Static source code analysis

Static source code analysis refers to the automated testing of a program’s source code with the purpose of finding errors at compile time.

Errors detected by static code analysis have different priority levels, based on the risk they provide to the software.

Knowing the errors is a good starting point for writing safer code, as you will think about these errors when writing the software.

Below, I’ll give a few information about the most important ones.

Priority 1

Null pointer dereference

Dereferencing means reading from or writing to the memory value at a given memory address.

When you have a pointer to an object, to dereference a pointer means to read or write the data that the pointer is pointing to.

A null pointer dereference is an error that occurs when a program attempts to read or write to a memory from a null pointer.

Division by zero

As simple as it seems, we should be careful and check for the denominator before doing division.

Double free / delete

Double free occurs when we attempt to de-allocate the same memory address twice.

Buffer overflow

A buffer is a sequential section of memory. In a buffer overflow, we provide to a fixed-length buffer more data than it can accommodate.

The extra data overflows into an adjacent memory space, overwriting or corrupting the data that already exists there.

Null test after dereference

This error occurs when the code analyzer finds a dereference and a null check for the pointer, but not in the expected order.

Priority 2

Uninitialized variable

An uninitialized variable is a variable that is declared but we do not set its value before using it.

In such cases, the variable will contain garbage data.

Unreachable code

Unreachable call is the part of the source code which can never be executed (dead code).

This could happen because there’s no way the compiler could reach that part of the code, either due to an early return, or wrongly put conditional statements.

Type mismatch

A type mismatch occurs when data types are not matching.

Double mutex lock/unlock

Double lock error occurs when we attempt to lock/unlock the same mutex twice, which leads to undefined behavior.

Priority 3

Ignored return value

This error occurs when we do not check the return value of a function that return something other than void.

The solution here is to check the return value before using the data.

Useless assignment / unused value

Useless assignment is an error where we assign a value to a variable that is not used further in its scope.

You may also like...