What C/C++ tools can check for buffer overflows? [

2019-01-16 14:39发布

I've been asked to maintain a large C++ codebase full of memory leaks. While poking around, I found out that we have a lot of buffer overflows that lead to the leaks (how it got this bad, I don't ever want to know).

I've decided to removing the buffer overflows first. To make my bug-hunting easier, what tools can be used to check for buffer overruns?

14条回答
叼着烟拽天下
2楼-- · 2019-01-16 15:26

My vote goes to Rational Purify. Extremely powerful with a price to match. Makes short work of lots of problems and can really pay for itself. Also, is available on most *nix. Not sure about Windows, though.

查看更多
男人必须洒脱
3楼-- · 2019-01-16 15:27

On Windows for memory leaks/buffer overruns and other runtime error detection you can use:

I think they worth their price if you have large projects that need cleanup.

查看更多
ゆ 、 Hurt°
4楼-- · 2019-01-16 15:27

My company, Semantic Designs is looking for beta testers for a runtime memory safety checker (including buffer overruns) that detects all types of memory access violations, even those that valgrind and Purify cannot. This is presently for Windows C programs only, not C++ or other OSes.

EDIT June 1, 2011: The CheckPointer tool has gone production. Still C/Windows only. Handle multiple C dialects: MS Visual C, GCC 3/4.

EDIT May 5, 2012: CheckPointer now handles C99, including checking calls on the standard C and C99 libraries.

查看更多
Juvenile、少年°
5楼-- · 2019-01-16 15:32

I'd recommend the free "leakfinder" tool on the CodeProject by Jochen Kalmbach. See my post for more details on this thread (and the other answers) on this memory leak question

查看更多
Bombasti
6楼-- · 2019-01-16 15:32

Check on electric-fence, it is design just for buffer overflow ! It does not slow down the code itself (but slow down allocation/deallocation). It works and linux and windows.

It works by adding a segment with no read or write access before and after each allocated space. Trying to access this memory end up as a segmentation fault on UNIX and a memory violation (or something similar) on Windows.

查看更多
不美不萌又怎样
7楼-- · 2019-01-16 15:36

The BoundsChecker component of Compuware's Devpartner does this very well in terms of dynamic execution. For static testing, I'd recommend pc-lint and flex-lint coupled up to Riverblade's visual lint for usability and reporting. If you have been handed a new code base, I'd recommend starting out with static analysis with reasonably loose rules so you catch just the nasty stuff. As the codebase improves you can tightent the rule set.

If you need to do this on Windows Mobile / Windows CE, check out Entrek's code snitch

Another tool to consider if the code makes it into the field is AQtrace, which basically analyses crashes on user machines and sends you the details. (Just in case all that boundchecking, purifcation, linting, valgrinding etc.. misses something)

查看更多
登录 后发表回答