Add configuration option to run code analysis (#301)

* Add configuration option to run code analysis Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Add analysis to build matrix Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Fix typo Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Enable code analysis on all builds Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Add default ruleset Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Enable all passing rules Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Update Analyze.default.ruleset Co-authored-by: Dave Thaler <dthaler@microsoft.com> * Update Analyze.default.ruleset Co-authored-by: Dave Thaler <dthaler@microsoft.com> * Switch rules from prevail to warning Signed-off-by: Alan Jowett <alanjo@microsoft.com> Co-authored-by: Dave Thaler <dthaler@microsoft.com>
2021-06-24 11:53:51 -07:00 · 2021-06-24 11:53:51 -07:00 · e8f91a5ffd
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -62,7 +62,7 @@ jobs:
      working-directory: ${{env.GITHUB_WORKSPACE}}
      # Add additional options to the MSBuild command line here (like platform or verbosity level).
      # See https://docs.microsoft.com/visualstudio/msbuild/msbuild-command-line-reference
-      run: msbuild /m /p:Configuration=${{env.BUILD_CONFIGURATION}} /p:Platform=${{env.BUILD_PLATFORM}} ${{env.SOLUTION_FILE_PATH}}
+      run: msbuild /m /p:Configuration=${{env.BUILD_CONFIGURATION}} /p:Platform=${{env.BUILD_PLATFORM}} /p:Analysis='True' ${{env.SOLUTION_FILE_PATH}}

    - name: Run Unit Tests
      working-directory: ./${{env.BUILD_PLATFORM}}/${{env.BUILD_CONFIGURATION}}
--- a/Analyze.default.ruleset
+++ b/Analyze.default.ruleset
@ -0,0 +1,284 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+  Copyright (c) Microsoft Corporation
+  SPDX-License-Identifier: MIT
+-->
+<RuleSet Name="Copy of Microsoft Native Recommended Rules" Description="These rules focus on the most critical and common problems in your native code, including potential security holes and application crashes.  You should include this rule set in any custom rule set you create for your native projects.  This ruleset is designed to work with Visual Studio Professional edition and higher." ToolsVersion="16.0">
+  <Rules AnalyzerId="Microsoft.Analyzers.NativeCodeAnalysis" RuleNamespace="Microsoft.Rules.Native">
+    <!-- All rules marked as Warning should be switched to Error once all instances are resolved. -->
+    <!-- Resolving an instance can be done via either locally suppressing it or fixing the issue. -->
+    <Rule Id="C26100" Action="Error" />
+    <Rule Id="C26101" Action="Error" />
+    <!-- warning C26110: Caller failing to hold lock <lock> before calling function <func> -->
+    <Rule Id="C26110" Action="Warning" />
+    <Rule Id="C26111" Action="Error" />
+    <Rule Id="C26112" Action="Error" />
+    <Rule Id="C26115" Action="Error" />
+    <Rule Id="C26116" Action="Error" />
+    <Rule Id="C26117" Action="Error" />
+    <Rule Id="C26140" Action="Error" />
+    <Rule Id="C26437" Action="Error" />
+    <!-- "This kind of function may not throw. Declare it 'noexcept'." -->
+    <Rule Id="C26439" Action="Warning" />
+    <Rule Id="C26441" Action="Error" />
+    <Rule Id="C26444" Action="Error" />
+    <Rule Id="C26449" Action="Error" />
+    <!-- Arithmetic overflow: '%operator%' operation causes overflow at compile time. Use a wider type to store the operands -->
+    <Rule Id="C26450" Action="Warning" />
+    <!-- Arithmetic overflow: Using operator 'operator' on a size-a byte value and then casting the result to a size-b byte value. Cast the value to the wider type before calling operator 'operator' to avoid overflow -->
+    <Rule Id="C26451" Action="Warning" />
+    <Rule Id="C26452" Action="Error" />
+    <Rule Id="C26453" Action="Error" />
+    <Rule Id="C26454" Action="Error" />
+    <Rule Id="C26478" Action="Error" />
+    <Rule Id="C26479" Action="Error" />
