Fortify scan tool with CMAKE

--- tags: Linux --- # Fortify scan tool with CMAKE ## step0: export toolchain path & fortify/sourceanalyzer path ## step1: 寫compiler wrapper file叫mycc&mycxx如下: ### 寫wrapper的目的是為了不要CMAKE檢查compiler的路徑 file: mycc ```shell= #!/bin/sh SOURCEANALYZER=sourceanalyzer PROJECTID="Test" $SOURCEANALYZER -b $PROJECTID arm-none-eabi-gcc $@ ``` file: mycxx ```shell= #!/bin/sh SOURCEANALYZER=sourceanalyzer PROJECTID="Test" $SOURCEANALYZER -b $PROJECTID arm-none-eabi-g++ $@ ``` ## step2: CMAKE的toolchain file不要指定compiler ## step3: CMAKE的toolchain file設定 `set(CMAKE_C_COMPILER_WORKS 1)` 這個是為了不要CMAKE檢查compiler是否真的能用因為CMAKE很雞婆會用你給的compiler去測試編譯有可能產生錯誤也許加了這個設定可以不用做wrapper也說不定(沒測) ## setp4: export CC=mycc ## setp5: export CXX=mycxx ## setp6: 執行cmake ## fortify scan command sourceanalyzer -b project_ID -scan -f results.fpr ## 轉換報告 birtreportgenerator -template "Developer Workbook" -format PDF -output "results.pdf" -source " results.fpr"