Source Code Analysis with CodeSonar

CodeSonar employs a unified dataflow and symbolic execution analysis that examines the computation of the complete application. By not relying on pattern matching or similar approximations, CodeSonar's source code analysis engine is extraordinarily deep, finding 3-5 times more defects on average than other static analysis tools.

Unlike many software development tools, such as testing tools, compilers, configuration management, etc., SAST tools can be integrated into a team's development process at any time with ease. SAST technologies like CodeSonar simply attach to your existing build environments to add analysis information to your verification process.

How does static analysis work?

Like a compiler, CodeSonar does a build of your code using your existing build environment, but instead of creating object code, CodeSonar creates an abstract model of your entire program. From the derived model, CodeSonar’s symbolic execution engine explores program paths, reasoning about program variables and how they relate. Advanced theorem-proving technology prunes infeasible program paths from the exploration.

CodeSonar Static Analysis Representation

Checkers perform analyses on the code to find common defects, violations of policies, etc. Checkers operate by traversing or querying the model, looking for particular properties or patterns that indicate defects. Sophisticated symbolic execution techniques explore paths through a control-flow graph, the data structure representing paths that might be traversed by a program during its execution. When the path exploration notices an anomaly, a warning is generated.

An astronomical number of combinations of circumstances must be modeled and explored, so CodeSonar employs a variety of strategies to ensure scalability. For example, procedure summaries are refined and compacted during the analysis, and paths are explored in an order that minimizes paging.


Customize Your Analysis

New custom checks can be created easily with the included C API. Many built-in checks can be configured according to local requirements. You can also use the API to define custom metrics.

Get a Free Trial

Eradicate defects that impact security, quality, and reliability of your software.

  • Data Races
  • Deadlocks
  • Thread Starvation
  • Buffer Overruns
  • Leaks
  • Null Pointer Dereferences
  • Divides By Zero
  • Uses After Free
  • Frees of Non-Heap Variables
  • Uninitialized Variables
  • Returns of Pointers to Local
  • Returns of Pointers to Free
  • Frees of Null Pointers
  • Unreachable Code
  • Try-locks that Cannot Succeed
  • Misuse of Memory Allocation
  • Misuse of Memory Copying
  • Misuse of Libraries
  • Command Injection
  • User-Defined Bug Classes
Finding Concurrency Errors with GrammaTech Static Analysis

More bugs found. More lives saved. More hacks prevented.

Begin Your Free Trial