The vulnerability is a flaw in the system’s implementation which may result in severe consequences. The existence of these flaws should be detected and managed. There are several types of research which provide different solutions to detect these flaws through static analysis of the original source codes. Static analysis process has many disadvantages, some of them are; slower than compilation and produce high false positive rate. In this project, we introduce a prediction technique using the output of one of the LLVM passes; “InstCount”. A classifier was built based on the output of this pass on 500 source codes written in C and C++ languages with 88% of accuracy. A comparison between our classifier and Clang static analyzer showed that th...
Computer program analysis refers to the automatic analysis of the behavior of a user defined program...
Code smells are poor implementation choices that developers apply while evolving source code and tha...
Software engineers will possibly never see the perfect source code in their lifetime, but they are s...
We study the applicability of pointer analysis algorithms (originally aimed at optimizing compilers)...
Static analysis of source code is one way to find bugs and problems in large software projects. Many...
Delivering fault free code is the clear goal of each devel- oper, however the best method to achieve...
Static program analysis is a technique to analyse code without executing it, and can be used to find...
Background. One of the main reasons for memory corruption vulnerabilities lies in the lack of built...
As the role of information and communication technologies gradually increases in our lives, software...
Code analysis has discovered that memory leaks are common in the C programming language. In the lite...
A large number of tools that automate the process of finding errors in pro-grams has recently emerge...
We introduce a static detector, Saber, for detecting memory leaks in C programs. Leveraging recent a...
This thesis addresses several aspects of using static code analysis tools for detection of security ...
The awareness of writing secure code rises with the increasing number of attacks and their resultant...
The article considers source code written in C/C++ programming language. The problem is the automati...
Computer program analysis refers to the automatic analysis of the behavior of a user defined program...
Code smells are poor implementation choices that developers apply while evolving source code and tha...
Software engineers will possibly never see the perfect source code in their lifetime, but they are s...
We study the applicability of pointer analysis algorithms (originally aimed at optimizing compilers)...
Static analysis of source code is one way to find bugs and problems in large software projects. Many...
Delivering fault free code is the clear goal of each devel- oper, however the best method to achieve...
Static program analysis is a technique to analyse code without executing it, and can be used to find...
Background. One of the main reasons for memory corruption vulnerabilities lies in the lack of built...
As the role of information and communication technologies gradually increases in our lives, software...
Code analysis has discovered that memory leaks are common in the C programming language. In the lite...
A large number of tools that automate the process of finding errors in pro-grams has recently emerge...
We introduce a static detector, Saber, for detecting memory leaks in C programs. Leveraging recent a...
This thesis addresses several aspects of using static code analysis tools for detection of security ...
The awareness of writing secure code rises with the increasing number of attacks and their resultant...
The article considers source code written in C/C++ programming language. The problem is the automati...
Computer program analysis refers to the automatic analysis of the behavior of a user defined program...
Code smells are poor implementation choices that developers apply while evolving source code and tha...
Software engineers will possibly never see the perfect source code in their lifetime, but they are s...