security: Add compiler static analysis support

Add a build option to enable GCC builtin static analysis. To enable it an application has to set CONFIG_COMPILER_STATIC_ANALYSIS=y When this option is enabled GCC performs a static analysis and can point problems like: sample.c + int *j; + + if (j != NULL) { + printf("j != NULL\n"); output: ${ZEPHYR_BASE}/samples/userspace/hello_world_user/src/main.c:30:12: warning: use of uninitialized value 'j' [CWE-457] [-Wanalyzer-use-of-uninitialized-value] 30 | if (j != NULL) { | ^ 'main': events 1-2 | | 25 | int *j; | | ^ | | | | | (1) region created on stack here |...... | 30 | if (j != NULL) { | | ~ | | | | | (2) use of uninitialized value 'j' here Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
zephyrproject-rtos · Oct 31, 2023 · 77d5664 · 77d5664
1 parent d89938f
commit 77d5664
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 0 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -319,6 +319,11 @@ if(CONFIG_COMPILER_COLOR_DIAGNOSTICS)
 zephyr_compile_options($<TARGET_PROPERTY:compiler,diagnostic>)
 endif()
 
+if(CONFIG_COMPILER_STATIC_ANALYSIS)
+  # @Intent: Enable compiler static analysis
+  zephyr_compile_options($<TARGET_PROPERTY:compiler,static_analysis>)
+endif()
+
 zephyr_compile_options(
   ${TOOLCHAIN_C_FLAGS}
 )

diff --git a/Kconfig.zephyr b/Kconfig.zephyr
@@ -442,6 +442,14 @@ config COMPILER_COLOR_DIAGNOSTICS
 	help
 	  Compiler diagnostic messages are colorized.
 
+config COMPILER_STATIC_ANALYSIS
+	bool "Compiler static analysis"
+	depends on "${ZEPHYR_TOOLCHAIN_VARIANT}" = "zephyr"
+	help
+	  Enables an static analysis of program flow and issues
+	  warnings for problems found. This feature only works
+	  on GCC, slows down the build and can produce false positives.
+
 choice COMPILER_SECURITY_FORTIFY
 	prompt "Detect buffer overflows in libc calls"
 	default FORTIFY_SOURCE_NONE if NO_OPTIMIZATIONS || MINIMAL_LIBC || NATIVE_BUILD

diff --git a/cmake/compiler/compiler_flags_template.cmake b/cmake/compiler/compiler_flags_template.cmake
@@ -133,3 +133,6 @@ set_compiler_property(PROPERTY no_global_merge)
 
 # Compiler flag for warning about shadow variables
 set_compiler_property(PROPERTY warning_shadow_variables)
+
+# Compiler flag to enable static analysis
+set_compiler_property(PROPERTY static_analysis)
diff --git a/cmake/compiler/gcc/compiler_flags.cmake b/cmake/compiler/gcc/compiler_flags.cmake
@@ -227,3 +227,6 @@ set_compiler_property(PROPERTY no_position_independent
 set_compiler_property(PROPERTY no_global_merge "")
 
 set_compiler_property(PROPERTY warning_shadow_variables -Wshadow)
+
+# Flag to enable static analysis
+set_compiler_property(PROPERTY static_analysis -fanalyzer)