From 162941199e26b8d7231e8729be9ce025b2cc826a Mon Sep 17 00:00:00 2001 From: "eyalg1972@gmail.com" Date: Thu, 11 May 2017 09:10:37 +0300 Subject: [PATCH] Add support for HPE Fortify code scanning during compilation --- .../com/github/maven_nar/AbstractCompileMojo.java | 15 +++++++++++++++ .../java/com/github/maven_nar/NarCompileMojo.java | 4 ++++ .../github/maven_nar/cpptasks/CompilerDef.java | 10 +++++++++- .../cpptasks/compiler/CommandLineCompiler.java | 12 ++++++++++++ 4 files changed, 40 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/github/maven_nar/AbstractCompileMojo.java b/src/main/java/com/github/maven_nar/AbstractCompileMojo.java index f9828986f..f6a19cc10 100644 --- a/src/main/java/com/github/maven_nar/AbstractCompileMojo.java +++ b/src/main/java/com/github/maven_nar/AbstractCompileMojo.java @@ -121,6 +121,16 @@ public abstract class AbstractCompileMojo extends AbstractDependencyMojo { @Parameter private Java java; + /* + * To support scanning the code with HPE Fortify + * The attribute is used both as a flag that Fortify is required and the value set is used for the + * When setting a value - sourceanalyzer –b will be prepended to the + * command line + * */ + @Parameter(defaultValue = "") + private String fortifyID; + + /** * Flag to cpptasks to indicate whether linker options should be decorated or * not @@ -228,6 +238,11 @@ public void setCpp(final Cpp cpp) { this.cpp = cpp; cpp.setAbstractCompileMojo(this); } + + protected final String getfortifyID() + { + return this.fortifyID; + } public final void setDependencyLibOrder(final List/* */order) { this.dependencyLibOrder = order; diff --git a/src/main/java/com/github/maven_nar/NarCompileMojo.java b/src/main/java/com/github/maven_nar/NarCompileMojo.java index 9ffd3e541..780be1607 100644 --- a/src/main/java/com/github/maven_nar/NarCompileMojo.java +++ b/src/main/java/com/github/maven_nar/NarCompileMojo.java @@ -179,6 +179,8 @@ private void createLibrary(final Project antProject, final Library library) if (getCpp() != null) { final CompilerDef cpp = getCpp().getCompiler(Compiler.MAIN, null); if (cpp != null) { + // Set FortifyID attribute + cpp.setFortifyID(getfortifyID()); task.addConfiguredCompiler(cpp); } } @@ -187,6 +189,8 @@ private void createLibrary(final Project antProject, final Library library) if (getC() != null) { final CompilerDef c = getC().getCompiler(Compiler.MAIN, null); if (c != null) { + // Set FortifyID attribute + c.setFortifyID(getfortifyID()); task.addConfiguredCompiler(c); } } diff --git a/src/main/java/com/github/maven_nar/cpptasks/CompilerDef.java b/src/main/java/com/github/maven_nar/cpptasks/CompilerDef.java index 4e2a1dd03..18b4bcc8b 100644 --- a/src/main/java/com/github/maven_nar/cpptasks/CompilerDef.java +++ b/src/main/java/com/github/maven_nar/cpptasks/CompilerDef.java @@ -62,6 +62,7 @@ public final class CompilerDef extends ProcessorDef { private String compilerPrefix; private File workDir; private boolean gccFileAbsolutePath; + private String fortifyID=""; private boolean clearDefaultOptions; @@ -571,7 +572,14 @@ public void setCompilerPrefix(final String prefix) { public void setWorkDir(final File workDir) { this.workDir = workDir; } - + + public void setFortifyID(final String fortifyID) { + this.fortifyID = fortifyID; + } + + public String getFortifyID() { + return this.fortifyID; + } /** * Enumerated attribute with the values "none", "severe", "default", * "production", "diagnostic", and "aserror". diff --git a/src/main/java/com/github/maven_nar/cpptasks/compiler/CommandLineCompiler.java b/src/main/java/com/github/maven_nar/cpptasks/compiler/CommandLineCompiler.java index f42bdadf7..3c71197fa 100644 --- a/src/main/java/com/github/maven_nar/cpptasks/compiler/CommandLineCompiler.java +++ b/src/main/java/com/github/maven_nar/cpptasks/compiler/CommandLineCompiler.java @@ -60,6 +60,7 @@ public abstract class CommandLineCompiler extends AbstractCompiler { private final boolean libtool; private final CommandLineCompiler libtoolCompiler; private final boolean newEnvironment; + private String fortifyID=""; protected CommandLineCompiler(final String command, final String identifierArg, final String[] sourceExtensions, final String[] headerExtensions, @@ -215,6 +216,13 @@ public void compile(final CCTask task, final File outputDir, final String[] sour if (this.libtool) { commandlinePrefix.add("libtool"); } + if((this.fortifyID !=null) && (!this.fortifyID.equals(""))) + {// If FortifyID attribute was set, run the Fortify framework + + commandlinePrefix.add("sourceanalyzer"); + commandlinePrefix.add("-b"); + commandlinePrefix.add(this.fortifyID); + } commandlinePrefix.add(command); Collections.addAll(commandlinePrefix, args); @@ -404,6 +412,7 @@ protected CompilerConfiguration createConfiguration(final CCTask task, final Lin final String path = specificDef.getToolPath(); CommandLineCompiler compiler = this; + Environment environment = specificDef.getEnv(); if (environment == null) { for (final ProcessorDef baseDef : baseDefs) { @@ -415,6 +424,9 @@ protected CompilerConfiguration createConfiguration(final CCTask task, final Lin } else { compiler = (CommandLineCompiler) compiler.changeEnvironment(specificDef.isNewEnvironment(), environment); } + // Pass the fortifyID for compiler + compiler.fortifyID = specificDef.getFortifyID(); + return new CommandLineCompilerConfiguration(compiler, configId, incPath, sysIncPath, envIncludePath, includePathIdentifier.toString(), argArray, paramArray, rebuild, endArgs, path, specificDef.getCcache()); }