Cobra Static Code Analyzer


about papers manpages downloads

Evaluation Version V2.3 of Cobra with Rule Libraries

Installation

  • choose a directory where you want to install the tool, and place the tar-file there. below this is referred to as directory $COBRA
  • untarring the archive creates these subdirectories and files:
       $ tar -xzf cobra_*.tar.gz
       drwxrwxr-x 2 gh gh 4096 May 16 12:59 bin
       drwxrwxr-x 2 gh gh 4096 May 15 10:03 doc
       drwxrwxr-x 8 gh gh 4096 May 12 15:55 rules
       -rwxrwxr-x 1 gh gh  555 May 16 12:43 install.sh
    
  • execute the installation script install.sh (this will also try to install a manual page, hence the sudo for linux):
       $ sudo sh install.sh
    
    the installation creates a ~/.cobra file, which cobra reads on startup to find predefined queries
  • add $COBRA/cobra/bin to your search path (where the cobra executables live)

Basic Usage

  • cd to the directory with the source files you want to work on, and start cobra. For instance, try some predefined checks:
       $ cobra -terse -f basic *.[ch]
    
    or for more detail, and with preprocessing enabled:
       $ cobra -cpp -f basic *.[ch]
    
    add C preprocessor directives on the command-line as needed
  • some of predefined checks:
      $ cobra -terse -f stats     *.[ch]
      $ cobra -terse -f metrics   *.[ch]
      $ cobra -terse -f misra1997 *.[ch]
      $ cobra -terse -f basic     *.[ch]
    
    for a list:
      $ cobra -lib
    
    for all command-line options:
      $ cobra --
    
    or check the online manual pages, which also give details on writing inline cobra programs
  • for interactive use, type for instance:
       $ cobra -cpp *.[ch]
       4 cores, 14 files, 93623 tokens
       :           # << the cobra command prompt
       :           # << type your queries here
       : q         # << quit
       $
    

Support

  • report problems and bug reports: gholzmann [atsign] acm [dot] org

License