Static Code Analysis - A Behind-the-scenes Look

Dive into the technical intricacies of static code analysis tools in this 38-minute conference talk from GOTO Amsterdam 2022. Explore how linters, IDE inspections, and scanners for bugs, coding style, and vulnerabilities function behind the scenes. Learn about file and text utilities, abstract syntax trees, byte code, flow tracking, and the challenges of cross-referencing and combinatorial explosion. Understand the complexities of handling conditional flows, loops, function calls, and virtual method calls. Discover the importance of flow sensitivity, aliasing, and framework knowledge in code analysis. Gain insights into the levels of sophistication in these tools and how they identify unique findings, ultimately enhancing your understanding of their strengths and limitations.

Intro
File & text utilities
Challenge: Cross referencing
Abstract syntax tree
Which identifier refers to what?
Explicit support for all language features
Byte code
Which is the better choice?
Tracking flows
Assignment
Propagators
Conditional flows
Combinatorial explosion
Merging
Combinatorial explosion - Revisited
Merging - Limitations
Loops
Impossible to be precise
Function calls
Recursion
Virtual method calls
Call graph
Flow sensitivity
Aliasing
Framework / Library knowledge
Identifying unique findings
Quality of results
Levels of sophistication
Summary
Outro