+    <!-- Variable '%variable%' is uninitialized. Always initialize a member variable (type.6). -->
+    <Rule Id="C26495" Action="Warning" />
+    <Rule Id="C26498" Action="Error" />
+    <Rule Id="C26810" Action="Error" />
+    <Rule Id="C26811" Action="Error" />
+    <!-- Warning C26812: Prefer 'enum class' over 'enum' (Enum.3) -->
+    <Rule Id="C26812" Action="Warning" />
+    <Rule Id="C26815" Action="Error" />
+    <!-- Warning C26816 The pointer points to memory allocated on the stack (ES.65) -->
+    <Rule Id="C26816" Action="Warning" />
+    <!-- Potentially expensive copy of variable name in range-for loop. Consider making it a const reference (es.71). -->
+    <Rule Id="C26817" Action="Warning" />
+    <!-- Unannotated fallthrough between switch labels (es.78). -->
+    <Rule Id="C26819" Action="Warning" />
+    <!-- Assigning by value when a const-reference would suffice, use const auto& instead (p.9). -->
+    <Rule Id="C26820" Action="Warning" />
+    <Rule Id="C28020" Action="Error" />
+    <Rule Id="C28021" Action="Error" />
+    <Rule Id="C28022" Action="Error" />
+    <!-- warning C28023: The function being assigned or passed should have a _Function_class_ annotation for at least one of the class(es) in: <classlist> -->
+    <Rule Id="C28023" Action="Warning" />
+    <Rule Id="C28024" Action="Error" />
+    <Rule Id="C28039" Action="Error" />
+    <Rule Id="C28112" Action="Error" />
+    <Rule Id="C28113" Action="Error" />
+    <Rule Id="C28125" Action="Error" />
+    <Rule Id="C28137" Action="Error" />
+    <Rule Id="C28138" Action="Error" />
+    <Rule Id="C28159" Action="Error" />
+    <Rule Id="C28160" Action="Error" />
+    <Rule Id="C28163" Action="Error" />
+    <Rule Id="C28164" Action="Error" />
+    <Rule Id="C28182" Action="Error" />
+    <Rule Id="C28183" Action="Error" />
+    <!-- warning C28193: The variable holds a value that must be examined -->
+    <Rule Id="C28193" Action="Warning" />
+    <Rule Id="C28196" Action="Error" />
+    <Rule Id="C28202" Action="Error" />
+    <Rule Id="C28203" Action="Error" />
+    <Rule Id="C28205" Action="Error" />
+    <Rule Id="C28206" Action="Error" />
+    <Rule Id="C28207" Action="Error" />
+    <Rule Id="C28209" Action="Error" />
+    <Rule Id="C28210" Action="Error" />
+    <Rule Id="C28211" Action="Error" />
+    <Rule Id="C28212" Action="Error" />
+    <Rule Id="C28213" Action="Error" />
+    <Rule Id="C28214" Action="Error" />
+    <Rule Id="C28215" Action="Error" />
+    <Rule Id="C28216" Action="Error" />
+    <Rule Id="C28217" Action="Error" />
+    <Rule Id="C28218" Action="Error" />
+    <Rule Id="C28219" Action="Error" />
+    <Rule Id="C28220" Action="Error" />
+    <Rule Id="C28221" Action="Error" />
+    <Rule Id="C28222" Action="Error" />
+    <Rule Id="C28223" Action="Error" />
+    <Rule Id="C28224" Action="Error" />
+    <Rule Id="C28225" Action="Error" />
+    <Rule Id="C28226" Action="Error" />
+    <Rule Id="C28227" Action="Error" />
+    <Rule Id="C28228" Action="Error" />
+    <Rule Id="C28229" Action="Error" />
+    <Rule Id="C28230" Action="Error" />
+    <Rule Id="C28231" Action="Error" />
+    <Rule Id="C28232" Action="Error" />
+    <Rule Id="C28233" Action="Error" />
+    <Rule Id="C28234" Action="Error" />
+    <Rule Id="C28235" Action="Error" />
+    <Rule Id="C28236" Action="Error" />
+    <Rule Id="C28237" Action="Error" />
+    <Rule Id="C28238" Action="Error" />
+    <Rule Id="C28239" Action="Error" />
+    <Rule Id="C28240" Action="Error" />
+    <Rule Id="C28241" Action="Error" />
+    <Rule Id="C28243" Action="Error" />
+    <Rule Id="C28244" Action="Error" />
+    <Rule Id="C28245" Action="Error" />
+    <Rule Id="C28246" Action="Error" />
+    <Rule Id="C28250" Action="Error" />
+    <!-- warning C28251: Inconsistent annotation for function: this instance has an error -->
+    <Rule Id="C28251" Action="Warning" />
