Confirmed users, Bureaucrats and Sysops emeriti
419
edits
Static Analysis: Difference between revisions
no edit summary
No edit summary |
No edit summary |
||
| Line 23: | Line 23: | ||
** Chrome never evals a content-tainted string. | ** Chrome never evals a content-tainted string. | ||
** C++ never snprintfs using a content-tainted string. | ** C++ never snprintfs using a content-tainted string. | ||
* | * SpiderMonkey Exact-GC safety bugs. | ||
** "Not stored in the heap" pointer dataflow analysis. | |||
* Dataflow enforcement of correct API usage (CQual++): | |||
** String character set encoding mistakes. | ** String character set encoding mistakes. | ||
** Unit (twips vs. pixels) checking for layout. | ** Unit (twips vs. pixels) checking for layout. | ||
* | * Code metrics, to compare to similar open source projects: | ||
** Virtual method declaration and call populations. | ** Virtual method declaration and call populations. | ||
** Cohesion, coupling, other modularity measures. | ** Cohesion, coupling, other modularity measures. | ||