Powerful Static Analysis Tool for Linux Shell Scripts!

Powerful Static Analysis Tool for Linux Shell Scripts!

Source fromLinux Mainland Introduction to ShellCheck ShellCheck is a widely used open-source tool designed for Shell script developers, aimed at helping to identify and correct errors in scripts. It can statically analyze various Shell scripts such as bash, sh, ksh, and dash, providing detailed warnings and suggestions to help developers improve the reliability and maintainability … Read more

Static Code Analysis Tool for Linux Shell Scripts: ShellCheck

Static Code Analysis Tool for Linux Shell Scripts: ShellCheck

<span>Shell</span> scripts are indeed prone to errors during development, especially for beginners who may feel overwhelmed. In previous articles, I introduced some debugging techniques and tools, and today I will introduce a <span>static code analysis tool</span> for Shell: <span>ShellCheck</span>, an open-source project with 38.5k[1] stars on Github[1]. As an open-source static code analysis tool, ShellCheck … Read more

A Treasure Map for Static Analysis in C Language

A Treasure Map for Static Analysis in C Language

At the end of the article on pointer handling (click here to view), we mentioned the functionality of generating side-effects for pointers: #include <stdio.h> int test(int a,int b,int* c){ *c = a + b; return 0; } int main(){ int a=1,b=2,c; test(a,b,&c); printf("%d\n",c); return 0; } When analyzing data flow using printf(* #-> as $a), … Read more

IoT Vulnerability Discovery and Exploitation

IoT Vulnerability Discovery and Exploitation

IoT Vulnerability Discovery and Exploitation is an important research direction in the field of cybersecurity, involving multiple aspects such as device firmware, communication protocols, and embedded systems. Below, we analyze from three aspects: technical methods, typical cases, and protection strategies: 1. Vulnerability Discovery Techniques Static Analysis By using reverse engineering, symbolic execution, and other techniques … Read more

Common Fault Tolerance Designs in Embedded Code

Click the blue “One Click Linux” in the upper left corner, and select “Set as Favorite“ Get the latest technical articles at the first time ☞【Technical Content】Learning Path for Embedded Driver Engineers ☞【Technical Content】Linux Embedded Knowledge Points – Mind Map – Free Access ☞【Employment】A Comprehensive IoT Project Based on Linux for Your Resume ☞【Employment】Resume Template … Read more

Practical Python Programming: Object-Oriented and Advanced Syntax

Python is known for its “elegance”, “simplicity”, and “readability”, and one of the keys to achieving these characteristics is good coding standards and clear type annotations. As project scales increase and team members grow, writing Python code that is “understandable and modifiable” becomes more important than just writing “working code”. This article will take you … Read more

Building a Code Audit Tool from Scratch with Rust

Building a Code Audit Tool from Scratch with Rust

Code auditing is a critical step in ensuring software security and quality. Automated auditing tools can greatly enhance efficiency, helping developers identify potential issues before code submission. This article will guide you step by step in building a static auditing tool from scratch using Rust, which can clone Git repositories and scan code based on … Read more

Design Flaws in Embedded Software

Design Flaws in Embedded Software

Focus on and star our public account for direct access to exciting content Source | Online Materials In a standard embedded project, software defects must be considered from the design stage.So, what aspects do you usually consider regarding design flaws in embedded software? Overview In high-quality and high-safety products, software plays an increasingly significant role. … Read more

Understanding EMBA: The Comprehensive Tool for Embedded Firmware Security

Understanding EMBA: The Comprehensive Tool for Embedded Firmware Security

What exactly is EMBA? EMBA (Embedded Malware & Binary Analyzer) is a tool specifically designed for conducting security assessments on firmware for embedded devices. It integrates the entire process of firmware extraction, static code auditing, dynamic emulation, SBOM (Software Bill of Materials) generation, and vulnerability reporting, allowing us to identify potential risks in the firmware … Read more

ccusage: A Powerful Tool for Analyzing C/C++ Source Code Call Hotspots and Identifying Performance Bottlenecks!

ccusage: A Powerful Tool for Analyzing C/C++ Source Code Call Hotspots and Identifying Performance Bottlenecks!

Today, I want to share a small tool I recently discovered — <span>ccusage</span>. Although the project is small, its functionality is indeed impressive! I tried it out, and it **directly analyzed tens of thousands of lines of C code in a project, producing results in seconds, and the performance skyrocketed!** It is fantastic for investigating … Read more