Re: Static code review for iPhone developers?

[Dan Cornell <dan () denimgroup com>]

> Greetings SC-L folks.  Hey, I have a quick question I'd like to submit
> to this group.
>
> Anyone know of any static code analysis tools that can scan an iPhone
> app package?  Something that integrates with the Xcode SDK and can at
> the very least scan through all of the Objective C in the src tree is
> what I'm looking for.  Any SCA product vendors currently doing this?
> Please contact me on or off list.

XCode has a built in static analysis tool, but I'm not sure how thorough it is:
<http://developer.apple.com/mac/library/featuredarticles/StaticAnalysis/index.html>

Not sure if any of the commercial folks support Objective-C yet.

Thanks,

Dan


_______________________________________________
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________