[rhth54656]

The only option for windows is manual compilation using a POSIX library.

Any suggestions for a similar tool?

[rurban]

Klee, EXE, Forensic, cbmc, BAP all mix symbolic analysis with SAT solvers into the C parse tree, and can come up with input to contradict the assertions. (automatic testcases or exploits) Frama-C still beats all with it's interface, but Forensic is so nice that it even tells how the fix should look like.

https://en.wikipedia.org/wiki/Model_checking

[conductor]

Cppcheck - http://cppcheck.sourceforge.net/

[rhth54656]

Thanks, I just tried it and it found an assignment in an assertion that the compiler didn't warn because it wasn't an if statement.

I ran it over a couple of old finished projects and it found a problem in each one. Awesome.

Unfortunately it misses a class of errors memcpy would do,( similar to heartbleed ) , if copy size is determined at runtime.

[emmelaich]

Here's a list.

http://en.wikipedia.org/wiki/List_of_tools_for_static_code_a...

but sorry no suggestions or recommendations.