Stack Overflow
Stack Overflow

Questions tagged [code-analysis]

Code Analysis is the process of analyzing the code of the application to discover, review, validate or verify certain properties of the application. This is useful during the process of development and for testing the application before it is put in production mode, especially for checking the security related aspects.

Code Analysis is the process of analyzing the code of the application to discover, review, validate or verify certain properties of the application. This is useful during the process of development and for testing the application before it is put in production mode, especially for checking the security related aspects. Code analysis can be classified from several perspectives, including:

1. What can be analyzed: source code or binary code (byte code) of the application can be analyzed. Both of these categories have their pros and cons.

2. How or When should code be analyzed: Code can be analyzed statically (without executing it) or dynamically (while the application is executed). Static analysis, being conservative, is prone to false positive, but it is exhaustive. On the other hand, dynamic analysis, being very accurate, may miss certain behaviors which are not manifested in any of the execution monitored (because dynamic analysis only analyzes code that is executed - i.e. when certain conditions are met)

3. Purpose of the analysis: Flaws can be found, like NULL pointer dereferencing or passing an ASCII string instead of a Unicode string. Furthermore, aspects of the code can be found, like building various graphs of dependencies or deducing the conditions under which recursion will occur.

1882 questions
30
votes
4 answers

The "Why" behind PMD's rules

Is there a good resource which describes the "why" behind PMD rule sets? PMD's site has the "what" - what each rule does - but it doesn't describe why PMD has that rule and why ignoring that rule can get you in trouble in the real world. In…
James Kingsbery
  • 7,298
  • 2
  • 38
  • 67
29
votes
4 answers

How to disable warnings in only one project?

I have a legacy project in my solution without comments and many warnings. I want to not see warnings about this specific project but I want to see warnings of the other projects in the same solution. Is it possible? edit: I mean "all warnings" of…
Vitor Canova
  • 3,918
  • 5
  • 31
  • 55
29
votes
5 answers

SVN analysis tool

I have been searching all over the net to find something remotely usable. I tried all kinds of HTML based tools for analyzing an SVN repository (commits by users, reports etc) but none of them are user friendly. I am interested in a desktop client…
Savvas Dalkitsis
  • 11,476
  • 16
  • 65
  • 104
29
votes
1 answer

Identifying dependencies of R functions and scripts

I am sifting through a package and scripts that utilize the package, and would like to identify external dependencies. The goal is to modify scripts to specify library(pkgName) and to modify functions in the package to use require(pkgName), so that…
Iterator
  • 20,250
  • 12
  • 75
  • 111
27
votes
5 answers

How to detect code change frequency?

I am working on a program written by several folks with largely varying skill level. There are files in there that have never changed (and probably never will, as we're afraid to touch them) and others that are changing constantly. I wonder, are…
James Raitsev
  • 92,517
  • 154
  • 335
  • 470
27
votes
7 answers

Viewing Code Coverage Results outside of Visual studio

I've got some unit tests, and got some code coverage data. Now, I'd like to be able to view that code coverage data outside of visual studio, say in a web browser. But, when I export the code coverage to an xml file, I can't do anything with it. Are…
Wonchance
26
votes
4 answers

Spaghetti code visualisation software?

a smoking pile of spaghetti just landed on my desk, and my task is to understand it (so I can refactor / reimplement it). The code is C, and a mess of global variables, structure types and function calls. I would like to plot graphs of the code with…
The Apa
  • 863
  • 1
  • 9
  • 6
26
votes
3 answers

How do I generate Emma code coverage reports using Ant?

How do I setup an Ant task to generate Emma code coverage reports?
Rob Spieldenner
  • 1,697
  • 1
  • 16
  • 26
26
votes
9 answers

Solution for CA2227 or better approach?

I'm only using Code Analysis for cleaning, organizing and ensuring these changes are globally performed for all instances of a particular warning. I'm down to the final, and it's CA2227. CA2227 Collection properties should be read only Change…
David Carrigan
  • 751
  • 1
  • 8
  • 21
26
votes
7 answers

Source code annotation tool

I'm looking for a tool with which I can annotate source code. I have some 3rd party source code (JavaScript) I need to understand and I don't want to change it (add inline comments) so that line numbers can stay intact (for communication with…
RoToRa
  • 37,635
  • 12
  • 69
  • 105
26
votes
4 answers

Do tools exist which automatically find copy-and-paste code?

Are there tools out there which could automatically find copy-and-paste code among a set of files? I was thinking of writing a script for this, which would just search for equal strings, but such script would find mostly irrelevant equalities. (Such…
java.is.for.desktop
  • 10,748
  • 12
  • 69
  • 103
26
votes
4 answers

How to find (and replace) all old C-style data type casts in my C++ source code?

How can I locate all old C-style cast in my source? I'm using Visual Studio, may be there is some compiler warning that I have to enable?
ju.
  • 483
  • 1
  • 5
  • 7
25
votes
2 answers

Nested using statements and Microsoft code Analyses

Recently I switched on additional code analyses rules. To my surprise I saw a violation in a place I was always considering as the best practice. If I have two nested disposables I am putting two using statements like this: using (StringReader…
George Mamaladze
  • 7,593
  • 2
  • 36
  • 52
25
votes
3 answers

How can I disable live code analysis in Visual Studio 2017?

Where can I disable live code analysis in Visual Studio 2017? This pops up every time I start my solution. I do not need this: I've followed this support document from Microsoft but unchecking "Enable full solution analysis" seems to have no effect…
colidyre
  • 4,170
  • 12
  • 37
  • 53
25
votes
4 answers

What is Dynamic Code Analysis?

What is Dynamic Code Analysis? How is it different from Static Code Analysis (ie, what can it catch that can't be caught in static)? I've heard of bounds checking and memory analysis - what are these? What other things are checked using dynamic…
Adam Davis
  • 91,931
  • 60
  • 264
  • 330
1 2 3
99 100