RE: code analysis for c#?

Sorry, try this

http://www.ssw.com.au/ssw/codeauditor/default.aspx


Tom

-----Original Message-----
From: Mark Curphey [mailto:mark@xxxxxxxxxxx]
Sent: Saturday, February 28, 2004 7:55 AM
To: Cassidy, Thomas
Subject: RE: code analysis for c#?

Tom

This is a broken link. Can you resend thanks. 

-----Original Message-----
From: Cassidy, Thomas [mailto:Thomas.Cassidy@xxxxxxxxxxx]
Sent: Friday, February 27, 2004 3:01 AM
To: Patrick@xxxxxxxxxxxxxxxxxxxxx; Mads Rasmussen;
webappsec@xxxxxxxxxxxxxxxxx
Subject: RE: code analysis for c#?

One of the drawbacks to FxCop is that it will not let you look at code
inside functions, i.e., you can only apply it's rules to globals and
function declarations.

We are investigating a tool named Code Auditor from SSW (www.ssw.com)
that
allows you to build your code analysis rules using regular expressions.

Tom

-----Original Message-----
From: patrick [mailto:patrick@xxxxxxxxxxxxxxxxxxxxx]
Sent: Thursday, February 26, 2004 1:09 PM
To: 'Mads Rasmussen'; webappsec@xxxxxxxxxxxxxxxxx
Subject: RE: code analysis for c#?

You might check out FxCop:  http://www.gotdotnet.com/team/fxcop/
It's referenced in "Writing Secure .Net Code"
-Patrick

-----Original Message-----
From: Mads Rasmussen [mailto:mads@xxxxxxxxxxxxx]
Sent: Wednesday, February 25, 2004 8:25 PM
To: webappsec@xxxxxxxxxxxxxxxxx
Subject: code analysis for c#?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Hi there,

I wonder if someone has experience with code analysis tools for c#?

There seems to be a few doubtful tools, all (to my knowledge) comercial.

Regards,

Mads Rasmussen
Open Communications Security





-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFAPXUhmbndit7HnQwRApKzAKCEbNPPO/Hw3SIDG3ejGBybh9HDNgCgxvVT
3jfWLNton7ruQNHhhWR7pJc=
=MfZu
-----END PGP SIGNATURE-----