`
alanwu
  • 浏览: 200488 次
  • 性别: Icon_minigender_1
  • 来自: 上海
社区版块
存档分类
最新评论

zzInspection/Review Tools, Source/Binary Code Stat

阅读更多

http://www.laatuk.com/tools/review_tools.html

 

 

 

Inspection/Review Tools, Source/Binary Code Static Analyzers

 

Tool name

Platform

Tool vendor

Comments

 

 

Java-Source.org

links to Java open source code analysis tools

 

 

StickyMInds

links to tool vendors, check Reviews and Measurement tools

 

 

SPIN

List static source code analysis tools for C

 

 

Laatukonsultointi - testing tools list

Many testing tools provide metrics and can thus facilitate inspections/reviews, too

 

 

Laatukonsultointi - metrics tools list

Some metrics tools facilitate inspections/reviews, too

Viva64

Windows/add-in for Visual Studio

Viva64

A lint-like tool for searching of errors and possible problems in C/C++ code while porting the application to the 64-bit platform

TICS Solution

Windows, Linux

TIOBE Software

Consists of 1. checking compliance to coding standards by means of code checkers 2. monitoring coding standard compliance through time by means of so called quality databases 3. improving programs with the aid of code beautifier

Project Analyzer

Windows

Aivosto

Static code analysis tool for Visual Basic, VB.NET and VBA. Code review, diagramming, document generation and generates 180 metrics.

FlexeLint for C/C++

Unix, Mac OS X, VMS

Gimpel

C/C++ source code analyzer

PC-Lint for C/C++

Windows, MS-DOS

Gimpel

C/C++ sourcpoe code analyzer

PMD

 

http://pmd.sourceforge.net/

Java source code analyzer

Aubjex

 

Aubjex

Java source analysis, dynamic analyzer, source code formatter, etc.

assent

 

Tata Consultancy Services

C and Java source code analyzer

AzoJavaChecker

Java 2

Aguntum

Java source code analyzer

CodePro Analytix

Windows, Linux

instantiations

Java source code analysis (700+ rules), code metrics, test generation, code coverage, dependency analyzer, etc.

crucible

 

cenqua

Tool to facilitate code inspection process

QS-Enterprise

Windows, Linux, Solaris

QA Systems

Quality assesment and reporting tool which integrates with 3rd party code analysis tools

QJ-Pro

Windows, Linux, SOlaris

http://qjpro.sourceforge.net/

Open source tool for Java source code analysis

CodeScanner

Symbian

Mobile Innovation

Static source code analysis tool

SourceAudit

Windows

FrontEndArt Ltd.

Evaluates compliance to coding standards of C/C++ code

JStyle

 

Man Machine Systems

Java code review tool based on coding guidelines, provides also OO metrics

Code Analyzer

Windows, Unix, Linux, Mac OS X

AppPerfect

Reviews Java code and enforces coding practices

CodeReviewer

 

SmartBear Software

”Automates” the peer code review process, supports multiple remote reviewers, automated audit trails, SCM integration, and custom reviewer checklists

Code Reports

 

SmartBear Software

Correlates code changes with bug fixes, feature implementations

Code Collaborator

 

SmartBear Software

Faclitates code inspection process

CodeSurfer

Windows, Unix, Linux

GrammaTech

C source code analyser, performs pointer analysis, draws caal graphs, dependency analysis, etc.

Understand

Windows, Unix

Scientific Toolworks

Parses Ada 83, Ada 95, FORTRAN 77, FORTRAN 90, FORTRAN 95, K&R C, ANSI C and C++, and Java source code to reverse engineer, automatically document, calculate code metrics, and help understand, navigate and maintain source code

QStudio

Windows

QA Systems

Source code analyzer to collect many metrics, to check comformance to coding standards, etc.

Coverity Prevent

Windows, Unix

Coverity

Static C/C++ source code analyzer to detect defects like, null pointer dereference, use after free, double free, deadcode caused by logical errors, uninitialized variables, memory leaks, file handle leaks, security vulnerabilities (e.g. buffer overflows, missing/insufficient validation ofmalicious data and string input, etc., etc.

Cleanscape Lint Plus for C

 

Cleanscape

C source code analyzer for unreachable code, unconditional branches, into loop, undeclared variables, uninitialised variables, parameter type mismatches, misuse of pointers, etc., etc.

Cleanscape FortanLint

 

Cleanscape

Fortan source code analyzer for inappropriate arguments passed to functions, inconsistencies in common block declarations, portability problems, like non-portable code, type usage conflicts across different subprograms/ program units, dead code, etc., etc.

QA-C, QA, QA-MISRA, QA-High-Integrity-C, QA-C++, QA-J, QA-Fortran

Windows, Unix

Programming Research

Source code quality analysis and coding standards compliance checking tools for C/C++, Java and Fortran + provides several metrics

jDEPEND

Java

Clark

JDepend (BSD license) traverses Java class file directories and generates design quality metrics for each Java package. JDepend measure the quality of a design in terms of its extensibility, reusability, and maintainability to manage package dependencies effectively.

Spin

Unix, Windows, MAc

Spin

Spin has been used to trace logical design errors in distributed systems design, such as operating systems, data communications protocols, switching systems, concurrent algorithms, railway signaling protocols, etc. The tool checks the logical consistency of a specification. It reports on deadlocks, unspecified receptions, flags incompleteness, race conditions, and unwarranted assumptions about the relative speeds of processes.

UNO

Unix, Windows

Uno

Checks from C programs use of uninitialized variable, nil-pointer references, and out-of-bounds array indexing + a broad range of user-defined properties

Hammurapi

Java

Hammurapi

Java review tool (open source) which has numerous embedded inspection rules

CCCC

Windows, Unix

CCCC

C/C++ and Java source code metrics open-source tool

K7

Unix, Linux, Windows

Klockwork

Analyses C, C++ and Java source code for many kinds of defects (memory, unsafe, NULL pointer dereference, out-of-bounds array access, etc.), security vulnerabilities, potential areas of code optimatization + produces many metrics

SmartRisk Analyzer

Windows, Unix

@stake

Scans C/C++ binaries for security vulnerabilities.

BugScan

Windows, Linux

LogicLIbrary

Scans C/C++ binaries for security vulnerabilities. Runs as a web based service.

CodeAssure (product family)

Windows, Linux, Java

Secure Software

Checks security vulnerabilities from C, C++ and Java programs

SecurityChecker

Windows

Compuware

Checks and corrects security vulnerabilities from C# and Visual Basic programs

Flawfinder

Unix (Perl)

David Wheeler

Checks security vulnerabilties

ITS4

Windows, Unix

Cigital, Inc.

Checks buffer overflow vulnerabilities from C/C++ source code

Imagix 4D

Windows, Unix, Linux

Imagix Corporation

Points out exceptions to generally agreed upon design and coding practices

 

 

Reasoning

Reasoning provides source code inspection services

GroupReview

www/Java

Center of the Management of Information, University of Arizona

(> Collaboartion > Collaboratus > GroupReview)

Web based collaboartion tool for supporting inspections.

Codestriker

CGI script (Perl)

Codestriker

Web based collaboration tool, enables virtual code reviews, manages review comments: among other things puts source code and reviews comments side by side,

ReviewPro

web browser, server: Unix/Windows

SDTC, Software Development Technologies Corp.

Enables virtual reviews/inspections, web based collaboration tool

Jtest, C++ Test

Unix, Windows

ParaSoft, Inc.

checks code’s compliance with C++ and Java coding standards (+ generates test harnesses, test cases and stubs automatically, etc.)

CodeAdvisor (part of Softbench

Unix

分享到:
评论

相关推荐

Global site tag (gtag.js) - Google Analytics