By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
449,005 Members | 1,154 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 449,005 IT Pros & Developers. It's quick & easy.

Any good static analysis tools out there?

P: n/a
This isn't exactly a language question, but I'm curious if any
of the veteran programmers out there could recommend a static
analysis tool for C++. Specifically, I'm looking for something
that can flag unreachable code, possible security errors like
buffer overflows, and identify unused entities. It would also
be great if said tool could identify any headers included un-
necessarily, and perhaps compute some basic metrics. Are there
any tools like this out there for C++? I'm mostly interested
in something that runs on Win32 and Solaris, but I'll entertain
other platforms as well.
Jul 23 '05 #1
Share this Question
Share on Google+
2 Replies


P: n/a
Hi Derek,

purecoverage and purify from IBM (formerly Rational before "Big Blue"
bought 'em) are probably what you want. I also know of a tool from a
company called "Headway software" that does C++ analysis of your
code, check them out at www.headwaysoftware.com

I have a few "hardened" C++ colleagues that have used the headway
analysis tool and spoke very highly of it. headway tout;

"Rapid Reverse Engineering and Static Analysis of your "as-is" design
for Java, C, C++ or Ada Software"
Either one of those two should provide you with the functionality you
need.

Cheers

Graham

Derek <us**@nospam.org> wrote in message news:<38*************@individual.net>...
This isn't exactly a language question, but I'm curious if any
of the veteran programmers out there could recommend a static
analysis tool for C++. Specifically, I'm looking for something
that can flag unreachable code, possible security errors like
buffer overflows, and identify unused entities. It would also
be great if said tool could identify any headers included un-
necessarily, and perhaps compute some basic metrics. Are there
any tools like this out there for C++? I'm mostly interested
in something that runs on Win32 and Solaris, but I'll entertain
other platforms as well.

Jul 23 '05 #2

P: n/a
grahamo wrote:
Hi Derek,

purecoverage and purify from IBM (formerly Rational before "Big Blue"
bought 'em) are probably what you want


Not if you want static analysis (which is what he asked for). Purify
is about as far from static as you can get. It bashes your code (in
the windows case) at runtime. It provides absolutely ZERO static
analysis. "lint" is an example of a very old static analyser.

Some of the competing products do some static analysis in addition
to runtime work. However, almost everyone I've found (at least on
windows) have significant problems.
Jul 23 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.