OpenBLAS security analysis

Goal

Lear how to use Codee for Static Application Security Testing (SAST) and generate a SAST report for OpenBLAS.

Getting started

Make sure you have Codee installed and available on your machine and clone the OpenBLAS repository.

git clone https://github.com/OpenMathLib/OpenBLAS.git && cd OpenBLAS

The compile_commands.json can be obtained using bear:

bear -- make -j

To obtain Codee SAST results for the CWE standard execute the following command:

codee diagnose --sast

You should have obtained a result similar to this:

<...>

5263 files, 7502 functions, 18585 loops, 609155 LOCs successfully analyzed (32158 checkers) and 0 non-analyzed files in 23 m 1 s