English
Related papers

Related papers: Static Code Analysis with CodeChecker

200 papers

Static analysis is a method of analyzing source code without executing it. It is widely used to find bugs and code smells in industrial software. Besides other methods, the most important techniques are those based on the abstract syntax…

Software Engineering · Computer Science 2024-08-13 Gabor Horvath , Reka Kovacs , Richard Szalay , Zoltan Porkolab

Static analysis is a growing application of software engineering, leading to a range of essential security tools, bug-finding tools, as well as software verification. Recent years show an increase of universal static analysis tools that…

Programming Languages · Computer Science 2024-04-22 Avi Hayoun , Veselin Raychev , Jack Hair

It is quite common for security testing to be delayed until after the software has been developed, but vulnerabilities may get noticed throughout the implementation phase and the earlier they are discovered, the easier and cheaper it will…

Software Engineering · Computer Science 2018-05-25 Rahma Mahmood , Qusay H. Mahmoud

Static analysis is the process of analyzing software code without executing the software. It can help find bugs and potential problems in software that may only appear at runtime. Although many static analysis tools have been developed for…

Software Engineering · Computer Science 2023-04-11 Pengzhan Zhao , Xiongfei Wu , Zhuo Li , Jianjun Zhao

Static analysis remains one of the most popular approaches for detecting and correcting poor or vulnerable program code. It involves the examination of code listings, test results, or other documentation to identify errors, violations of…

Artificial Intelligence · Computer Science 2021-08-27 Fitzroy D. Nembhard , Marco M. Carvalho

Static analysis is the analysis of a program without executing it, usually carried out by an automated tool. Symbolic execution is a popular static analysis technique used both in program verification and in bug detection software. It works…

Software Engineering · Computer Science 2024-08-06 Gabor Horvath , Reka Kovacs , Zoltan Porkolab

Static analyzers are tool sets which are proving to be indispensable to modern programmers. These enable the programmers to detect possible errors and security defects present in the current code base within the implementation phase of the…

Software Engineering · Computer Science 2019-05-14 Eljose E Sajan , Yunpeng Zhang , Liang-Chieh Cheng

This paper proposes an approach for a tool-agnostic and heterogeneous static code analysis toolchain in combination with an exchange format. This approach enhances both traceability and comparability of analysis results. State of the art…

Software Engineering · Computer Science 2024-03-12 Matthias Kern , Ferhat Erata , Markus Iser , Carsten Sinz , Frederic Loiret , Stefan Otten , Eric Sax

Static analysis is an essential component of many modern software development tools. Unfortunately, the ever-increasing complexity of static analyzers makes their coding error-prone. Even analysis tools based on rigorous mathematical…

Software Engineering · Computer Science 2025-05-08 Daniela Ferreiro , Ignacio Casso , Jose F. Morales , Pedro López-García , Manuel V. Hermenegildo

Static analysis tools come in many forms andconfigurations, allowing them to handle various tasks in a (secure) development process: code style linting, bug/vulnerability detection, verification, etc., and adapt to the specific requirements…

Static source code analysis is a powerful tool for finding and fixing bugs when deployed properly; it is, however, all too easy to deploy it in a way that looks good superficially, but which misses important defects, shows many false…

Software Engineering · Computer Science 2022-02-25 Flash Sheridan

In our times, when the world is increasingly becoming more dependent on software programs, writing bug-free, correct programs is crucial. Program verification based on formal methods can guarantee this by detecting run-time errors in…

Programming Languages · Computer Science 2024-03-21 Rajendra Kumar Solanki

Static code analysis is a powerful approach to detect quality deficiencies such as performance bottlenecks, safety violations or security vulnerabilities already during a software system's implementation. Yet, as current software systems…

Software Engineering · Computer Science 2017-10-23 Eric Bodden

Pointers are a powerful, but dangerous feature provided by the C and C++ programming languages, and incorrect use of pointers is a common source of bugs and security vulnerabilities. Making secure software is crucial, as vulnerabilities…

Formal Languages and Automata Theory · Computer Science 2024-11-01 Vlad-Alexandru Teodorescu , Dorel Lucanu

Detecting performance issues due to suboptimal code during the development process can be a daunting task, especially when it comes to localizing them after noticing performance degradation after deployment. Static analysis has the…

Software Engineering · Computer Science 2021-05-06 Aaron Beigelbeck , Maurício Aniche , Jürgen Cito

Static security analysis is a widely used technique for detecting software vulnerabilities across a wide range of weaknesses, application domains, and programming languages. While prior work surveyed static analyzes for specific weaknesses…

Cryptography and Security · Computer Science 2026-02-23 Kevin Hermann , Sven Peldszus , Thorsten Berger

Static analysis tools provide a powerful means to detect security vulnerabilities by specifying queries that encode vulnerable code patterns. However, writing such queries is challenging and requires diverse expertise in security and…

Cryptography and Security · Computer Science 2026-03-26 Claire Wang , Ziyang Li , Saikat Dutta , Mayur Naik

Just like other software, spreadsheets can contain significant faults. Static analysis is an accepted and well-established technique in software engineering known for its capability to discover faults. In recent years, a growing number of…

Software Engineering · Computer Science 2014-01-30 Daniel Kulesz , Jan-Peter Ostberg

Identifying vulnerabilities in source code is crucial, especially in critical software components. Existing methods such as static analysis, dynamic analysis, formal verification, and recently Large Language Models are widely used to detect…

Static code analysis tools are designed to aid software developers to build better quality software in less time, by detecting defects early in the software development life cycle. Even the most experienced developer regularly introduces…

Distributed, Parallel, and Cluster Computing · Computer Science 2021-02-05 Manuel Arenaz , Xavier Martorell
‹ Prev 1 2 3 10 Next ›