windowsbatch-filecmdfortify

Executing Fortify commands with batch file


I am trying to run Fortify commands through a batch file. Typically when running a fortify scan I use these three different commands via command line:

sourceanalyzer -b buildId-clean

sourceanalyzer -b buildId devenv "mysolution.sln" /Rebuild Debug 

sourceanalyzer -b buildId -scan -f "mysolution.fpr" -format fpr

Now when running the second command you need devenv to complete the translation. What is the best approach to call this? I've tried to run the VsDevCmd.bat before running the commands in a batch file, but end up with this:

ERROR: Cannot determine the location of the VS Common Tools folder.

This is even having the .bat file in the same directory I am call the fortify batch file.

I've also called devenv.com but get this error:

[error]: The HPE Security Fortify add-in for Visual Studio did not execute; ther efore, no files were translated. Ensure that the HPE Security Fortify add-in is installed. If you are running Visual Studio 2005 SP1, you must also install t he hotfix indicated by KB934517.

Here is the batch file command:

set SOURCEANALYZER=sourceanalyzer
set BUILDID="buildId"
set DEVCOMMAND="devenv.com"
set SOLUTIONFILE="mysolution.sln"
set ARGS="/Rebuild Debug"

%SOURCEANALYZER% -b %BUILDID% %DEVCOMMAND% %MYSOLUTION% %ARGS%

My VsDevCmd.bat and devenv.com comes from VS2015 directory.


Solution

  • From what I understand, you have three options for the devenv argument when running through command line:

    1. Use the fully-qualified path to the devenv.exe file, usually located at C:\Program Files (x86)\Mircosoft Visual Studio x.0\Common7\IDE\devenv.exe
    2. From a regular command line window, call vsvars32.bat before running the sourceanalyzer command to set some local variables, such as devenv, to the proper paths. This file is located at ‪C:\Program Files (x86)\Microsoft Visual Studio x.0\Common7\Tools\vsvars32.bat.
    3. Run the sourceanalyzer command via the Visual Studio Developer Command Prompt. This is the same as opening a traditional command line window and executing vsvars32.bat.

    If you do option 2 or 3, you will be able to simply use the variable devenv in the sourceanalyzer command, while option 1 will require a hard path in the command, but could be useful if you need to specify a version of Visual Studio to build with.