Any good static analysis tools out there?

Discussion in 'C++' started by Derek, Mar 3, 2005.

  1. Derek

    Derek Guest

    This isn't exactly a language question, but I'm curious if any
    of the veteran programmers out there could recommend a static
    analysis tool for C++. Specifically, I'm looking for something
    that can flag unreachable code, possible security errors like
    buffer overflows, and identify unused entities. It would also
    be great if said tool could identify any headers included un-
    necessarily, and perhaps compute some basic metrics. Are there
    any tools like this out there for C++? I'm mostly interested
    in something that runs on Win32 and Solaris, but I'll entertain
    other platforms as well.
     
    Derek, Mar 3, 2005
    #1
    1. Advertising

  2. Derek

    grahamo Guest

    Hi Derek,

    purecoverage and purify from IBM (formerly Rational before "Big Blue"
    bought 'em) are probably what you want. I also know of a tool from a
    company called "Headway software" that does C++ analysis of your
    code, check them out at www.headwaysoftware.com

    I have a few "hardened" C++ colleagues that have used the headway
    analysis tool and spoke very highly of it. headway tout;

    "Rapid Reverse Engineering and Static Analysis of your "as-is" design
    for Java, C, C++ or Ada Software"


    Either one of those two should provide you with the functionality you
    need.

    Cheers

    Graham

    Derek <> wrote in message news:<>...
    > This isn't exactly a language question, but I'm curious if any
    > of the veteran programmers out there could recommend a static
    > analysis tool for C++. Specifically, I'm looking for something
    > that can flag unreachable code, possible security errors like
    > buffer overflows, and identify unused entities. It would also
    > be great if said tool could identify any headers included un-
    > necessarily, and perhaps compute some basic metrics. Are there
    > any tools like this out there for C++? I'm mostly interested
    > in something that runs on Win32 and Solaris, but I'll entertain
    > other platforms as well.
     
    grahamo, Mar 4, 2005
    #2
    1. Advertising

  3. Derek

    Ron Natalie Guest

    grahamo wrote:
    > Hi Derek,
    >
    > purecoverage and purify from IBM (formerly Rational before "Big Blue"
    > bought 'em) are probably what you want


    Not if you want static analysis (which is what he asked for). Purify
    is about as far from static as you can get. It bashes your code (in
    the windows case) at runtime. It provides absolutely ZERO static
    analysis. "lint" is an example of a very old static analyser.

    Some of the competing products do some static analysis in addition
    to runtime work. However, almost everyone I've found (at least on
    windows) have significant problems.
     
    Ron Natalie, Mar 4, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Don

    Static Code Analysis Tools

    Don, Jul 25, 2003, in forum: C Programming
    Replies:
    1
    Views:
    397
    Eric Sosman
    Jul 25, 2003
  2. Richard
    Replies:
    10
    Views:
    702
    Francesco
    Sep 6, 2009
  3. ssubbarayan
    Replies:
    5
    Views:
    2,420
    Dave Hansen
    Nov 3, 2009
  4. Brian Jiang
    Replies:
    11
    Views:
    2,195
    Jorgen Grahn
    Dec 30, 2010
  5. Eric Danstron

    Are there ANY good forums out there anymore???

    Eric Danstron, Sep 21, 2005, in forum: ASP General
    Replies:
    1
    Views:
    165
    Immediacy
    Sep 22, 2005
Loading...

Share This Page