STATIC CODE ANALYSIS BASED ON USAGE OF ROSLYN COMPILER
DOI:
https://doi.org/10.24867/01BE37AleksicKeywords:
Static code analysis, Roslyn, compiler, C# coding standardAbstract
Static code analysis is a process of analyzing software’s source or binary code. The aim of analysis is to check the compliance to specific coding rules and discover potential vulnerabilities of software without actually executing the code. This work analyzes the possibilities of .NET compiler platform named Roslyn and describes the implementation of a custom tool for static code analysis based on .NET coding standard for C#.
References
[1] owasp.org, 2017, Static Code Analysis, [online] dostupno na: https://www.owasp.org/index.php/Static_Code_Analysis [posećeno 4 Sep. 2018]
[2] Chess, B and West, J 2007, Secure programming with Static Analysis, Addison-Wesley, Boston
[3] github.com, 2018, .NET Compiler Platform ("Roslyn") Overview, [online] dostupno na: https://github.com/dotnet/roslyn/wiki/Roslyn%20Overview [posećeno 6 Sep. 2018]
[4] Chess, B and West, J 2007, Secure programming with Static Analysis, Addison-Wesley, Boston
[5] Hunt, L 2007, C# coding standard for .NET
[2] Chess, B and West, J 2007, Secure programming with Static Analysis, Addison-Wesley, Boston
[3] github.com, 2018, .NET Compiler Platform ("Roslyn") Overview, [online] dostupno na: https://github.com/dotnet/roslyn/wiki/Roslyn%20Overview [posećeno 6 Sep. 2018]
[4] Chess, B and West, J 2007, Secure programming with Static Analysis, Addison-Wesley, Boston
[5] Hunt, L 2007, C# coding standard for .NET
Downloads
Published
2018-12-11
Issue
Section
Electrotechnical and Computer Engineering
