[WEBINAR] Application Acceleration: Faster Performance for End Users

Source Code Analysis

Definition - What does Source Code Analysis mean?

Source code analysis is the automated testing of a program’s source code with the purpose of finding faults and fixing them before the application is sold or distributed.

Source code analysis is synonymous to static code analysis, where the source code is analyzed simply as code and the program is not running. This removes the need for creating and using test cases, and may separate itself from feature-specific bugs like buttons being a different color than what the specifications say. It concentrates on finding faults in the program that may be detrimental to its proper function like crash-causing lines of code.

Techopedia explains Source Code Analysis

Source code analysis is basically automated code debugging. The aim is to find bugs and faults that may not be obvious to a programmer. It is meant to find faults like possible buffer overflows or untidy use of pointers and misuse of garbage collection functions, all of which may be exploitable by a hacker.

Code analyzers work using rules that tell it what to look for. With too little precision, an analyzer might spew out too many false positives and flood the user with useless warnings, while too much precision might take too long to finish; therefore, has to be a balance.

There are two kinds of analyzers:

  • Interprocedural - Detects patterns from one function to the next, and these patterns are correlated so that the analyzer can create a model and simulate execution paths.

  • Intraprocedural - Focuses on pattern matching and depends on what kinds of patterns the user is looking for.

Interprocedural analyzers are more modern and more complex. Good examples of this are Coverity, Fortify and Microsoft’s own centralized tool PREfix.

Techopedia Deals

Connect with us

Techopedia on Linkedin
Techopedia on Linkedin
"Techopedia" on Twitter

Sign up for Techopedia's Free Newsletter!

Email Newsletter

Join thousands of others with our weekly newsletter

Free Whitepaper: The Path to Hybrid Cloud
Free Whitepaper: The Path to Hybrid Cloud:
The Path to Hybrid Cloud: Intelligent Bursting To Amazon Web Services & Microsoft Azure
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.