Здійснено реалізацію можливості багаторазового використання графів потоку керування для
проведення над ними повторного статичного аналізу (можливість проведення пошуку недоброякісного коду як за стилістикою, так і щодо наявності вразливостей, що їх він створює у результаті).
Проведено аналіз декількох граматик для підбору оптимальної, а також порівняння баз даних для
конкретної цільової задачі (вибудови графа з великою кількістю точок).
Static code analysis is a very important stage in the development and implementation of software, and it
needs to be used to obtain a better code. The most complicated in static analysis is the analysis of source
code, and further analysis. Analysis of the source code can be done multiple times and expand the set
of necessary grammar. The main goal was and remains to provide a solution to reduce the time needed
for a global reassessment of static analysis at code level after a change.
The main problem when using static code analysis is to build an abstract semantic graph, because each
software solution is provided with a separate data warehouse. The proposed solution proposes to use as a
database repository using graphs. Thus, the storage mechanisms of the created abstract semantic graph
have been simplified, which in turn, in addition to increasing the clarity of the information we store, provides convenient ways to further work with the stored information.
The developed solution can transform a rather large source repository into a graphic representation and
maintain it later. It is found that the approach is suitable for carrying out code compliance checks and for
performing static analysis tests on a graphic representation. This approach also uses advanced file-level
detailing, accelerating static analysis. Based on my measurements, the frameworks are fast enough to help
their users quickly change the repository of codes.
This article confirms the thesis about the possibility of storing an abstract semantic graph in a graph
database, and after refinement, if it contains sufficient transformations and requests for language processing, can become a complete transport for communication between various static analysis tools that
usually perform one of two the functions of verification either for quality or for vulnerability, thereby
making a unified creation of an abstract semantic graph.
As an improvement it is necessary to consider the possibility of incremental analysis – the analysis
of changes in the code, in order to minimize resource costs for a rather resource intensive operation
of the structure of the abstract semantic graph.
