Postgres security analysis

Goal

Lear how to use Codee for Static Application Security Testing (SAST) and generate a SAST report for Postgres.

Getting started

Make sure you have Codee installed and available on your machine and clone the Postgres repository.

git clone https://github.com/postgres/postgres.git && cd postgres

The compile_commands.json can be obtained using bear:

./configure && bear -- make

To obtain Codee SAST results for the CWE standard execute the following command:

codee diagnose --sast

You should have obtained a result similar to this:

<...>

981 files, 18904 functions, 27604 loops, 825150 LOCs successfully analyzed (7809 checkers) and 0 non-analyzed files in 31 m 30 s