[cfe-dev] Buffer bounds checking for C in static analysis

Chris Hacking chacking at cs.washington.edu
Mon Jan 18 23:57:28 CST 2010


Hi all,

I'm a student (part of a group of 3) looking for a project involving
software engineering tools, preferably static analysis. I do a lot of work
in C and have long felt that a static analysis tool for bounds checking on
memory buffers (arrays/strings) would be very helpful. I saw that this was a
requested feature for the Clang analysis tool, but there's very little info
and it's apparently not fully developed yet. Therefore I have two questions:

What is the state of bounds checking for C in the Clang analyzer, in terms
of how far it has gotten and how much work is progressing on it?

Is there another static analysis area that the Clang static analyzer needs
implemented that would be a reasonable project for a few CS grad students?

Thanks,
Chris Hacking

There's no place I can be,
Since I found Serenity.
But you can't take the sky from me.




More information about the cfe-dev mailing list