From f9d72cb2e223395089802730e0ea834c67607dd7 Mon Sep 17 00:00:00 2001
From: "Daniel J. Hofmann" <daniel@trvx.org>
Date: Fri, 11 Sep 2015 18:33:29 +0200
Subject: [PATCH] Static analysis: integration with the Static Analyzer.

This provides a wrapper script to invoke the Static Analyzer on the code
base. The script simply wraps your commands, that is you have to do the
following:

    ..scripts/analyze cmake ..
    ..scripts/analyze cmake --build .

Note: the Static Analyzer is integrated in Xcode, so if you are on a
Mac, consider using Xcode natively instead of this wrapper script that
will only give you HTML output.

Reference:

- http://clang-analyzer.llvm.org/
---
 scripts/analyze.sh | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100755 scripts/analyze.sh

diff --git a/scripts/analyze.sh b/scripts/analyze.sh
new file mode 100755
index 00000000000..872d4952626
--- /dev/null
+++ b/scripts/analyze.sh
@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+
+# Runs the Static Analyzer on the code base.
+# This is a wrapper intended to be used with like this:
+# 1/ analyze cmake ..
+# 2/ analyze cmake --build .
+
+exec scan-build -analyze-headers -no-failure-reports --keep-going --status-bugs \
+  -enable-checker alpha.core.BoolAssignment \
+  -enable-checker alpha.core.IdenticalExpr \
+  -enable-checker alpha.core.TestAfterDivZero \
+  -enable-checker alpha.deadcode.UnreachableCode \
+  -enable-checker alpha.security.ArrayBoundV2 \
+  -enable-checker alpha.security.MallocOverflow \
+  -enable-checker alpha.security.ReturnPtrRange \
+  -enable-checker security.FloatLoopCounter \
+  -enable-checker security.insecureAPI.rand \
+  -enable-checker security.insecureAPI.strcpy \
+  "${@}"