OpenBLAS security analysis

Goal

Lear how to use Codee for Static Application Security Testing (SAST) and generate a SAST report for OpenBLAS.

Getting started

Make sure you have Codee installed and available on your machine and clone the OpenBLAS repository.

git clone https://github.com/OpenMathLib/OpenBLAS.git

Now navigate to the source code:

cd OpenBLAS

The compile_commands.json can be obtained using bear:

bear -- make -j

To obtain Codee SAST results for the CWE standard execute the following command:

codee screening --sast

You should have obtained a result similar to this:

<...>

5263 target files, 7502 functions, 18580 loops, 1035182 LOCs successfully analyzed (32175 checkers) and 0 non-analyzed files in 45 m 49 s