Tuesday, September 6, 2016

Automated Code Inspection Tools for C Code

I recently had to draw up a list of C code automated inspection tools for a client.  It took me several hours to find and distill good reviews on the web so I thought I'd share it here for what's worth.  If I wind up using (or trying to use) any of the tools on the client's code base, I'll report my experience here.

This is a list of tools that, based on seven reviews I found, look like good candidates to run.  Since C has been around forever, some of the reviews are from as far back as 2009 and 2010.


Tool
# Recom­mendations
Type
Web page / Notes
OPEN SOURCE



Flawfinder
5
Open source
Last update: 2014
Cppcheck
4
Open source
Last update: 2016
RATS
3
Open source
Last update: 2013
YASCA
3
Open source & Commercial
Last update: 2014
COMMERCIAL



Coverity (Synopsys)
3
Commercial
Klocwork
2
Commercial
Fortify Static Code Analyzer (SCA) (HP)
1
Commercial

. o O o . 

1 comment:

  1. Thank you for sharing the concise information on the code inspection tools and its web page notes. Although there are several adaptations with respect to their sources and implementation.

    ReplyDelete