Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/jetbrains-research/cofra

A CFL-r-based static analyser
https://github.com/jetbrains-research/cofra

analysers cfl-r interprocedural resharper static-code-analysis taint-analysis

Last synced: about 2 months ago
JSON representation

A CFL-r-based static analyser

Awesome Lists containing this project

README 

        
[![Build status](https://ci.appveyor.com/api/projects/status/4uuha50qe858lcd6/branch/master?svg=true)](https://ci.appveyor.com/project/ilya-nozhkin/cofra/branch/master)

[![Build Status](https://travis-ci.org/JetBrains-Research/CoFRA.svg?branch=master)](https://travis-ci.org/JetBrains-Research/CoFRA)



# Short description.



CoFRA project implements context-free language reachability approach to provide an extensible platform for performing interprocedural static analyses. The core of the project is a service which is responsible for accumulating information about the source code and running different analyses defined in terms of pushdown automata. It provides a socket-based interface for interaction with frontends which are responsible for extracting necessary information and notificating user about issues found by the analysers.



# The plugin



There is also one implementation of a frontend which is based on ReSharper SDK and thus can be installed into ReSharper, Rider and InspectCode. It also contains a bundled backend providing one analysis performing a kind of taint tracking. 

It tracks the data from specially marked fields called sources to methods called sinks checking whether they are passed through filters.

Examples of use can be found in the [tests folder](test/data/TaintAnalysis).



The plugin itself can be downloaded [here](https://ci.appveyor.com/project/ilya-nozhkin/cofra/build/artifacts)