As I said in earlier article, static code inspections does not need the context of the code but the bugs can just be found by statically analysing the code. Here, I would explain how we can find a bugs in an open source code without even understanding what it does. Google code search, a project of google labs which allows us to search any of the public source code. The search by regular expression is one great feature of this tool. One common mistake that many people does in the C code is writing a code like arr[sizeof(arr)]='\0', which will be giving an array out of bound exception. So I wanted to do google code search for all such patterns, so the search term I enterted was \[sizeof\(.*\)\]\ *= . The results which we get on searching are here. After doing some manual analysis on the first result page I found the code:
strncpy(l->label, LIBNET_LABEL_DEFAULT, LIBNET_LABEL_SIZE);
l->label[sizeof(l->label)] = '\0';
For the above regular expression we got 600 results and there is atleast one such buggy code in each page (10 results per page), so on an average we would have found out more than 60 bugs. This shows that there are many bugs in the code which just goes unnoticed. We can find many such bugs if we can come up with the patterns of the common mistakes. This shows the growing need for automated/Manual analysis of the code.
hi,
ReplyDeleteits quite true you know, i did a write up on mutation testing which is on similar lines and i am interested in your concept.
would love to hear more from you on tis topic :)