Integrating Static Analysis Tools for Improving Operating System Security
Ashish Joshi, Kanak Tewari, Vivek Kumar, Dibyahash Bordoloi
Journal Title:International Journal of Computer Science and Mobile Computing - IJCSMC
Static analysis approach is widely used for detecting vulnerabilities within the code before the execution. C/C++ programming languages consist of highest number of vulnerabilities of which buffer overflow is the highest rated. Of all static analysis tools available none has enabled to detect all the vulnerabilities. Hence, we have proposed an integrated approach using two open-source static analysis tools: Flawfinder and Cppcheck for developing a new static analysis tool.