The SEI CERT Coding Standards wiki documents which analysis tools detect violations of which rules/recs. To edit or add to this information, follow these guidelines.
Adding a Tool Page
The First, you should create an empty page for the tool of interest should have a page created under the "Analyzers" section of the backmatter, if one does not already exist. Here is the list of "Analyzers" pages in each appropriate language space. It may be the case that a page already exists for the tool, in which case you can skip this step. Below are links to the "Analyzers" sections for each space.
Space | Analyzers Page |
---|---|
C | EE. Analyzers |
C++ | CC. Analyzers |
Java | |
Perl | BB. Analyzers |
The page should be titled with the name of the analysis tool. The page will be automatically populated with the information that you provide on individual rule/rec pages. You do not need to add any content to it. The page should also have the 'analyzer' label so that it shows up on the Analyzers section.
Additionally, a "version" page should be created alongside the tool page. This paged page is title "titled ToolName_V", should be populated with the version number of the tool. For example, GCC_V documents the version of the GCC compiler. This version page is not automatically generated. You are responsible for entering the version information into this page.
Editing Automated Detection Tables
Each rule/rec page has an "Automated Detection" (AD) section, describing which tools can detect violations of the rule/rec. This section contains a table. Each row of the table contains information for a specific version of a tool. A row in the AD table has the following format.
Tool | Version | Checker | Description |
---|---|---|---|
Hyperlinked name of the tool | The version of the tool | Checker Name 1 Checker Name 2 Checker Name 3 ... | Checker Description 1 Checker Description 2 Checker Description 3 ... |
The information in these tables is periodically aggregated for each tool. A Each tool wiki page is then updated for each tool updated, by request, with the aggregated data , showing all of the rules/recs that the tool can detect. For example, the Clang page displays all of the rules/recs detected by various checkers in the Clang compiler.from these individual tables. This aggregation process is automatic. In order for the process to pick up your changes, you should adhere to certain guidelines when entering data into the AD tables.
- The Tool column
...
- should contain the name of the tool, hyperlinked to the corresponding tool wiki page.
- The easiest way to populate this field is with the Link macro in Confluence. Simply insert a Link macro and point it towards the appropriate tool page.
- The Version column contains the version of the tool to which this information pertains.
- The easiest way to populate this field is with the "Include Page" macro in Confluence. You should include the version page associated with the tool into this cell.
- Each checker name should be provided on a separate line in the Checker column. Or you can add multiple checkers on one line by separating them by commas.
- Each checker description should be provided on a separate line in the Description column, adjacent to the associated checker.
Requesting Tool Page Updates
Once you have finished making all of your changes, you must notify the SEI to request the corresponding Tool Page(s) to be updated. These pages are only updated by request, not on a regular basis, due to the sporadic nature of the community updates. You should submit your request to Robert Schiela and Dave Svoboda, or info@sei.cmu.edu if you do not have their contact information.