Bitcoin Forum
December 09, 2016, 02:09:21 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Static code Analysis for enhancing software quality  (Read 891 times)
nikileshsa
Newbie
*
Offline Offline

Activity: 7


View Profile
May 18, 2011, 04:11:32 PM
 #1

Good day everyone.
                        I am thinking of performing a static code analysis of the source code for possible security and code problems before every release. I think this will help to enhance the software quality.

I wish to see static source code analysis to be an integral part of the Bitcoin development process. I am not sure if the present code was checked for possible buffer overflow attacks or null pointer dereferencing problems or other critical code problems.


Any suggestions in these lines are welcome.

1) Which static code analsysis should we prefer or any good new static code analysis tools you are aware of which is FREE?
2) How can we ensure every developer is forced to make this a mandatory step in the development process?



 
1481249361
Hero Member
*
Offline Offline

Posts: 1481249361

View Profile Personal Message (Offline)

Ignore
1481249361
Reply with quote  #2

1481249361
Report to moderator
1481249361
Hero Member
*
Offline Offline

Posts: 1481249361

View Profile Personal Message (Offline)

Ignore
1481249361
Reply with quote  #2

1481249361
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481249361
Hero Member
*
Offline Offline

Posts: 1481249361

View Profile Personal Message (Offline)

Ignore
1481249361
Reply with quote  #2

1481249361
Report to moderator
nikileshsa
Newbie
*
Offline Offline

Activity: 7


View Profile
May 18, 2011, 09:53:16 PM
 #2

Well...here I am posting possible code problems and security vulnerabilities  found by Cppcheck tool.


