Vigilant Sentry

Navigation

Scanners

At the heart of Sentry's analysis engine is its set of pluggable scanners - small modules capable of detecting one or more kinds of defects. Sentry ships with a comprehensive suite of scanners that look for a range of defects, from serious memory issues to more stylistic concerns like variable naming.

Sentry can also be extended with your own custom scanners using our Python API. Contact us to request developer documentation if you are interested in using our SDK to develop your own scanners.

Why Plugins?

Using a plugin system gives Sentry several advantages over other analysis tools.

1. Sentry is extensible. You can add new checks by writing your own scanners using our Python SDK.

2. More control: With analysis profiles, you can configure Sentry to report only the set of defects you decide are important.

3. Pay for what you use: Sentry's analysis engine will optimize its passes depending on the scanners in use. Re-analyzing programs with a single plugin enabled is extremely fast, so you can quickly iterate and eliminate bugs.

Sentry's Scanners

Listed here are the scanners included in the current release of Sentry. Each scanner is a plugin that looks for specific defect kinds that can be found in your program. You can use this page as a reference to understand the results reported by Sentry. Additional information can be found in the Sentry user's manual.

List of Scanners

C File I/O
Identifies errors related to use of the POSIX file I/O APIs (fopen, fclose, etc.) such as leaking a file handle by forgetting to close it, writing to an invalid file handle, and others.

C Memory Leak
Identifies memory leaks in cases where the C memory allocation and free routines are not used correctly. Memory leaks are a serious threat to long-lived programs and will eventually result in abnormal termination when memory is exhausted.

C++ Memory Leak
Like C Memory Leak, identifies memory leaks in the program being analyzed. This scanner looks for leaks that occur using the C++ new and delete operators for allocating and releasing memory.

Cast Alters Value
Identifies instances where data is converted from one type to another in an unsafe way, such that data loss could occur.

Check After Dereference
Reports NULL pointer dereferences that follow a specific pattern: a variable is dereferenced and subsequently tested for NULL. (If it can be NULL, it should not be dereferenced without a test first.)

Dead Assign
A particular type of dead code in which a value is assigned to a variable and then never used again. The assignment operation is unnecessary and can be removed.

Dead Code
Finds and reports cases of code that is unreachable at run-time and has no effect on the outcome of the program.

Dead Variable
Identifies variables that are not used in the execution of the program and serve no apparent purpose. May indicate confusion and an area of code that needs further inspection.

Non-portable Conversion
Reports unsafe type operations that may cause data corruption when porting to a new platform (such as 32-bit to 64-bit).

Non-virtual Shadow
Identifies class methods that are overridden without the use of the virtual keyword, which is often not desirable.

Null Dereference
Identifies straightforward cases of NULL pointer dereferences, a serious issue that should be inspected as soon as possible.

Return Stack Address
Detects cases where a function returns a pointer to a stack address that will not be valid after the function has finished executing.

Shadowed Variable
Identifies cases where a variable is hidden ("shadowed") by the declaration of another variable of the same name, a practice that can lead to confusion.

Unchecked Return
Reports instances where the return value of a particular function is not checked for NULL, even though it can possibly return NULL pointers.

Uninitialized
Detects variables that are used in a function before they have been assigned a value, which will result in undefined behavior.

Uninitialized Member
Identifies class member variables that are not initialized in a class constructor, which may later be used without initialization.

Use After Free
Reports cases of pointers being accessed after the associated memory has been freed, which will result in undefined behavior.

Useless Comparison
Identifies conditions in the program that will always be true or always be false because of the range of values supported by the types involved.