Skip to content
/ cgo-scan-build Public

Basic script to run scan-build on Golang code which uses cgo

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

stevenjohnstone/cgo-scan-build

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
test
test
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
builder
builder
 
 
docker.sh
docker.sh
 
 
scan.sh
scan.sh
 
 

Repository files navigation

scan-build for cgo

Golang can be extended by and integrated with C code using cgo. Unfortunately, this removes memory safety guarantees and inherits the dangerous traits of C code.

In modern secure software development, it's normal to run static analysis tools against C code. For example, Clang's scan-build is an excellent, open-source packaging of Clang's analysis tooling. In a perfect world, running

scan-build go build

would be enough to perform a scan. In the real world, this doesn't work but this script works around this limitation.

Usage

  1. Clone the repository
  2. In the checkout directory, run
./scan.sh <target code> <output directory>

Docker usage

  1. Clone the repository
  2. In the checkout directory, run
./docker.sh <target code> <output directory>

About

Basic script to run scan-build on Golang code which uses cgo

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages