Uploaded image for project: 'SonarCFamily'
  1. SonarCFamily
  2. CPP-3688

dogfood-friendly dataflow-based advanced issue reporting

    XMLWordPrintable

    Details

      Description

      Implement the new dataflow-based interactive reporting for dogfooding. The work can be roughly broken down into the following steps:

      • implement the generation of the df-issue-report.json based on DFG
        • Define the DF-based report format and add it to analyzer::Issue class
        • Serialize all DF-based issues into df-issue-report.json
      • implement the visitor constructing the DFG
        • Visitor tracking assignment and initialization + traversal
        • Invoke the new reporter in our 5 rules
          BufferOverflowChecker for nullptr-arg and buffer-overflow issues.
          XXEChecker
          PamChecker
          OpenSSLHostValidationChecker
          SignedUnsignedCmpChecker
        • Visitor tracking function arguments and return value
        • Visitor tracking enablers
        • Visitor tracking informers
        • Extension for sizeof arguments
          declaration of the sizeof argument as a precursor
        • Extension for macros
          definition of the non-function macro as a precursor (transitive closure)
        • Extension for variables used in initializers of non-executed declarations
          declaration of the constants used in the size expression of an array declaration
          and the initialization arguments if they are not executed as precursors
        • Extension to streamline single-iteration loops
          e.g.:
            while(1) {...; break;}
            

          and

            do{...}while(0)
            
      • implement publish-dataflow-based-report.sh script publishing the sources and the web-app
        • ask RE to create the dedicated repo with appropriate visibility and enable GHPages
      • adapt the POC web app to fetch sources from SonarQube
      • improve upon web-app UI: reduce the mess with the arrows

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            arseniy.zaostrovnykh Arseniy Zaostrovnykh
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: