Infer# is an interprocedural and scalable static code analyzer for C#. Via the capabilities of Facebook's Infer, this tool detects null dereferences, resource leaks, and thread-safety violations. It also performs taint flow tracking to detect critical security vulnerabilities like SQL injections.

Перейти к файлу

Xin Shi 519757911c Add v1.4 blog link (#181 )		2022-10-31 12:10:08 -07:00
.build	Target the latest infer main branch (#171 )	2022-10-03 11:11:49 -07:00
Cilsil	Redo Test Examples for 1.4 (#159 )	2022-10-24 11:04:32 -07:00
Cilsil.Test	Redo Test Examples for 1.4 (#159 )	2022-10-24 11:04:32 -07:00
Examples	Redo Test Examples for 1.4 (#159 )	2022-10-24 11:04:32 -07:00
assets	Update README for v1.4 (#180 )	2022-10-25 15:16:37 -07:00
.editorconfig	Initial commit (#1 )	2020-09-14 15:59:03 -07:00
.gitattributes	Initial commit (#1 )	2020-09-14 15:59:03 -07:00
.gitignore	Initial commit (#1 )	2020-09-14 15:59:03 -07:00
.inferconfig	Add an analysis timeout per file (#172 )	2022-10-03 12:29:05 -07:00
CODE_OF_CONDUCT.md	Initial CODE_OF_CONDUCT.md commit	2020-07-02 12:22:12 -07:00
CONTRIBUTING.md	Redo Test Examples for 1.4 (#159 )	2022-10-24 11:04:32 -07:00
Dockerfile	Redo Test Examples for 1.4 (#159 )	2022-10-24 11:04:32 -07:00
Infersharp.sln	Redo Test Examples for 1.4 (#159 )	2022-10-24 11:04:32 -07:00
LICENSE	Initial LICENSE commit	2020-07-02 12:22:12 -07:00
NOTICE.md	Initial commit (#1 )	2020-09-14 15:59:03 -07:00
README.md	Add v1.4 blog link (#181 )	2022-10-31 12:10:08 -07:00
RUNNING_INFERSHARP_ON_WINDOWS.md	Target the latest infer main branch (#171 )	2022-10-03 11:11:49 -07:00
RUNNING_IN_DOCKER.md	Target the latest infer main branch (#171 )	2022-10-03 11:11:49 -07:00
SECURITY.md	Initial SECURITY.md commit	2020-07-02 12:22:14 -07:00
TROUBLESHOOTING.md	Update TROUBLESHOOTING.md (#55 )	2021-03-12 06:37:07 -08:00
run_infersharp.sh	Update binary copying logic (#179 )	2022-10-18 15:33:23 -07:00

README.md

InferSharp

InferSharp (also referred to as Infer#) is an interprocedural and scalable static code analyzer for C#. Via the capabilities of Facebook's Infer, this tool detects race conditions, null pointer dereferences and resource leaks. It also performs taint flow tracking to detect critical security vulnerabilities like SQL injections. Read more about our approach in the Wiki page.

In addition to implementing the C# frontend, we contributed our language-agnostic serialization layer (Commit #1361) to facebook/infer, which opens up opportunities for additional language support in the future.

Public Announcements

.NET DevBlogs - v1.4, v1.2, v1.0
Facebook Engineering Blog
.NET Community Standup
Visual Studio Toolbox - YouTube, Channel9

The latest version is . Please refer to the release page for more information on the changes.

Get Started

Build from Source

Use this Dockerfile to build images and binaries from source. It builds the latest code from microsoft/infersharp:main + facebook/infer:main by default.

Troubleshooting

Please refer to the troubleshooting guide.

Contributing

We welcome contributions. Please follow this guideline.

Trademarks

This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.

Security Reporting Instructions

Please do not report security vulnerabilities through public GitHub issues. Instead, please follow this guideline.