+    <!-- warning C28252: Inconsistent annotation for function: parameter has another annotation on this instance -->
+    <Rule Id="C28252" Action="Warning" />
+    <!-- warning C28253: Inconsistent annotation for function: parameter has another annotations on this instance -->
+    <Rule Id="C28253" Action="Warning" />
+    <Rule Id="C28254" Action="Error" />
+    <Rule Id="C28262" Action="Error" />
+    <Rule Id="C28263" Action="Error" />
+    <Rule Id="C28267" Action="Error" />
+    <Rule Id="C28272" Action="Error" />
+    <Rule Id="C28273" Action="Error" />
+    <Rule Id="C28275" Action="Error" />
+    <Rule Id="C28279" Action="Error" />
+    <Rule Id="C28280" Action="Error" />
+    <Rule Id="C28282" Action="Error" />
+    <Rule Id="C28285" Action="Error" />
+    <Rule Id="C28286" Action="Error" />
+    <Rule Id="C28287" Action="Error" />
+    <Rule Id="C28288" Action="Error" />
+    <Rule Id="C28289" Action="Error" />
+    <Rule Id="C28290" Action="Error" />
+    <Rule Id="C28291" Action="Error" />
+    <Rule Id="C28300" Action="Error" />
+    <Rule Id="C28301" Action="Error" />
+    <Rule Id="C28302" Action="Error" />
+    <Rule Id="C28303" Action="Error" />
+    <Rule Id="C28304" Action="Error" />
+    <Rule Id="C28305" Action="Error" />
+    <Rule Id="C28306" Action="Error" />
+    <Rule Id="C28307" Action="Error" />
+    <Rule Id="C28308" Action="Error" />
+    <Rule Id="C28309" Action="Error" />
+    <Rule Id="C28350" Action="Error" />
+    <Rule Id="C28351" Action="Error" />
+    <Rule Id="C33001" Action="Error" />
+    <Rule Id="C33004" Action="Error" />
+    <Rule Id="C33005" Action="Error" />
+    <Rule Id="C33010" Action="Error" />
+    <Rule Id="C33011" Action="Error" />
+    <Rule Id="C33020" Action="Error" />
+    <!-- warning C6001: using uninitialized memory <variable> -->
+    <Rule Id="C6001" Action="Warning" />
+    <!-- warning C6011: dereferencing NULL pointer <name> -->
+    <Rule Id="C6011" Action="Warning" />
+    <Rule Id="C6029" Action="Error" />
+    <!-- warning C6031: return value ignored: called-function could return unexpected value -->
+    <Rule Id="C6031" Action="Warning" />
+    <Rule Id="C6053" Action="Error" />
+    <!-- warning C6054: string <variable> may not be zero-terminated -->
+    <Rule Id="C6054" Action="Warning" />
+    <Rule Id="C6059" Action="Error" />
+    <Rule Id="C6063" Action="Error" />
+    <Rule Id="C6064" Action="Error" />
+    <Rule Id="C6066" Action="Error" />
+    <Rule Id="C6067" Action="Error" />
+    <!-- warning C6101: Returning uninitialized memory -->
+    <Rule Id="C6101" Action="Warning" />
+    <Rule Id="C6200" Action="Error" />
+    <Rule Id="C6201" Action="Error" />
+    <Rule Id="C6214" Action="Error" />
+    <Rule Id="C6215" Action="Error" />
+    <Rule Id="C6216" Action="Error" />
+    <Rule Id="C6217" Action="Error" />
+    <Rule Id="C6220" Action="Error" />
+    <Rule Id="C6226" Action="Error" />
+    <Rule Id="C6230" Action="Error" />
+    <Rule Id="C6235" Action="Error" />
+    <Rule Id="C6236" Action="Error" />
+    <Rule Id="C6237" Action="Error" />
+    <Rule Id="C6242" Action="Error" />
+    <Rule Id="C6248" Action="Error" />
+    <Rule Id="C6250" Action="Error" />
+    <Rule Id="C6255" Action="Error" />
+    <Rule Id="C6258" Action="Error" />
+    <Rule Id="C6259" Action="Error" />
+    <Rule Id="C6260" Action="Error" />
+    <Rule Id="C6262" Action="Error" />
+    <Rule Id="C6263" Action="Error" />
+    <Rule Id="C6268" Action="Error" />
+    <Rule Id="C6269" Action="Error" />
+    <Rule Id="C6270" Action="Error" />
+    <Rule Id="C6271" Action="Error" />
+    <Rule Id="C6272" Action="Error" />
+    <Rule Id="C6273" Action="Error" />
+    <Rule Id="C6274" Action="Error" />
+    <Rule Id="C6276" Action="Error" />
+    <Rule Id="C6277" Action="Error" />
+    <Rule Id="C6278" Action="Error" />
+    <Rule Id="C6279" Action="Error" />
+    <Rule Id="C6280" Action="Error" />
+    <Rule Id="C6281" Action="Error" />
