InferSharp (also referred to as Infer#) is an interprocedural and scalable static code analyzer for C#. Via the capabilities of Facebook's Infer, this tool detects null pointer dereferences and resource leak. Read more about our approach in the Wiki page.
The instructions on how to run Infer# as a GitHub Action can be found here: Infer# Action.
Alternatively, use our Docker image:
docker pull mcr.microsoft.com/infersharp:latest
Start a container in interactive mode, then run the following command in the container:
sh run_infersharp.sh Examples output
To view the bug report:
cat output/filtered_bugs.txt
We welcome contributions. Please follow this guideline.
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.
Please do not report security vulnerabilities through public GitHub issues. Instead, please follow this guideline.