OASIS Static Analysis Results Interchange Format (SARIF) TC

 View Only

Asking for output of analysis tools that produce code paths

  • 1.  Asking for output of analysis tools that produce code paths

    Posted 01-24-2018 22:02
    One of our current discussion topics is whether the existing SARIF codeFlow object can represent the rich information produced by tools which trace execution paths through the code. It would help to have sample log files from such tools to review at our upcoming meeting.   If any of you have log files like that, could you please send them directly to Mike Fanning ( mikefan@microsoft.com ) and me, Larry Golding ( larrygolding@comcast.net )?   Michael thought that some of you are likely to be able to supply logs like that:   Yekaterina O’Neil – Fortify Paul Anderson – CodeSonar? Mel Llaguno – Synopsis Luke Cartey – Semmle Mike Fanning – Static Driver Verifier (SDV) Jim Kupsch – SWAMP-compatible tools? Henny Sipma – Kestrel   … but the request is to any and all of you who can help.   Thanks, Larry