An Improved Method of Static Code Analysis Based on the Context-Sensitive Rules

One of the static test methods is static code analysis, which is to analyse the source code by specific tools without running the code. This method tries to detect possible code vulnerabilities by techniques such as data analysis and flow analysis. Static code analysis contains limitations, one of which is the vulnerability report if it is not. This paper focus is on reducing these false reports, which have been dealt with in many ways. Our method is to have a list of code analysis rules and to examine for each context the rules in that context, as a result of which all the rules are not analysed by the code analyser. For example, for security analysis, we just focus on security rules, not design or other rules. So we reduce the error messages by applying filters to the entire rules.