Abstract: The false positive rate and the false negative rate are too high for the open source software Cppcheck, and defects cannot be detected during program running. Interval set algorithm was put forward on the basis of Cppcheck program and was used for detecting array bound overflow. Shaping interval set and array interval set were established by introducing the concept of interval set. Each program variables and expressions interval values were constructed under the framework of Cppcheck to detect contradictions to locate defects. The precision rate increased by 18.5%, the false negative rate decreased by 22.5% and the false positive rate increased by 3.5% with the algorithm compared to Cppcheck. The experimental results show that the proposed algorithm can effectively detect the defects of running program and the detection performance gets improved.

Key words: Cppcheck, abstract interval set, array bound overflow, variable, expression

摘要： 针对开源软件Cppcheck误报率和漏报率过高,且不能检测出运行时程序缺陷等问题，基于Cppcheck程序，提出了抽象区间集算法，并将其应用于数组边界缺陷检测。在Cppcheck框架内，通过引入区间集概念，建立每个程序点变量和表达式的整型区间集和数组区间集,并由此定位出程序中的矛盾点，最终检测出程序缺陷。与Cppcheck相比较，所提算法的查准率提高18.5%，漏报率降低22.5%，误报率提高3.5%。实验结果表明，该方法能有效地检测出运行程序缺陷，并提高Cppcheck缺陷检测性能。

关键词: Cppcheck, 抽象区间集, 数组越界, 变量, 表达式