+    <Rule Id="C6282" Action="Error" />
+    <Rule Id="C6283" Action="Error" />
+    <Rule Id="C6284" Action="Error" />
+    <Rule Id="C6285" Action="Error" />
+    <Rule Id="C6286" Action="Error" />
+    <Rule Id="C6287" Action="Error" />
+    <Rule Id="C6288" Action="Error" />
+    <Rule Id="C6289" Action="Error" />
+    <Rule Id="C6290" Action="Error" />
+    <Rule Id="C6291" Action="Error" />
+    <Rule Id="C6292" Action="Error" />
+    <Rule Id="C6293" Action="Error" />
+    <Rule Id="C6294" Action="Error" />
+    <Rule Id="C6295" Action="Error" />
+    <Rule Id="C6296" Action="Error" />
+    <Rule Id="C6297" Action="Error" />
+    <Rule Id="C6299" Action="Error" />
+    <Rule Id="C6302" Action="Error" />
+    <Rule Id="C6303" Action="Error" />
+    <Rule Id="C6305" Action="Error" />
+    <Rule Id="C6306" Action="Error" />
+    <Rule Id="C6308" Action="Error" />
+    <Rule Id="C6310" Action="Error" />
+    <Rule Id="C6312" Action="Error" />
+    <Rule Id="C6314" Action="Error" />
+    <Rule Id="C6317" Action="Error" />
+    <Rule Id="C6318" Action="Error" />
+    <Rule Id="C6319" Action="Error" />
+    <Rule Id="C6324" Action="Error" />
+    <Rule Id="C6328" Action="Error" />
+    <Rule Id="C6331" Action="Error" />
+    <Rule Id="C6332" Action="Error" />
+    <Rule Id="C6333" Action="Error" />
+    <Rule Id="C6335" Action="Error" />
+    <Rule Id="C6381" Action="Error" />
+    <Rule Id="C6383" Action="Error" />
+    <Rule Id="C6384" Action="Error" />
+    <!-- warning C6385: invalid data: accessing buffer-name, the readable size is size1 bytes, but size2 bytes may be read: Lines: x, y -->
+    <Rule Id="C6385" Action="Warning" />
+    <!-- warning C6386: buffer overrun: accessing <buffer name>, the writable size is <size1> bytes, but <size2> bytes may be written: Lines: x, y -->
+    <Rule Id="C6386" Action="Warning" />
+    <!-- <argument> may be <value>: this does not adhere to the specification for the function <function name>: Lines: x, y -->
+    <Rule Id="C6387" Action="Warning" />
+    <Rule Id="C6388" Action="Error" />
+    <Rule Id="C6500" Action="Error" />
+    <Rule Id="C6501" Action="Error" />
+    <Rule Id="C6503" Action="Error" />
+    <Rule Id="C6504" Action="Error" />
+    <Rule Id="C6505" Action="Error" />
+    <Rule Id="C6506" Action="Error" />
+    <Rule Id="C6508" Action="Error" />
+    <Rule Id="C6509" Action="Error" />
+    <Rule Id="C6510" Action="Error" />
+    <Rule Id="C6511" Action="Error" />
+    <Rule Id="C6513" Action="Error" />
+    <Rule Id="C6514" Action="Error" />
+    <Rule Id="C6515" Action="Error" />
+    <Rule Id="C6516" Action="Error" />
+    <Rule Id="C6517" Action="Error" />
+    <Rule Id="C6518" Action="Error" />
+    <Rule Id="C6522" Action="Error" />
+    <Rule Id="C6525" Action="Error" />
+    <Rule Id="C6527" Action="Error" />
+    <Rule Id="C6530" Action="Error" />
+    <Rule Id="C6540" Action="Error" />
+    <Rule Id="C6551" Action="Error" />
+    <Rule Id="C6552" Action="Error" />
+    <Rule Id="C6701" Action="Error" />
+    <Rule Id="C6702" Action="Error" />
+    <Rule Id="C6703" Action="Error" />
+    <Rule Id="C6704" Action="Error" />
+    <Rule Id="C6705" Action="Error" />
+    <Rule Id="C6706" Action="Error" />
+    <Rule Id="C6993" Action="Error" />
+    <Rule Id="C6995" Action="Error" />
+    <Rule Id="C6997" Action="Error" />
+  </Rules>
+</RuleSet>
--- a/Directory.Build.props
+++ b/Directory.Build.props
@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+  Copyright (c) Microsoft Corporation
+  SPDX-License-Identifier: MIT
+-->
+<Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003" TreatAsLocalProperty="Platform">
+  <PropertyGroup Condition="'$(Analysis)'=='True'">
+    <RunCodeAnalysis>true</RunCodeAnalysis>
+    <DisableAnalyzeExternal>true</DisableAnalyzeExternal>
+    <CodeAnalysisRuleSet>$(SolutionDir)Analyze.default.ruleset</CodeAnalysisRuleSet>
+  </PropertyGroup>
+</Project>