coverity分析端软件环境搭建
在某linux机器的/share2/coverity/ 目录下安装使用coverity说明
从官网下载安装文件:cov-analysis-linux64-2019.06.sh 放置于/share2/coverity/ 目录下
我是由于机器安装软件太多,所以选择/share2/coverity/ 目录下安装的,一般情况建议目录/home/coverity。
参考资料:
Coverity 8.7.1 命令与 Ant 任务说明书: https://download.csdn.net/download/qq_33163046/12116661
安装前还需要:
服务端账号/密码: usr/password
license.config文件
rule.txt
1. 安装步骤
root用户进入根目录
# cd /share2/coverity
添加执行权限
# chmod +x cov-analysis-linux64-2019.06.sh
运行安装包
# ./cov-analysis-linux64-2019.06.sh
确认安装
#o
选择语言为中文
#4
不停按回车阅读许可条款
选择接受许可条款
#1
配置安装目录
Where should Coverity Analysis be installed?
#/share2/coverity/cov-analysis
Which components should be installed?
1: Coverity Static Analysis and Dynamic Analysis. [*1]
2: Extend SDK
3: Architecture Analysis
(To show the description of a component, please enter one of *1)
Please enter a comma-separated list of the selected values or [Enter] for the default selection:
[1]
这里选择默认值,直接回车即可
#enter
Are you using a Coverity license or FLEXnet?
Please choose the type of license you have. The license is Coverity type, a
file with a name ending in .dat; or FLEXnet type.
If you plan to use FLEXnet licensing and Dynamic Analysis, choose Both.
License types to install
Coverity (you have a .dat file) [1, Enter], FLEXnet (you have a .lic file) [2], Both [3]
这里选择2并回车,采用浮动license文件配置
#2
Choose the way you want to set up your license.config file.
We're ready to set up your license.config file, which tells Coverity
applications where your FLEXnet license server is. If you will use a single
license server, choose Basic. If your license servers are a redundant
"triad", choose Advanced. If you already have a license.config file that you
want to use, choose that option.
License server configuration
Basic [1, Enter], Advanced [2], Use an existing license.config file [3]
这里选择1并回车,浮动license文件配置为基本模式
#1
Enter the host name and port of your FLEXnet server
License server host name
[localhost]
这里选择默认值,直接回车即可
#enter
License server port
[27000]
这里选择默认值,直接回车即可
#enter
Extracting files ...
Setup has finished installing Coverity Analysis on your computer.
Start the Coverity Wizard?
Yes [y, Enter], No [n]
这里选择n并回车,不启动Coverity Wizard
#n
Finishing installation ...
2.license.config文件更新
安装完成后将license.config文件复制到安装目录下的bin目录下,覆盖。
/share2/coverity/cov-analysis-linux64-2019.06/bin/
3.配置环境变量
环境变量PATH中增加 /share2/coverity/cov-analysis/bin ,并检查是否添加成功
在.bash_profile中添写蓝色路径:
PATH=$PATH:$HOME/bin:/share2/coverity/cov-analysis/bin:/usr/sbin:/sbin:/usr/local/bin;export PATH
4.配置编译器,执行(Coverity 8.7.1 命令与Ant 任务说明书page 72):
# cov-configure --gcc
# cov-configure --comptype gcc --compiler cc --template
提示:[WARNING] Template config template-ld-config-0 already exists for ld and will be reused.
-- 平台编译一般使用cc命令(虽然实际cc通过文件链接指向gcc),因此还需要执行该命令
上述命令只需执行一次。
5.创建可以正常编译的代码环境
将/share2/coverity目录下放一个完整的接口机可编译环境。(我的cov-analysis 和lib,bin同一目录层级)在.bash_profile里的第一次使用${HOME}前,加上HOME=/share2/coverity, 更改编译的主目录,变量生效后执行.sentenv_64.sh, 到代码目录执行该代码的编译命令 ,确认可以正常编译。(如果你是/home/cvoerity目录就比我简单多了。)
6.构建
确认可以正常编译后,在该目录执行(Coverity 8.7.1 命令与Ant 任务说明书page 39)
# cov-build --dir cov make Clean Install
make Clean Install是我代码的makefile里的编译命令。执行成功标志
7 C/C++ compilation units (100%) are ready for analysis
The cov-build utility completed successfully.
7.执行
取扫描规则rule.txt 放于编译命令执行上一个目录层。然后执行(Coverity 8.7.1 命令与Ant 任务说明书page 2)
#cov-analyze --dir cov @@../rule.txt
执行成功标志的最后几行为:
[STATUS] Running analysis
|0----------25-----------50----------75---------100|
****************************************************
[STATUS] Exporting summaries
|0----------25-----------50----------75---------100|
****************************************************
Analysis summary report:
------------------------
Files analyzed : 8
Total LoC input to cov-analyze : 45532
Functions analyzed : 241
Paths analyzed : 94669
Time taken by analysis : 00:02:41
Defect occurrences found : 242 Total
19 AUDIT.SPECULATIVE_EXECUTION_DATA_LEAK
1 CHECKED_RETURN
171 DC.STRING_BUFFER
1 DEADCODE
1 MISSING_BREAK
35 OVERRUN
1 PW.PARAMETER_HIDDEN
1 SIZEOF_MISMATCH
9 STACK_USE
2 UNREACHABLE
1 UNUSED_VALUE
在rule.txt里,规则如下:
--all
--rule
--enable-constraint-fpp
--enable-callgraph-metrics
--enable-fnptr
--enable-virtual
--enable
USER_POINTER
--enable
DC.STRING_BUFFER
--enable
ENUM_AS_BOOLEAN
--enable
UNENCRYPTED_SENSITIVE_DATA
--enable
WEAK_GUARD
--enable
WEAK_PASSWORD_HASH
--enable
HARDCODED_CREDENTIALS
--enable
AUDIT.SPECULATIVE_EXECUTION_DATA_LEAK
--enable
INTEGER_OVERFLOW
--enable
MIXED_ENUMS
--enable
RISKY_CRYPTO
--enable
COM.ADDROF_LEAK
--enable
COM.BSTR.ALLOC
--enable
COM.BSTR.BAD_COMPARE
--enable
COM.BSTR.NE_NON_BSTR
--enable
FLOATING_POINT_EQUALITY
--enable
VCALL_IN_CTOR_DTOR
8.上传到服务端页面上
执行命令(Coverity 8.7.1 命令与Ant 任务说明书page 2)
#cov-commit-defects --dir cov --host 127.0.0.1 --user XiaoXiangzai --password project-cov_0001 --stream STRAM-NAME
更多推荐
所有评论(0)