juba@ubuntu:~/.ssh/bitcoin/src$ cppcheck --all bitcoin/src/
bitcoin/src/db.h:49]: (possible error) Memory leak: CDB::pdb
bitcoin/src/ui.cpp:1954]: (possible error) Memory leak: pdialog
bitcoin/src/uibase.cpp...
[/home/juba/.ssh/bitcoin/src/uibase.h:74]: (possible error) Memory leak: CMainFrameBase::m_menubar
[/home/juba/.ssh/bitcoin/src/uibase.h:75]: (possible error) Memory leak: CMainFrameBase::m_menuFile
[/home/juba/.ssh/bitcoin/src/uibase.h:76]: (possible error) Memory leak: CMainFrameBase::m_menuHelp
[/home/juba/.ssh/bitcoin/src/uibase.h:79]: (possible error) Memory leak: CMainFrameBase::m_staticText32
[/home/juba/.ssh/bitcoin/src/uibase.h:80]: (possible error) Memory leak: CMainFrameBase::m_buttonNew
[/home/juba/.ssh/bitcoin/src/uibase.h:81]: (possible error) Memory leak: CMainFrameBase::m_buttonCopy
[/home/juba/.ssh/bitcoin/src/uibase.h:83]: (possible error) Memory leak: CMainFrameBase::m_staticText41
[/home/juba/.ssh/bitcoin/src/uibase.h:84]: (possible error) Memory leak: CMainFrameBase::m_staticTextBalance
[/home/juba/.ssh/bitcoin/src/uibase.h:86]: (possible error) Memory leak: CMainFrameBase::m_choiceFilter
[/home/juba/.ssh/bitcoin/src/uibase.h:87]: (possible error) Memory leak: CMainFrameBase::m_notebook
[/home/juba/.ssh/bitcoin/src/uibase.h:88]: (possible error) Memory leak: CMainFrameBase::m_panel9
[/home/juba/.ssh/bitcoin/src/uibase.h:89]: (possible error) Memory leak: CMainFrameBase::m_panel91
[/home/juba/.ssh/bitcoin/src/uibase.h:90]: (possible error) Memory leak: CMainFrameBase::m_panel92
[/home/juba/.ssh/bitcoin/src/uibase.h:91]: (possible error) Memory leak: CMainFrameBase::m_panel93
[/home/juba/.ssh/bitcoin/src/uibase.h:117]: (possible error) Memory leak: CMainFrameBase::m_menuOptions
[/home/juba/.ssh/bitcoin/src/uibase.h:119]: (possible error) Memory leak: CMainFrameBase::m_textCtrlAddress
[/home/juba/.ssh/bitcoin/src/uibase.h:120]: (possible error) Memory leak: CMainFrameBase::m_listCtrlAll
[/home/juba/.ssh/bitcoin/src/uibase.h:121]: (possible error) Memory leak: CMainFrameBase::m_listCtrlSentReceived
[/home/juba/.ssh/bitcoin/src/uibase.h:122]: (possible error) Memory leak: CMainFrameBase::m_listCtrlSent
[/home/juba/.ssh/bitcoin/src/uibase.h:123]: (possible error) Memory leak: CMainFrameBase::m_listCtrlReceived
[/home/juba/.ssh/bitcoin/src/uibase.h:138]: (possible error) Memory leak: CTxDetailsDialogBase::m_htmlWin
[/home/juba/.ssh/bitcoin/src/uibase.h:139]: (possible error) Memory leak: CTxDetailsDialogBase::m_buttonOK
[/home/juba/.ssh/bitcoin/src/uibase.h:160]: (possible error) Memory leak: COptionsDialogBase::m_listBox
[/home/juba/.ssh/bitcoin/src/uibase.h:161]: (possible error) Memory leak: COptionsDialogBase::m_scrolledWindow
[/home/juba/.ssh/bitcoin/src/uibase.h:162]: (possible error) Memory leak: COptionsDialogBase::m_panelMain
[/home/juba/.ssh/bitcoin/src/uibase.h:164]: (possible error) Memory leak: COptionsDialogBase::m_checkBoxStartOnSystemStartup
[/home/juba/.ssh/bitcoin/src/uibase.h:165]: (possible error) Memory leak: COptionsDialogBase::m_checkBoxMinimizeToTray
[/home/juba/.ssh/bitcoin/src/uibase.h:166]: (possible error) Memory leak: COptionsDialogBase::m_checkBoxUseUPnP
[/home/juba/.ssh/bitcoin/src/uibase.h:167]: (possible error) Memory leak: COptionsDialogBase::m_checkBoxMinimizeOnClose
[/home/juba/.ssh/bitcoin/src/uibase.h:168]: (possible error) Memory leak: COptionsDialogBase::m_checkBoxUseProxy
[/home/juba/.ssh/bitcoin/src/uibase.h:170]: (possible error) Memory leak: COptionsDialogBase::m_staticTextProxyIP
[/home/juba/.ssh/bitcoin/src/uibase.h:171]: (possible error) Memory leak: COptionsDialogBase::m_textCtrlProxyIP
[/home/juba/.ssh/bitcoin/src/uibase.h:172]: (possible error) Memory leak: COptionsDialogBase::m_staticTextProxyPort
[/home/juba/.ssh/bitcoin/src/uibase.h:173]: (possible error) Memory leak: COptionsDialogBase::m_textCtrlProxyPort
[/home/juba/.ssh/bitcoin/src/uibase.h:175]: (possible error) Memory leak: COptionsDialogBase::m_staticText32
[/home/juba/.ssh/bitcoin/src/uibase.h:176]: (possible error) Memory leak: COptionsDialogBase::m_staticText31
[/home/juba/.ssh/bitcoin/src/uibase.h:177]: (possible error) Memory leak: COptionsDialogBase::m_textCtrlTransactionFee
[/home/juba/.ssh/bitcoin/src/uibase.h:178]: (possible error) Memory leak: COptionsDialogBase::m_panelTest2
[/home/juba/.ssh/bitcoin/src/uibase.h:180]: (possible error) Memory leak: COptionsDialogBase::m_staticText321
[/home/juba/.ssh/bitcoin/src/uibase.h:181]: (possible error) Memory leak: COptionsDialogBase::m_staticText69
[/home/juba/.ssh/bitcoin/src/uibase.h:182]: (possible error) Memory leak: COptionsDialogBase::m_buttonOK
[/home/juba/.ssh/bitcoin/src/uibase.h:183]: (possible error) Memory leak: COptionsDialogBase::m_buttonCancel
[/home/juba/.ssh/bitcoin/src/uibase.h:184]: (possible error) Memory leak: COptionsDialogBase::m_buttonApply
[/home/juba/.ssh/bitcoin/src/uibase.h:212]: (possible error) Memory leak: CAboutDialogBase::m_bitmap
[/home/juba/.ssh/bitcoin/src/uibase.h:214]: (possible error) Memory leak: CAboutDialogBase::m_staticText40
[/home/juba/.ssh/bitcoin/src/uibase.h:216]: (possible error) Memory leak: CAboutDialogBase::m_staticTextMain
[/home/juba/.ssh/bitcoin/src/uibase.h:219]: (possible error) Memory leak: CAboutDialogBase::m_buttonOK
