README.md
1# Static code analysis for FreeRTOS-Plus-TCP library
2This directory is made for the purpose of statically testing the MISRA C:2012 compliance of FreeRTOS+TCP using
3[Synopsys Coverity](https://www.synopsys.com/software-integrity/security-testing/static-analysis-sast.html) static analysis tool.
4To that end, this directory provides a [CMake](https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/blob/main/test/Coverity/CMakeLists.txt)
5file and [configuration files](https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/tree/main/test/Coverity/ConfigFiles) required to build
6an application for the tool to analyze.
7
8> **Note**
9For generating the report as outlined below, we have used Coverity version 2018.09.
10
11For details regarding the suppressed violations in the report (which can be generated using the instructions described below), please
12see the [MISRA.md](https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/blob/main/MISRA.md) file.
13
14## Getting Started
15### Prerequisites
16You can run this on a platform supported by Coverity. The list and other details can be found [here](https://sig-docs.synopsys.com/polaris/topics/c_coverity-compatible-platforms.html).
17To compile and run the Coverity target successfully, you must have the following:
18
191. CMake version > 3.13.0 (You can check whether you have this by typing `cmake --version`)
202. GCC compiler
21 - You can see the downloading and installation instructions [here](https://gcc.gnu.org/install/).
223. Download the repo and include the submodules using the following commands.
23 - `git clone --recurse-submodules https://github.com/FreeRTOS/FreeRTOS-Plus-TCP.git ./FreeRTOS_TCP`
24 - `cd ./FreeRTOS_TCP`
25 - `git submodule update --checkout --init --recursive`
26
27### To build and run coverity:
28Go to the root directory of the FreeRTOS-Plus-TCP repo and run the following commands in terminal:
291. Update the compiler configuration in Coverity
30 ~~~
31 cov-configure --force --compiler cc --comptype gcc
32 ~~~
332. Create the build files using CMake in a `build` directory
34 ~~~
35 cmake -B build -S test/Coverity
36 ~~~
373. Go to the build directory and copy the coverity configuration file
38 ~~~
39 cd build/
40 cp ../test/Coverity/coverity_misra.config .
41 ~~~
424. Build the (pseudo) application
43 ~~~
44 cov-build --emit-complementary-info --dir cov-out make
45 ~~~
465. Go to the Coverity output directory (`cov-out`) and begin Coverity static analysis
47 ~~~
48 cd cov-out/
49 cov-analyze --dir . --coding-standard-config ../coverity_misra.config --tu-pattern "file('.*/FreeRTOS-Plus-TCP/source/.*')"
50 ~~~
516. Format the errors in HTML format so that it is more readable while removing the FreeRTOS-Kernel directory from the report
52 ~~~
53 cov-format-errors --dir . --exclude-files '(.*/FreeRTOS-Kernel/.*)' --html-output html-output
54 ~~~
55
56You should now have the HTML formatted violations list in a directory named `html-output`.
57With the current configuration and the provided project, you should see only one deviation from advisory rule 8.13 in file
58FreeRTOS_IP.c [here](https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/blob/4ac10c84a384f0414f4aec0d4be0ee7c345f2f8b/source/FreeRTOS_IP.c#L236).
59This deviation has a justification outlined [here](https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/blob/main/MISRA.md#rule-813). With
60that justification in place, a coverity suppression statement has been added to the code. However, even with that suppression in
61place, the coverity tool continues to report the deviation. Thus, as an exception, we have allowed the deviation to be reported in
62the HTML formatted report. If you find a way around it, please help us fix this by creating a pull-request in this repository.
63
