Goanna 3.5 Released

The Red Lizards team is delighted to announce the release of version 3.5 of the Goanna suite of static analysis tools across all product lines!

SonarQube Integration

A new SonarQube plugin has been developed that provides facilities to display Goanna warnings as violations inside the SonarQube dashboard. Existing customers can download the SonarQube plugin here.

Improved Visual Studio Support

The Goanna Studio for Visual Studio extension has been updated to provide increased compiler and language support. Particularly the extension now recognises Platforms and Platform Toolsets (used by Visual Studio 2010+) and uses the appropriate command line options from each. It will also handle some of the more intricate configuration options such as for loop scope, and provides appropriate errors when C++/CLI or C++/CX source files are being analysed.

C++11 / C++14 Support

Goanna 3.5 includes an upgraded parser, which can now handle all C++11 language features, as well as some C++14 language features.

Get Goanna 3.5 Today!

For existing customers, Click Here to download. For new customers, request an evaluation.

Red Lizard Software Announces Support for C++14

Nürnberg/Sydney. Red Lizard Software, the creators of advanced static analysis,
announced today the initial support of the C++14 programming language standard. Red
Lizard Software’s flagship products Goanna Studio and Goanna Central are automated
security and quality checking tools for C/C++ based on formal verification technology.
Already supporting leading industry standards such as MISRA 2012, CWE and CERT, the
new parsing and analysis support for C++14 makes Goanna one of the frontrunners in
adapting modern development  paradigms.

Red Lizard Software founder and CEO Dr Ralf Huuck said “With the enormous popularity
of C++11 it is clear that the rapid adoption of C++14 will follow. We are delighted to
start supporting leading edge software developers  with automated static security
and quality analysis.”

The initial support of C++14 will be rolled out together with new features in the upcoming
Goanna 3.5 release and demoed at the Embedded World  2015 Exhibition and Conference.

About Red Lizard Software

Red Lizard Software is the leading provider of integrated C/C++ source code analysis tools
for quality and security. Being the first company to combine the automated technologies of
static analysis and model checking Red Lizard Software’s goal is to bring higher quality
software to market faster.

Red Lizard Software’s flagship products Goanna Studio and Goanna Central detect software
bugs and security vulnerabilities automatically at software development time. Beside deep
analysis Goanna supports leading industry standards such as MISRA, CWE, GJB-5369, and

Goanna 3.4 Released

The Red Lizards team is pleased to announce the release of version 3.4 of the Goanna suite of static analysis tools across all product lines!

New Security Package

A new checks package is now included with Goanna, specifically targeted at finding security vulnerabilities in your code. This package includes checks for vulnerabilities listed in SANS Top 25, OWASP and other vulnerabilities identified by CWE. These checks track the flow of data in a program to determine what parts of your code can be influenced by user input. New checks in the security package catch vulnerabilities such as SQL injection, user controlled buffer overrun and possible user controlled code execution.

For a full list of changes click here to download the release notes.

New Project Level Utilities

Goanna 3.4 includes a new set of project level utilities that improve usability over previous versions. As part of these new tools, all Goanna information is now stored in a .goanna directory, which by default is at the root of your project. The new commands available with Goanna 3.4 are:

  • goanna-init — initialises the per-project data/configuration storage directory (.goanna by default) 
  • goanna-trace — performs a build trace that can be used to analyse a project
  • goanna-analyse — actually perform analysis of the recorded build trace
  • goanna-package — enable/disable packages and checks on a per-project basis
  • goanna-report — generate XML and HTML report files from the analysis results
  • goanna-snapshot — create a snapshot that will be displayed in the goanna dashboard
For existing customers, a new README contains information about migrating from old tools to the new project level tools.

Improved Build Recording

goanna-trace, included with Goanna 3.4, is a new utility used to capture project information by analysing your projects build process. This tool provides far better accuracy than the previous recording tools (e.g. goannamake) by capturing the whole environment in which a build is run. This enables Goanna to more accurately emulate your compiler and its environment when performing analysis. In addition to accuracy, goanna-trace is able to handle more build systems than before.

Get Goanna 3.4 Today!

For existing customers, Click Here to download. For new customers, request an evaluation.