Goanna Studio and Goanna Central 2.4
In the latest round of development we aimed for the most rock solid and sane implementation of C/C++ static analysis that we could. We did this by working on three fronts: consistency, speed and features.
As usual, all current users get the upgrade for free. If you were a trial user in the past and need a trial extension visit: http://redlizards.com/trial-extension.
Whats new in 2.4?
- We revamped the integer arithmetic interval analysis engine with a new algorithm which affords us increased speed and precision. So much speed that we have also added the ability to track pointer arithmetic as mentioned in the previous blog post.
- Our interval analysis engine can handle new operations: Casts, Logical operators and shift operators.
- We have enabled floating licenses in our Studio and Central products; please contact us if you are interested.
Goanna Central improvements:
- The argument –parse-error=0 is now a default, this will cause Goanna to exit with an exit code of 0 when a parse error is encountered. We have also revamped the way parse errors are handled.
- The interprocedural analysis in the Goanna Central command line is now even simpler to use and manage by conveniently specifying a user-defined folder with the argument –ipa=<project name>. All new database files are then stored in ~/.goanna_project_store/<project name>.
Goanna Studio improvements:
- In Eclipse there is now an option to not run the tool chain compiler during analysis.
- In Eclipse there is a new menu item to jump to the currently selected projects Goanna Studio Properties page.
Renamed checks for consistency:
- ATH-div-0-aft-assign -> ATH-div-0-assign
- ATH-div-0-aft-cmp -> ATH-div-0-cmp-aft
- ATH-div-0-bef-cmp -> ATH-div-0-cmp-bef
- ATH-div-0-param-unchk -> ATH-div-0-unchk-param
- PTR-param-unchk -> PTR-unchk-param
- PTR-param-unchk-some -> PTR-unchk-param-some
- RED-const-assign-cond -> RED-cond-const-assign
- RED-const-expr-cond -> RED-cond-const-expr
- SPC-ret-stack -> MEM-stack
- builtin_ctor_dtor_leak -> COP-ctor-dtor-leak
- ARR-inv-index-ptr – A pointer is assigned to an array, static or dynamic, and it is accessed with an index that is out of the array’s bounds.
- ARR-inv-index-ptr-pos – A pointer is assigned to an array, static or dynamic, and it is accessed with an index that may be out of the array’s bounds.
- ATH-overflow-cast – An expression is cast to a different type, resulting in an overflow or underflow of its value.
- ATH-shift-neg – The left-hand side of a right shift operation may be a negative value.
- COP-dtor-throw – An exception is thrown, or may be thrown, in a class’ destructor.
- CPU-delete-throw – An exception is thrown, or may be thrown, in an overloaded delete or delete operator.
- FPT-arith-address – Performing pointer arithmetic on the address of a function.
- FPT-literal – Dereferencing a function pointer that refers to a literal address.
- FPT-misuse – A function pointer is used in an invalid context.
- ITR-end-cmp-aft – An iterator is used, then compared with end().
- ITR-invalidated – An iterator is assigned to point into a container, but subsequent modifications to that container have possibly invalidated the iterator. The iterator is then used or dereferenced, which may be undefined behavior.
- ITR-mismatch-alg – A pair of iterators passed to an STL algorithm function point to different containers.
- ITR-store – A container’s begin() or end() iterator is stored and subsequently used.
- MEM-malloc-diff-type – A call to malloc tries to allocate memory based on a sizeof operator, but the target type of the call is of a different type.
- MEM-stack-ref – A stack object is returned from a function as a reference.
- PTR-arith-field – Direct access to a field of a struct using an offset from the address of the struct.
- PTR-arith-var – Invalid pointer arithmetic with an automatic variable that is neither an array nor a pointer.
- RED-cond-var-always – The value of the variable used as a condition will always evaluate to non-zero or true. This means the condition will always be met.
- RED-cond-var-never – The value of the variable used as a condition will always evaluate to zero or false. This means the condition will never be met.