
Why Rust? - Matthias Endler - Codemotion Amsterdam 2016
Why Rust? - Matthias Endler - Codemotion Amsterdam 2016Why Rust? - Matthias Endler - Codemotion Amsterdam 2016
Why Rust? - Matthias Endler - Codemotion Amsterdam 2016
 
Improving code quality with Roslyn analyzers
Improving code quality with Roslyn analyzersImproving code quality with Roslyn analyzers
Improving code quality with Roslyn analyzers
 
CNIT 127: Ch 18: Source Code Auditing
CNIT 127: Ch 18: Source Code AuditingCNIT 127: Ch 18: Source Code Auditing
CNIT 127: Ch 18: Source Code Auditing
 
Embedded system
Embedded systemEmbedded system
Embedded system
 
Control hijacking
Control hijackingControl hijacking
Control hijacking
 
API Testing: The heart of functional testing" with Bj Rollison
API Testing: The heart of functional testing" with Bj RollisonAPI Testing: The heart of functional testing" with Bj Rollison
API Testing: The heart of functional testing" with Bj Rollison
 
Using Static Binary Analysis To Find Vulnerabilities And Backdoors in Firmware
Using Static Binary Analysis To Find Vulnerabilities And Backdoors in FirmwareUsing Static Binary Analysis To Find Vulnerabilities And Backdoors in Firmware
Using Static Binary Analysis To Find Vulnerabilities And Backdoors in Firmware
 
Reducing Redundancies in Multi-Revision Code Analysis
Reducing Redundancies in Multi-Revision Code AnalysisReducing Redundancies in Multi-Revision Code Analysis
Reducing Redundancies in Multi-Revision Code Analysis
 
How to Connect SystemVerilog with Octave
How to Connect SystemVerilog with OctaveHow to Connect SystemVerilog with Octave
How to Connect SystemVerilog with Octave
 
Embedded c & working with avr studio
Embedded c & working with avr studioEmbedded c & working with avr studio
Embedded c & working with avr studio
 
[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...
[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...
[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...
 
report
reportreport
report
 
C101 – Intro to Programming with C
C101 – Intro to Programming with CC101 – Intro to Programming with C
C101 – Intro to Programming with C
 
The operation principles of PVS-Studio static code analyzer
The operation principles of PVS-Studio static code analyzerThe operation principles of PVS-Studio static code analyzer
The operation principles of PVS-Studio static code analyzer
 
C Programming Training in Ambala ! Batra Computer Centre
C Programming Training in Ambala ! Batra Computer CentreC Programming Training in Ambala ! Batra Computer Centre
C Programming Training in Ambala ! Batra Computer Centre
 
0-Slot14-15-16-Libraries.pdf
0-Slot14-15-16-Libraries.pdf0-Slot14-15-16-Libraries.pdf
0-Slot14-15-16-Libraries.pdf
 
PVS-Studio. Static code analyzer. Windows/Linux, C/C++/C#. 2017
PVS-Studio. Static code analyzer. Windows/Linux, C/C++/C#. 2017PVS-Studio. Static code analyzer. Windows/Linux, C/C++/C#. 2017
PVS-Studio. Static code analyzer. Windows/Linux, C/C++/C#. 2017
 
Week1 Electronic System-level ESL Design and SystemC Begin
Week1 Electronic System-level ESL Design and SystemC BeginWeek1 Electronic System-level ESL Design and SystemC Begin
Week1 Electronic System-level ESL Design and SystemC Begin
 

