Strengthen how to start analysis with the command

1. Step # 1 (pure cache)

• you need to plan your scan structure before running:

scanid = 9999 (anything can be)

ProjectRoot = / local / proj / 9999 /

WorkingDirectory = / local / proj / 9999 / working

• (this directory is huge, you need "rm -rf./working & mkdir./working" before each scan, or the byte code lying under this directory and quickly consuming your hard drive.

log =/local/proj/9999/working/sca.log

= '///9999//SRC/**.*'

.

= "//9999//WEB-INF/Library/* ;/local/proj/9999/source/jars/**.*;///9999///**.*'

./sourceanalyzer -b 9999 -Dcom.fortify.sca.ProjectRoot=/local/proj/9999/ -Dcom.fortify.WorkingDirectory=/local/proj/9999/working -logfile  /local/proj/working/9999/working/sca.log  -clean

• ProjectRoot, , /home/user.fortify
• sca.log , fortify , - .
• ProjectRoot , : FORTIFY_HOME/Core/config/fortify_sca.properties).
• . /sourceanalyzer -b 9999 -clean

2. # 2 ( )

nohup ./sourceanalyzer -b 9999 -verbose -64 -Xmx8000M -Xss24M -XX:MaxPermSize=128M -XX:+CMSClassUnloadingEnabled -XX:+UseConcMarkSweepGC  -XX:+UseParallelGC -Dcom.fortify.sca.ProjectRoot=/local/proj/9999/ -Dcom.fortify.WorkingDirectory=/local/proj/9999/working  -logfile /local/proj/9999/sca.log -source 1.5 -classpath '/local/proj/9999/source/WEB-INF/lib/*.jar:/local/proj/9999/source/jars/**/*.jar:/local/proj/9999/source/classes/**/*.class'  -extdirs '/local/proj/9999/source/wars/*.war'  '/local/proj/9999/source/src/**/*'  &

• unix (&), , .

• cp: functiodfn. , fortify , . , FPR ( ). .

• -extdir: /, .

• , '' .

• -64 - 64- java, , 32- , < 1,3 (-Xmx1200M ).

• -XX: , . . .

• -source - java ( 1.5 1.8)

3. №3 ( , , ..)

nohup ./sourceanalyzer -b 9999  -64 -Xmx8000M -Dcom.fortify.sca.ProjectRoot=/local/proj/9999 -Dcom.fortify.WorkingDirectory=/local/proj/9999/working -logfile /local/ssap/proj/9999/working/sca.log **-scan** -filter '/local/other/filter.txt' -rules '/local/other/custom/*.xml -f '/local/proj/9999.fpr' & 

• -filter: filter.txt, .

• : , . - HP FORTIFY_HOME/Core/config/rules

• -scan: , fortify engine scanid. № 2 № 3, , / .

4. 4 PDF FPR ( )

./ReportGenerator -format pdf -f '/local/proj/9999.pdf' -source '/local/proj/9999.fpr'