A contract-based safety analysis method for detecting C and C++ safety holes is proposed and implemented in this paper. With bottom-up analysis, the process of interprocedural analysis is transformed into the intraprocedural analysis. A format for descripting safety rules is designed so that safety rules can be expanded by users. By associating variables and functions with contracts to record pre and post conditions, and updating the contracts according to the rules constructed, safety checking can be done automatically during the program analysis. The method can be used to detect safety holes, such as illegal pointer references, the use of illegal statuses of function arguments or global variables during a function call, memory leaks, and other resource leaks, at a low cost and with high flexibility. |