[/home/juba/.ssh/bitcoin/src/uibase.h:226]: (possible error) Memory leak: CAboutDialogBase::m_staticTextVersion
[/home/juba/.ssh/bitcoin/src/uibase.h:243]: (possible error) Memory leak: CSendDialogBase::m_staticTextInstructions
[/home/juba/.ssh/bitcoin/src/uibase.h:245]: (possible error) Memory leak: CSendDialogBase::m_bitmapCheckMark
[/home/juba/.ssh/bitcoin/src/uibase.h:246]: (possible error) Memory leak: CSendDialogBase::m_staticText36
[/home/juba/.ssh/bitcoin/src/uibase.h:247]: (possible error) Memory leak: CSendDialogBase::m_textCtrlAddress
[/home/juba/.ssh/bitcoin/src/uibase.h:248]: (possible error) Memory leak: CSendDialogBase::m_buttonPaste
[/home/juba/.ssh/bitcoin/src/uibase.h:249]: (possible error) Memory leak: CSendDialogBase::m_buttonAddress
[/home/juba/.ssh/bitcoin/src/uibase.h:250]: (possible error) Memory leak: CSendDialogBase::m_staticText19
[/home/juba/.ssh/bitcoin/src/uibase.h:251]: (possible error) Memory leak: CSendDialogBase::m_textCtrlAmount
[/home/juba/.ssh/bitcoin/src/uibase.h:252]: (possible error) Memory leak: CSendDialogBase::m_staticText20
[/home/juba/.ssh/bitcoin/src/uibase.h:253]: (possible error) Memory leak: CSendDialogBase::m_choiceTransferType
[/home/juba/.ssh/bitcoin/src/uibase.h:257]: (possible error) Memory leak: CSendDialogBase::m_buttonSend
[/home/juba/.ssh/bitcoin/src/uibase.h:258]: (possible error) Memory leak: CSendDialogBase::m_buttonCancel
[/home/juba/.ssh/bitcoin/src/uibase.h:285]: (possible error) Memory leak: CSendingDialogBase::m_staticTextSending
[/home/juba/.ssh/bitcoin/src/uibase.h:286]: (possible error) Memory leak: CSendingDialogBase::m_textCtrlStatus
[/home/juba/.ssh/bitcoin/src/uibase.h:288]: (possible error) Memory leak: CSendingDialogBase::m_buttonOK
[/home/juba/.ssh/bitcoin/src/uibase.h:289]: (possible error) Memory leak: CSendingDialogBase::m_buttonCancel
[/home/juba/.ssh/bitcoin/src/uibase.h:314]: (possible error) Memory leak: CYourAddressDialogBase::m_staticText45
[/home/juba/.ssh/bitcoin/src/uibase.h:315]: (possible error) Memory leak: CYourAddressDialogBase::m_listCtrl
[/home/juba/.ssh/bitcoin/src/uibase.h:317]: (possible error) Memory leak: CYourAddressDialogBase::m_buttonRename
[/home/juba/.ssh/bitcoin/src/uibase.h:318]: (possible error) Memory leak: CYourAddressDialogBase::m_buttonNew
[/home/juba/.ssh/bitcoin/src/uibase.h:319]: (possible error) Memory leak: CYourAddressDialogBase::m_buttonCopy
[/home/juba/.ssh/bitcoin/src/uibase.h:320]: (possible error) Memory leak: CYourAddressDialogBase::m_buttonOK
[/home/juba/.ssh/bitcoin/src/uibase.h:321]: (possible error) Memory leak: CYourAddressDialogBase::m_buttonCancel
[/home/juba/.ssh/bitcoin/src/uibase.h:350]: (possible error) Memory leak: CAddressBookDialogBase::m_notebook
[/home/juba/.ssh/bitcoin/src/uibase.h:351]: (possible error) Memory leak: CAddressBookDialogBase::m_panelSending
[/home/juba/.ssh/bitcoin/src/uibase.h:353]: (possible error) Memory leak: CAddressBookDialogBase::m_staticText55
[/home/juba/.ssh/bitcoin/src/uibase.h:354]: (possible error) Memory leak: CAddressBookDialogBase::m_listCtrlSending
[/home/juba/.ssh/bitcoin/src/uibase.h:355]: (possible error) Memory leak: CAddressBookDialogBase::m_panelReceiving
[/home/juba/.ssh/bitcoin/src/uibase.h:357]: (possible error) Memory leak: CAddressBookDialogBase::m_staticText45
[/home/juba/.ssh/bitcoin/src/uibase.h:359]: (possible error) Memory leak: CAddressBookDialogBase::m_listCtrlReceiving
[/home/juba/.ssh/bitcoin/src/uibase.h:361]: (possible error) Memory leak: CAddressBookDialogBase::m_buttonDelete
[/home/juba/.ssh/bitcoin/src/uibase.h:362]: (possible error) Memory leak: CAddressBookDialogBase::m_buttonCopy
[/home/juba/.ssh/bitcoin/src/uibase.h:363]: (possible error) Memory leak: CAddressBookDialogBase::m_buttonEdit
[/home/juba/.ssh/bitcoin/src/uibase.h:364]: (possible error) Memory leak: CAddressBookDialogBase::m_buttonNew
[/home/juba/.ssh/bitcoin/src/uibase.h:365]: (possible error) Memory leak: CAddressBookDialogBase::m_buttonOK
[/home/juba/.ssh/bitcoin/src/uibase.h:382]: (possible error) Memory leak: CAddressBookDialogBase::m_buttonCancel
[/home/juba/.ssh/bitcoin/src/uibase.h:398]: (possible error) Memory leak: CGetTextFromUserDialogBase::m_staticTextMessage1
[/home/juba/.ssh/bitcoin/src/uibase.h:399]: (possible error) Memory leak: CGetTextFromUserDialogBase::m_textCtrl1
[/home/juba/.ssh/bitcoin/src/uibase.h:400]: (possible error) Memory leak: CGetTextFromUserDialogBase::m_staticTextMessage2
[/home/juba/.ssh/bitcoin/src/uibase.h:401]: (possible error) Memory leak: CGetTextFromUserDialogBase::m_textCtrl2
[/home/juba/.ssh/bitcoin/src/uibase.h:404]: (possible error) Memory leak: CGetTextFromUserDialogBase::m_buttonOK
[/home/juba/.ssh/bitcoin/src/uibase.h:405]: (possible error) Memory leak: CGetTextFromUserDialogBase::m_buttonCancel
14/15 files checked 93% done
Checking /home/juba/.ssh/bitcoin/src/util.cpp...
[/home/juba/.ssh/bitcoin/src/util.cpp:276]: (error) Mismatching allocation and deallocation: p
[/home/juba/.ssh/bitcoin/src/util.cpp:282]: (error) Mismatching allocation and deallocation: p
Checking /home/juba/.ssh/bitcoin/src/util.cpp: GUI...
Checking /home/juba/.ssh/bitcoin/src/util.cpp: __WXMAC_OSX__...
Checking /home/juba/.ssh/bitcoin/src/util.cpp: __WXMSW__...
15/15 files checked 100% done

