Big news! The community will be moving to a new platform April 21. Read more.
Big news! The community will be moving to a new platform April 21. Read more.
Absent Member.
Absent Member.
15690 views

Scan C# and C/C++ Files

How do I scan C# and C++ files within the Fortify Workbench without going through a MS Visual Studio Solution (sln) file.  That is the only way I can find to do it through the documentation.  When I launch an advanced scan on a directory with these types of files in them they don't show in the directory tree.  It's as if Fortify can't see .cs or .cpp files.  Did I miss a step in configuring Fortify or is there another way to get these files scanned?  It works fine with Java but most of my projects are in C# or C++ and I was under the impression Fortify could scan thoes as well.

 

Thanks,

 

Ed

Labels (1)
0 Likes
11 Replies
Absent Member.
Absent Member.

Hi were you able to find a solution to this problem ??? I'm experiencing the same situation...
0 Likes
Absent Member.. Absent Member..
Absent Member..

Hi all, the AWB scan wizard supports translatation and scanning of JavaScript, PHP, ASP, .NET, and SQL projects.

As C++ requires a compiler and build system such as make, you'll need to enter additional commands.

 

ALso, keep in mind that you'll need to have VS or MSBuild installed to build VS projects.

 

0 Likes
Absent Member.
Absent Member.

Hi,

 

I'm pretty new to Fortify SCA, but my understanding is that to do a directory based scan on a .NET App it needs to first be compiled. For ASP.NET Apps this means that ASPX must also be compiled.

 

We are currently building our solutions one a build server and then moving the output to a SCA Machine with VS2008-2012 installed for the scanning process.

 

Cheers,

 

Dan

 

0 Likes
Absent Member.
Absent Member.

knowing it should work is good...a pointer to where in docs on how to configure for the compile would be better....

Thanks and wish all luck as the search continues

0 Likes
Absent Member.
Absent Member.

Hi,

I'm struggling to scan C++ code using HP Fortify SCA.

Can anybody help me in understanding the prerequisites for scanning C++ files?

Is it possible to scan it through Audit Workbench or Scan Wizard?

Does it require a build before scanning.

 

Any help would be highly appreciated

0 Likes
Absent Member.
Absent Member.

Hi
I'm having the same problem
you managed to solve it?
need help

0 Likes
Absent Member.
Absent Member.

Yes, it requires a build and can be scanned through Fortify SCA for linux.You can find the installer in HP's website.

0 Likes
Absent Member.
Absent Member.

it would be possible to inform the link to this solution?

0 Likes
Absent Member.
Absent Member.

Would not have a solution to the windows environment?
I have no problems with Linux, but need to know if have a solution for both operating systems.

0 Likes
Absent Member.
Absent Member.

There no particular link for the solution.I connected with support team and they send the installer for linux environment, which was used in a linux box to scan the files.

 

In windows machine you can try and import the files in Visual Studio and then scan using HP Fortify's visual studio plugin which comes with the package.

0 Likes
Absent Member.
Absent Member.

anyone have the link plugin for visual studio?

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.