Merge pull request #2061 from Exiv2/main_pvs

Adding static analysis with PVS-Studio
3 years ago · b96091880a
parent ac9439e931 4746bb46af
commit b96091880a
6 changed files with 111 additions and 8 deletions
--- a/.github/workflows/on_PR_linux_special_builds.yml
+++ b/.github/workflows/on_PR_linux_special_builds.yml
@ -1,6 +1,8 @@
 name: On PRs - Linux Special Builds

-on: [pull_request]
+on:
+  workflow_dispatch:
+  pull_request:

 jobs:
  special_debugRelease:
@ -150,7 +152,7 @@ jobs:
          ctest --output-on-failure

  special_allEnabled:
-    name: 'Ubuntu 20.04 - GCC - All Options Enabled'
+    name: 'Ubuntu 20.04 - GCC - All Options Enabled + Documentation'
    runs-on: ubuntu-latest

    steps:
@ -196,3 +198,68 @@ jobs:
      - name: Generate documentation
        run: |
          make doc
+
+  special_pvsStudio:
+    name: 'Ubuntu 20.04 - GCC - Static Analyzer: PVS-Studio'
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 2
+          # Trying to deal with warning: ->  Issue detecting commit SHA. Please run actions/checkout with fetch-depth > 1 or set to 0
+
+      - name: install dependencies
+        run: |
+          pip3 install conan==1.43.0
+          sudo add-apt-repository ppa:ubuntu-lxc/daily -y
+          wget -q -O - https://files.pvs-studio.com/etc/pubkey.txt |sudo apt-key add -
+          sudo wget -O /etc/apt/sources.list.d/viva64.list https://files.pvs-studio.com/etc/viva64.list
+          sudo apt-get update -qq
+          sudo apt-get install -qq pvs-studio
+
+      - name: Conan common config
+        run: |
+          conan profile new --detect default
+          conan profile update settings.compiler.libcxx=libstdc++11 default
+
+      - name: Run Conan
+        run: |
+          mkdir build && cd build
+          conan profile list
+          conan profile show default
+          conan install .. -o webready=True --build missing
+
+      - name: Configure
+        run: |
+          cd build && \
+          cmake -DCMAKE_BUILD_TYPE=Debug \
+            -DBUILD_SHARED_LIBS=ON \
+            -DEXIV2_ENABLE_PNG=ON \
+            -DEXIV2_ENABLE_WEBREADY=ON \
+            -DEXIV2_ENABLE_CURL=ON \
+            -DEXIV2_BUILD_UNIT_TESTS=ON \
+            -DEXIV2_ENABLE_BMFF=ON \
+            -DEXIV2_TEAM_WARNINGS_AS_ERRORS=ON \
+            -DBUILD_WITH_COVERAGE=ON \
+            -DCMAKE_INSTALL_PREFIX=install \
+            -DCMAKE_EXPORT_COMPILE_COMMANDS=ON \
+            .. \
+
+      - name: Static Analysis
+        env:
+          PVS_USERNAME: ${{ secrets.PVS_USERNAME }}
+          PVS_KEY: ${{ secrets.PVS_KEY }}
+        run: |
+          cd build
+          pvs-studio-analyzer credentials $PVS_USERNAME $PVS_KEY -o PVS_license.lic
+          pvs-studio-analyzer analyze -l PVS_license.lic -o pvsStudio.log -j4
+          plog-converter -a GA:1,2 -d V1042 -t fullhtml pvsStudio.log -o pvsReportHtml
+
+      - uses: actions/upload-artifact@v2
+        with:
+          name: static_analysis
+          path: build/pvsReportHtml
+          retention-days: 7
+          
+          
--- a/.pvsconfig
+++ b/.pvsconfig
@ -0,0 +1 @@
+//-V::1042
--- a/cmake/mainSetup.cmake
+++ b/cmake/mainSetup.cmake
@ -8,6 +8,8 @@ include(CMakeDependentOption)
 include(cmake/JoinPaths.cmake)
 include(CTest)

+set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
+
 set(CMAKE_ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib)
 set(CMAKE_LIBRARY_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib)

--- a/codecov.yml
+++ b/codecov.yml
@ -1,3 +1,7 @@
+codecov:
+  branch: main
+  precision: 2
+  range: "60..100"
  ignore:
    - "xmpsdk"  # Not interested about the coverage of XMKSDK
    - "unitTests"
--- a/doc/readme-pvs-studio.md
+++ b/doc/readme-pvs-studio.md
@ -0,0 +1,31 @@
+# How to integrate PVS-Studio
+
+We obtained a free license of PVS-Studio due to the open source nature of Exiv2.
+
+## CMake integration
+
+To check a project configured with CMake, such as Exiv2, we need to generate the JSON compilation database. 
+
+```bash
+# Under an already configured "buildXXX" directory
+cd buildXXX
+cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=ON ...
+
+# Once the CMake configuration is done, we should obtain a output file 'compile_commands.json'
+# NOTE: This option is enabled by default inside our CMake configuration (see cmake/mainSetup.cmake)
+```
+
+The analysis starts by running the following commands:
+
+```bash
+export PVS_LICENSE=~/.config/PVS-Studio/PVS-Studio.lic
+pvs-studio-analyzer analyze -l $PVS_LICENSE -o pvsStudio.log -j8
+plog-converter -a GA:1,2 -t tasklist pvsStudio.log -o pvsStudio.tasks
+plog-converter -a GA:1,2 -t fullhtml pvsStudio.log -o pvsReportHtml
+plog-converter -a GA:1,2 -d V1042 -t fullhtml pvsStudio.log -o pvsReportHtml
+```
+
+## CI
+
+The PVS username & key are configured as secrets in the security settings of the project. Then we make use of such
+secrets in the Github workflow named `special_pvsStudio`.
--- a/src/types.cpp
+++ b/src/types.cpp
@ -163,8 +163,6 @@ namespace Exiv2 {
    {
        if (size > size_) {
            delete[] pData_;
-            pData_ = nullptr;
-            size_ = 0;
            pData_ = new byte[size];
            size_ = size;
        }