FooDSt4mP
Full Member
***
Offline Offline

Activity: 182


View Profile
May 18, 2011, 10:31:21 PM
 #3

It would probably be better to send this kind of information privately to the developers.  There is no need to post it publicly unless they ignore you.  There is a list of developers and their emails on www.bitcoin.org.

As we slide down the banister of life, this is just another splinter in our ass.
nikileshsa
Newbie
*
Offline Offline

Activity: 7


View Profile
May 18, 2011, 11:14:34 PM
 #4

It would probably be better to send this kind of information privately to the developers.  There is no need to post it publicly unless they ignore you.  There is a list of developers and their emails on www.bitcoin.org.


Thanks for your suggestion. I just tried to post these issues to generate a healthy discussion of the use of some robust static analysis tool for the bitcoin project.

I have raised these issues in the github bitcon.

 
goatpig
Legendary
*
Offline Offline

Activity: 1330

Armory Developer


View Profile
May 18, 2011, 11:24:51 PM
 #5

It would probably be better to send this kind of information privately to the developers.  There is no need to post it publicly unless they ignore you.  There is a list of developers and their emails on www.bitcoin.org.


Thanks for your suggestion. I just tried to post these issues to generate a healthy discussion of the use of some robust static analysis tool for the bitcoin project.

I have raised these issues in the github bitcon.


Just the some pointers from the client's GUI classes that aren't deallocated at clean up. Nothing serious, just messy coding.

btcarmory.com
nikileshsa
Newbie
*
Offline Offline

Activity: 7


View Profile
May 18, 2011, 11:46:01 PM
 #6

It would probably be better to send this kind of information privately to the developers.  There is no need to post it publicly unless they ignore you.  There is a list of developers and their emails on www.bitcoin.org.


Thanks for your suggestion. I just tried to post these issues to generate a healthy discussion of the use of some robust static analysis tool for the bitcoin project.

I have raised these issues in the github bitcon.


Just the some pointers from the client's GUI classes that aren't deallocated at clean up. Nothing serious, just messy coding.


Thanks for your analysis. These errors can be safely classified as minors bugs in the code.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!