Absent Member.
Absent Member.
13063 views

Fortify analyzer issue for an C# project

Jump to solution

Hi there,

I have been struggling for sometimes with my C# project source code scanned with Fortity 4.30 over windows 7 server. I used both Fortify GUI and command "sourceanalyzer -scan myproject myproject.sln" to do source scan , the result were the same: there never scanned any c# .cs file, there are a few hundreds of .cs files in it's current & sub-folders. Where is the problem?

Thanks in advance.

0 Likes
1 Solution

Accepted Solutions
Absent Member.
Absent Member.

The issue should be clear out, found out there is a Visual Studio IDE installation problem, going to re-install the right version of IDE to match the project solution file.

Thanks for the help!

View solution in original post

0 Likes
4 Replies
Absent Member.
Absent Member.

Hi Curtis, for C# projects we actually hook into the build of the project in order to translate the code and then scan. There's a couple of ways to go about this:

  • The first is to install the IDE plugin for the relevant version of Visual Studio which you're using. You can then run the scan from within the IDE itself. You can find full details of how to go about this here:
  • It's also possible to perform scans from the command line. As with all SCA scans you first need to clean your build ID, then perform the translation, before finally performing the scan itself. You can find the correct translation command for .NET projects on Page 22 of . The full set of command would be along the lines of:
    • sourceanalyzer -b buildID -clean
    • sourceanalyzer -b buildID devenv myproject.sln /rebuild debug
    • sourceanalyzer -b buildID -scan -f output.fpr

Rather than simply calling devenv it may be necessary to point directly to the devenv.exe within your Visual Studio installation.

If you run into any issues along the way please drop an email to fortifytechsupport@hp.com and the team will be able to assist you further.

0 Likes
Absent Member.
Absent Member.

CLASSIFICATION: UNCLASSIFIED

Simon,

Thank you for the suggestion!

I'm awaiting to my colleague to get the right version of Visual Studio(2012), the will retry.

Thanks,

Curtis Wu

RDER-SEN-CA

CERDEC Software Engineering Directorate

Supporting CECOM LCMC Software Engineering Center

☎: 443 861 9097 DSN: 848-9097

E-Mail: curtis.wu.civ@mail.mil

0 Likes
Absent Member.
Absent Member.

The issue should be clear out, found out there is a Visual Studio IDE installation problem, going to re-install the right version of IDE to match the project solution file.

Thanks for the help!

View solution in original post

0 Likes
Absent Member.
Absent Member.

Thanks! Very helpfull!

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.