Configure C++ Macros and Build Files
In version 9.4, a semi-automatic approach was added to improve the way the Checkmarx C++ parser handles macros and build files. This section provides a high-level description of what is offered.
From 9.4 on, the configuration as code CppDefaultMacros.json file is replaced by the approach described in this section.
Note that the CppDefaultMacros.json file is still considered if it exists at the root of the project being scanned, and it overrides all information obtained from the semi-automatic approach.
Please contact your Customer Service Manager (CSM), to request Professional Services assistance with this customization
- 1 Overview
- 2 C++ Build Files Support
- 3 C++ Macros Database
- 3.1 Supported Libraries (pre-defined set)
- 3.1.1 OpenSSL (libssl, libcrypto) 1.1.1
- 3.1.2 libcurl 7.72.0
- 3.1.3 libssh2 1.9.0
- 3.1.4 libtiff 4.1.0
- 3.1.5 libxml++ 4.9
- 3.1.6 libzlib 1.2.11
- 3.1.7 libid3 3.8.3
- 3.1.8 libpng 1.6.37
- 3.1.9 libgcrypt 1.8.6
- 3.1.10 Googletest 1.10.0 (former Google Mock)
- 3.1 Supported Libraries (pre-defined set)
- 4 FAQ
Overview
The objective was to reduce the manual work of configuring a CppDefaultMacros.json file for each project being scanned, by providing the following:
A method of inspecting and extracting macros, including paths and other information from the build files present in the project being scanned.
A method of extracting macros from different repositories and adding them to a database to be used during the C++ preprocessing.
C++ Build Files Support
The new approach includes elementary support for the most common C++ build files.
Currently, the following files/build technologies are detected:
Makefiles
CMake
Autotools
QMake
Compile Database
We inspect these files to extract (when possible):
Macro Definitions
Global Include paths
Target OS Architecture Information
Other specific options, such as trigraphs
C++ Macros Database
The C++ Macros Database gathers C++ macros and their definition to be used in the CxSAST scans.
This database is shipped with the CxSAST solution with a pre-defined set of macros found on known and most-used libraries.
However it can be extended and fine-tuned for the customer (with the help of Checkmarx’s PS people), considering libraries present in the customer code base, which may not be on our database.
Supported Libraries (pre-defined set)
FAQ
Q: Is the CppDefaultMacros.json configuration file needed?
A: No. It is still considered in case it exists at the root of the project. The file is useful if want to add some extra information that is neither in the macro database nor in the build files.
Q: Are the build files processing ON by default?
A: Yes!