zzInspection/Review Tools, Source/Binary Code Stat

http://www.laatuk.com/tools/review_tools.html

 

 

 

Inspection/Review Tools, Source/Binary Code Static Analyzers

 

Tool name	Platform	Tool vendor	Comments
		Java-Source.org	links to Java open source code analysis tools
		StickyMInds	links to tool vendors, check Reviews and Measurement tools
		SPIN	List static source code analysis tools for C
		Laatukonsultointi - testing tools list	Many testing tools provide metrics and can thus facilitate inspections/reviews, too
		Laatukonsultointi - metrics tools list	Some metrics tools facilitate inspections/reviews, too
Viva64	Windows/add-in for Visual Studio	Viva64	A lint-like tool for searching of errors and possible problems in C/C++ code while porting the application to the 64-bit platform
TICS Solution	Windows, Linux	TIOBE Software	Consists of 1. checking compliance to coding standards by means of code checkers 2. monitoring coding standard compliance through time by means of so called quality databases 3. improving programs with the aid of code beautifier
Project Analyzer	Windows	Aivosto	Static code analysis tool for Visual Basic, VB.NET and VBA. Code review, diagramming, document generation and generates 180 metrics.
FlexeLint for C/C++	Unix, Mac OS X, VMS	Gimpel	C/C++ source code analyzer
PC-Lint for C/C++	Windows, MS-DOS	Gimpel	C/C++ sourcpoe code analyzer
PMD		http://pmd.sourceforge.net/	Java source code analyzer
Aubjex		Aubjex	Java source analysis, dynamic analyzer, source code formatter, etc.
assent		Tata Consultancy Services	C and Java source code analyzer
AzoJavaChecker	Java 2	Aguntum	Java source code analyzer
CodePro Analytix	Windows, Linux	instantiations	Java source code analysis (700+ rules), code metrics, test generation, code coverage, dependency analyzer, etc.
crucible		cenqua	Tool to facilitate code inspection process
QS-Enterprise	Windows, Linux, Solaris	QA Systems	Quality assesment and reporting tool which integrates with 3rd party code analysis tools
QJ-Pro	Windows, Linux, SOlaris	http://qjpro.sourceforge.net/	Open source tool for Java source code analysis
CodeScanner	Symbian	Mobile Innovation	Static source code analysis tool
SourceAudit	Windows	FrontEndArt Ltd.	Evaluates compliance to coding standards of C/C++ code
JStyle		Man Machine Systems	Java code review tool based on coding guidelines, provides also OO metrics
Code Analyzer	Windows, Unix, Linux, Mac OS X	AppPerfect	Reviews Java code and enforces coding practices
CodeReviewer		SmartBear Software	”Automates” the peer code review process, supports multiple remote reviewers, automated audit trails, SCM integration, and custom reviewer checklists
Code Reports		SmartBear Software	Correlates code changes with bug fixes, feature implementations
Code Collaborator		SmartBear Software	Faclitates code inspection process
CodeSurfer	Windows, Unix, Linux	GrammaTech	C source code analyser, performs pointer analysis, draws caal graphs, dependency analysis, etc.
Understand	Windows, Unix	Scientific Toolworks	Parses Ada 83, Ada 95, FORTRAN 77, FORTRAN 90, FORTRAN 95, K&R C, ANSI C and C++, and Java source code to reverse engineer, automatically document, calculate code metrics, and help understand, navigate and maintain source code
QStudio	Windows	QA Systems	Source code analyzer to collect many metrics, to check comformance to coding standards, etc.
Coverity Prevent	Windows, Unix	Coverity	Static C/C++ source code analyzer to detect defects like, null pointer dereference, use after free, double free, deadcode caused by logical errors, uninitialized variables, memory leaks, file handle leaks, security vulnerabilities (e.g. buffer overflows, missing/insufficient validation ofmalicious data and string input, etc., etc.
Cleanscape Lint Plus for C		Cleanscape	C source code analyzer for unreachable code, unconditional branches, into loop, undeclared variables, uninitialised variables, parameter type mismatches, misuse of pointers, etc., etc.
Cleanscape FortanLint		Cleanscape	Fortan source code analyzer for inappropriate arguments passed to functions, inconsistencies in common block declarations, portability problems, like non-portable code, type usage conflicts across different subprograms/ program units, dead code, etc., etc.
QA-C, QA, QA-MISRA, QA-High-Integrity-C, QA-C++, QA-J, QA-Fortran	Windows, Unix	Programming Research	Source code quality analysis and coding standards compliance checking tools for C/C++, Java and Fortran + provides several metrics
jDEPEND	Java	Clark	JDepend (BSD license) traverses Java class file directories and generates design quality metrics for each Java package. JDepend measure the quality of a design in terms of its extensibility, reusability, and maintainability to manage package dependencies effectively.
Spin	Unix, Windows, MAc	Spin	Spin has been used to trace logical design errors in distributed systems design, such as operating systems, data communications protocols, switching systems, concurrent algorithms, railway signaling protocols, etc. The tool checks the logical consistency of a specification. It reports on deadlocks, unspecified receptions, flags incompleteness, race conditions, and unwarranted assumptions about the relative speeds of processes.
UNO	Unix, Windows	Uno	Checks from C programs use of uninitialized variable, nil-pointer references, and out-of-bounds array indexing + a broad range of user-defined properties
Hammurapi	Java	Hammurapi	Java review tool (open source) which has numerous embedded inspection rules
CCCC	Windows, Unix	CCCC	C/C++ and Java source code metrics open-source tool
K7	Unix, Linux, Windows	Klockwork	Analyses C, C++ and Java source code for many kinds of defects (memory, unsafe, NULL pointer dereference, out-of-bounds array access, etc.), security vulnerabilities, potential areas of code optimatization + produces many metrics
SmartRisk Analyzer	Windows, Unix	@stake	Scans C/C++ binaries for security vulnerabilities.
BugScan	Windows, Linux	LogicLIbrary	Scans C/C++ binaries for security vulnerabilities. Runs as a web based service.
CodeAssure (product family)	Windows, Linux, Java	Secure Software	Checks security vulnerabilities from C, C++ and Java programs
SecurityChecker	Windows	Compuware	Checks and corrects security vulnerabilities from C# and Visual Basic programs
Flawfinder	Unix (Perl)	David Wheeler	Checks security vulnerabilties
ITS4	Windows, Unix	Cigital, Inc.	Checks buffer overflow vulnerabilities from C/C++ source code
Imagix 4D	Windows, Unix, Linux	Imagix Corporation	Points out exceptions to generally agreed upon design and coding practices
		Reasoning	Reasoning provides source code inspection services
GroupReview	www/Java	Center of the Management of Information, University of Arizona (> Collaboartion > Collaboratus > GroupReview)	Web based collaboartion tool for supporting inspections.
Codestriker	CGI script (Perl)	Codestriker	Web based collaboration tool, enables virtual code reviews, manages review comments: among other things puts source code and reviews comments side by side,
ReviewPro	web browser, server: Unix/Windows	SDTC, Software Development Technologies Corp.	Enables virtual reviews/inspections, web based collaboration tool
Jtest, C++ Test	Unix, Windows	ParaSoft, Inc.	checks code’s compliance with C++ and Java coding standards (+ generates test harnesses, test cases and stubs automatically, etc.)
CodeAdvisor (part of Softbench	Unix