Dernier

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 

Dernier (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

Static Code Analysis and Cppcheck

  • 1.
  • 2. Static Code Analysis  Survey of Tools  Cppcheck
  • 3. Goal: Provide confidence that code is correct just by looking at it (without building or executing it).  Helps us find easy bugs buried in thousands of lines of code (not something people are great at).
  • 4. Formal Methods  Code Metrics  Reviews and Inspection
  • 5. Formal Methods: ◦ Mathematical! ◦ Require a mathematical model and assertions! ◦ Often require modeling the system as a finite state machine and verifying each state and transition.  Code Metrics  Reviews and Inspection
  • 6. Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics  Reviews and Inspection
  • 7. Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics: • Identify areas where bugs are likely. • Based on measures of code complexity rooted in graph theory (e.g. Cyclomatic complexity).  Reviews and Inspection
  • 8. Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics: Good, but doesn’t directly identify defects.  Reviews and Inspection
  • 9. Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics: Good, but doesn’t directly identify defects.  Reviews and Inspection • Just look at the code and try to find suspicious patterns. • Basically what we do when performing code reviews.
  • 10. Formal Methods: Too difficult! Static analysis is supposed to save time.  Code Metrics: Good, but doesn’t directly identify defects.  Reviews and Inspection Works pretty well!
  • 11. Static Code Analysis  Survey of Tools  Cppcheck
  • 12. Three Popular Commercial Tools: ◦ PC-Lint ◦ Klocwork Insight ◦ Coverity Prevent  One Free Software Tool: ◦ Cppcheck
  • 13. PC-Lint ◦ Commercial ◦ Works for C code ◦ Often reports many false positives. ◦ Probably the cheapest after Cppcheck (which is free)  Klocwork Insight  Coverity Prevent  Cppcheck
  • 14. PC-Lint  Klocwork Insight ◦ Commercial ◦ A spin-out of Nortel Networks ◦ Also includes project management and project visualization capabilities.  Coverity Prevent  Cppcheck
  • 15. PC-Lint  Klocworks Insight  Coverity Prevent ◦ Commercial ◦ Identified over 6000 bugs across 53 open-source projects. ◦ Developed from research at Stanford University.  Cppcheck
  • 16. PC-Lint  Klocworks Insight  Coverity Prevent  Cppcheck ◦ Open source ◦ Under active development. ◦ Has found > 400 bugs in open-source projects. ◦ Free!
  • 17. Static Code Analysis  Survey of Tools  Cppcheck
  • 18. Detects bugs in C and C++ source that compilers normally do not warn about!  Cross-platform (Windows, Linux, etc)  Fancy Qt-based GUI client! ◦ Also available in a command-line version  Usable via plugins from various IDEs (but not VS): ◦ Eclipse ◦ Code::Blocks ◦ Hudson, Jenkins
  • 19. Packages maintained for FreeBSD, Debian and Ubuntu systems (sudo apt-get install cppcheck)  Used to find bugs in many open-source projects: ◦ Linux Kernel: > 40 bugs found+fixed ◦ VLC Player: > 20 bugs found+fixed ◦ Others: 7-zip, curl, git, etc
  • 20. Bounds checking for array overruns  Memory and resource leaks  Unused private class functions  Use of deprecated functions  Wrong # of arguments given to printf or scanf  Switch cases that fall through suspiciously  Dozens of others…
  • 21.
  • 22. Possible buffer overrun Memory leak: buf Should be “delete[] buf” Resource leak: file
  • 23. Cppcheck finds many of the issues with that code (but not all)
  • 24.
  • 25. Buffer overrun Suspicious format specifier for a pointer to a C string (but not necessary a bug)
  • 26. Bounds checking for array overruns  Unused private class functions  Use of deprecated functions  Memory and resource leaks  Dozens of others…
  • 27. Preprocessor Source File Tokenizer Simplifier Results Checks Happy Developer
  • 28. void foo(char* str) { if (str == 0) printf(str); else printf("Whoa"); } Tokenizer Simplifier void foo ( char * str ) { if ( ! str ) { printf ( str ) ; } else { printf ( "Whoa" ) ; } }
  • 29. void foo(char* str) { if (str == 0) printf(str); else printf("Whoa"); } Indentation, spacing, NULL-checks and braces are normalized Tokenizer to simplify checks! Simplifier void foo ( char * str ) { if ( ! str ) { printf ( str ) ; } else { printf ( "Whoa" ) ; } }
  • 30. void foo ( char * str ) { if ( ! str ) { printf ( str ) ; } else { printf ( "Whoa" ) ; } } Results Checks  Each check iterates over the tokens, and reports if it finds a suspicious pattern!  Checks implemented as C functions or XML documents that describe the pattern to look for.  Results categorized as error, warning, style, performance, portability, or informative.
  • 31.  Cppcheck is a free tool for finding bugs in C++ source code.  It works by parsing the source code, splitting it into tokens and finding suspicious patterns in the tokens.
  • 32.  Official project page: ◦ http://cppcheck.sourceforge.net/  Official source repository: ◦ https://github.com/danmar/cppc heck