Static analysis usage for customizable checks of programming languages semantic constraints

We describe the usage of programming language constraints to achieve program security and portability, which are especially important for large projects. The existing collections of such constraints (like MISRA C++, JSF, or HICPP) contain only descriptive natural language rule definitions, which could be possibly ambiguous or incomplete.

We propose the formal model for constraints definition, which allows specifying stylistic, syntax and contextual rules. We also give the constraints classification, which splits all constraints into 4 disjoint groups determining the constraint complexity and optimal checking order. To solve the problem of automatic rules checking, we have developed the analyzer based on the C/C++ Clang compiler maintained as a part of the LLVM project. We also describe some specific details of analyzer implementation: basic components overview, the set of specially developed and well-known static analysis algorithms used for constraint violation discovering, rule ordering approach, permanent external storage (SQLite database) usage for intermodule analysis and work with error messages (sorting, history). We also provide analyzer integration with popular build systems so that the source files used in the build process are analyzed automatically.

The implemented system is able to check approximately 50 different C and C++ constraints and requires only 20% more time than the regular optimized build.

static analysis, coding standards, security vulnerability, Clang, LLVM

1. «Guidelines for the use of the C language in critical systems», MISRA-C:2004, 2004

2. «Guidelines for the Use of the C++ Language in Critical Systems», ISBN 978-906400-03-3 (paperback), June 2008.

3. «Joint Strike Fighter air vehicle С++ coding standards for the system development and demonstration program», Lockheed Martin Corporation, 2005

4. «High Integrity C++ Coding Standard Manual - Version 2.4», The programming research group, 2007

5. The annotated ANSI C Standard American National Standard for Programming Languages. ANSI/ISO 9899-1990

6. «Code Complete», S. McConnel, Microsoft Press; 1 edition (January 1, 1993)

7. «The Practice of Programming», Brian W. Kernighan, Rob Pike, Addison-Wesley Professional, 1999

8. «Coding standards for high-confidence embedded systems», Paul Anderson, MILCOM2008

9. «A Coding Rule Conformance Checker Integrated into GCC», Marpons, Marino, Carro, Herranz, Fredlund, Moreno-Navarro, and Polo, Electronic Notes in Theoretical Computer Science, 2007

10. «A tool for checking coding standards for C++», S. Mohammed Saleem (Master of technology thesis), 1999

11. «Standard error classification to support software reliability assessment», John B. Bowen, afips, pp.697, 1980 Proceedings of the National Computer Conference, 1980

12. «The Detection of Faulty Code Violating Implicit Coding Rules», Tomoko Matsumura, Akito Monden, Ken-ichi Matsumoto, isese, pp.173, 2002 (ISESE'02), 2002

13. «A Framework for Source Code Search Using Program Patterns», S. Paul, A. Prakash, IEEE Transactions on Software Engineering, vol. 20, no. 6, pp. 463-475, June 1994

14. Doxygen. Documentation generator. http://www.doxygen.org

15. «LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation», Chris Lattner, Vikram Adve, pp.75, International Symposium on Code Generation and Optimization (CGO'04), 2004

16. CLANG: C, Objective C, C++ frontend for LLVM, Apple, Inc, http://clang.llvm.org/

17. A. Avetisyan, A. Belevantsev, A. Borodin, V. Nesov. Ispol'zovanie staticheskogo analiza dlya poiska uyazvimostej i kriticheskikh oshibok v iskhodnom kode programm. [Using static analysis for finding security vulnerabilities and critical errors in source code]. Trudy ISP RАN [The Proceedings of ISP RAS], 2011, vol. 21, pp. 23-38 (in Russian).

18. A. Avetisyan, A. Borodin. Mekhanizmy rasshireniya sistemy staticheskogo analiza Svace detektorami novykh vidov uyazvimostej i kriticheskikh oshibok. [Svace static analysis system extension with new types of vulnerabilities and critical errors detectors] Trudy ISP RАN [The Proceedings of ISP RAS], 2011, vol. 21, pp. 39-54 (in Russian).

19. «The Definitive Guide to SQLite», Allen, Grant; Owens, Mike (November 5, 2010). (2nd ed.). Apress. p. 368. ISBN 1430232250.

20. Scratchbox: cross-compiler infrastructure http://www.scratchbox.org/

21. Standard – the C++ language. Report ISO/IEC 14882: 1998, Information Technology Council (NCTIS).

22. S.Gaissaryan, A.Chernov, A.Belevantsev, O.Malikov, D.Melnik, A.Menshikova. O nekotorykh zadachakh analiza i transformatsii programm.[Some problems in program analysis and transformation] Trudy ISP RАN [The Proceedings of ISP RAS], 204, vol. 5, pp. 7-40 (in Russian).