0

I am working on static analyzer for C codes, as far as I understand, frama-c used Clang for its AST tree assume that in your code, you have some system function calls such ast strcpy or strcmp

in this case, is that possible to predict (in static mode without code execution and trace memory access) what will be the variable access (Read/Write) for each passed function parameter ? for instance, both strcmp and strcpy function accept strings as their input arguments , but only strcpy function changed and modified the first parameter

or even if you know some additional software or tools that can help me to have this kind of static analyse, please let me know

Hamid
  • 31
  • 4
  • 1
    AFAIU Frama-C use a CIL based C parser (in Ocaml) for C code, not a Clang one. And you can annotate some code with [ACSL](https://en.wikipedia.org/wiki/ANSI/ISO_C_Specification_Language) for the kind of proof you want to do. BTW Frama-C is free software, so you can try it. – Basile Starynkevitch Sep 25 '17 at 16:24
  • Thanks @BasileStarynkevitch, right now, I extract most attribute for each variable used as function call from Clang AST, the main issue is that, for this type of predefined system function, how can I determine or predict variable access for each input parameter, as I mentioned : for both function _strcpy_ and _strcmp_, the type of input parameters are same, but only at _strcpy_, the first argument will be changed , so what I am looking for is to find out a way or extract this type of information from external tools, I hope I can explain well what I am intend to do – Hamid Sep 25 '17 at 16:45
  • Ask that on the Frama-C mailing list. Hopefully `strcpy` is already known by that tool. – Basile Starynkevitch Sep 25 '17 at 16:46

0 Answers0