Flawfinder
http://sourceforge.net/projects/flawfinder/
Flawfinder is a program that examines C source code and reports possible security weaknesses
(``flaws'') sorted by risk level. It's very useful for quickly finding and removing some security
problems before a program is widely released.
Flawfinder works on Unix-like systems today (it's been tested on GNU/Linux), and it should be easy to
port to Windows systems. It requires Python 1.5 or greater to run (Python 1.3 or earlier won't work).
CppCheck
http://cppcheck.sourceforge.net/
http://sourceforge.net/apps/mediawiki/cppcheck/index.php?title=Main_Page
Static analysis of C/C++ code. Checks for: memory leaks, mismatching allocation-deallocation, buffer
overrun, and many more. The goal is 0% false positives. See the wiki for more information.
规则:
http://sourceforge.net/apps/mediawiki/cppcheck/index.php?title=ListOfChecks
包括:变量使用、边界检查、类检查、内存泄漏检查等
支持命令行
Jenkins插件:
https://wiki.jenkins-ci.org/display/JENKINS/Cppcheck+Plugin
有Eclipse、Visual Studio的插件
Splint
Splint - Secure Programming Lint
Splint is a tool for statically checking C programs for security vulnerabilities and coding mistakes.
With minimal effort, Splint can be used as a better lint. If additional effort is invested adding
annotations to programs, Splint can perform stronger checking than can be done by any standard lint.
http://www.splint.org
Windows版本下载:
https://github.com/maoserr/splint_win32/downloads
注意添加几个环境变量:
LARCH_PATH - path to search for splint libraries and initializations files. Typically, this should
be: .;<directory where you installed splint>\lib
LCLIMPORTDIR - directory containing lcl imports files. Typically, this should be: <directory where
you installed splint>\imports
include - the pathname used to find system include files (e.g., stdio.h should be found on this
path). If you have installed a compiler, it probably sets this already
Set up your command PATH to include the directory containing splint.exe, or move the binary to a
directory on your command path.
不支持C++?!
RATS
RATS被Fortify收购了,Fortify被HP收购
支持C, C++, Perl, PHP 和Python
RATS is a tool for scanning C, C++, Perl, PHP and Python source code and flagging common security
related programming errors such as buffer overflows and TOCTOU (Time Of Check, Time Of Use) race
conditions.
As its name implies, the tool performs only a rough analysis of source code. It will not find every
error and will also find things that are not errors. Manual inspection of your code is still
necessary, but greatly aided with this tool.
需要额外安装eXpat:http://expat.sourceforge.net/
并且把rats和expat加入PATH环境变量
查看使用方法帮助:
rats -help
ITS4
http://www.cigital.com/its4/
Cigital developed ITS4 to help automate source code review for security. ITS4 is a simple tool that
statically scans C and C++ source code for potential security vulnerabilities. It is a command-line
tool that works across Unix and Windows platforms.
ITS4 scans source code, looking for function calls that are potentially dangerous. For some calls,
ITS4 tries to perform some code analysis to determine how risky the call is. In each case, ITS4
provides a problem report, including a short description of the potential problem and suggestions on
how to fix the code.
需要固定在C:\its4\目录工作
好像一次只能扫描一个文件?!
cigital公司似乎不怎么维护它了
3万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
