Compiler Technologies Team
Intro Background Projects Offers Publications Downloads Staff
ISPRAS Description Logo
Home   R&D Groups   Projects   Grants   Publications   Downloads

SVaCE Detector

In the course of our research in the field of program static analysis we have developed the tool (SVaCE Detector - Security Vulnerabilities and Critical Errors Detector) for security vulnerabilities and some critical errors static detection in the program source code. SVaCE Detector allow user to efficiently and fully automatically discover the following defect types:

  • Buffer overflow
  • Access beyond the object bounds
  • Format string vulnerability
  • Null pointer dereference
  • Use after free
  • Double free
  • Memory leak

We offer all interested persons to evaluate SVaCE Detector absolutely free on arbitrary source code base. If you want your code to be analyzed you may send zipped source code base to . As soon as your source code will be checked you will receive a letter with analysis results and information about potential vulnerabilities and errors in your source code base. We guarantee that all received source codes will be used only for analyzing by SVaCE Detector and not for commercial or any other purposes. Also we extend these guaranties to the analysis results.

Because of limited resources currently we can't analyze all possible programs you've sent. Before sending please check the following limitation for you source code base are hold true:

  • All program modules must be written in C language. Now our front-end supports ISO C90 standard, some GNU and C99 extensions
  • Source code must be compilable with GCC 3.x
  • Total size of source code base sending for analyzing is limited to 500Kb and 15 KLOC

All question concerned with this research and SVaCE Detector you can send to .


Copyright © 2005 ISP RAS