beSOURCE Analysis Options : Fortra's Beyond Security

The following are the analysis options in beSOURCE:

C language

Attribute	Default value	Description
Parser-Options
not-expands- macros		Macros listed here are not expanded. ”,” can be used for delimiter.
reference- header-path		Set additional header’s path in Analysis Server. Additional header means it is not collected but required to analyze source file. This kind of header is considered as a system header internally.
auto-delete- temp-files	True	Configure whether to maintain temporary files. Temporary files include EXEC SQL processing details, source file including header file and GCC log. If it is true, delete temporary files. Temporary file is created as a type of '[source file name].conv2' in the location below. [CM Installed Directory]/SRC/temp/[Analysis Unit ID].
ignore-case- for-find- header	False	It is not case sensitive for header included in preprocessing, in case of sources written in Windows. When searching for header in True, it is also not case sensitive.
user-cpp- option	-dD	Configure options for C pre-processor. -I : Add forcibly to include path Ex) - I/usr/include/ Used when analyzing Unix source in Windows -include: Include external file Ex) - include /cm40/cmbuiltin.h Used when adding specific type or macro -isystem: Set target path to system directory. In case of using more than 2 options, separator is ‘;’.
search- header-from-	False	Search header files with the current Analysis Unit's file path when searching user defined header file (#include ”…“ format).
top		If this option value is true, header files in which high priority Analysis Unit are expanded first.
cpp-program- path	[cpp]	* It is a deprecated option. Set up C pre-processor as an executable file of GCC. Option for automatic configuration of standard header file. (Required) Unix: /usr/include/cpp Windows: cpp.exe (Environment variable ‘Path’ should be configured first) In case of collecting standard header directory or analyzing without standard header, it should be analyzed after deleting default value ”[cpp]“ and changing into blank.
include- header-file		Set additional macro or DEFINE, enforcing them to be included regardless of actual inclusion. Refer to appendix ‘Built-in-Header Setting’.
show-cpp- detail-info	False	Configure whether to display C pre-processor information on Admin Console.
convert- trigraph	False	Sets if activate trigraph conversion or not.
is-amdocs	False	Option for Amdocs-C processing.
Encoding-Options
read-encoding	euc-kr	Configure encoding type of source file.
USA-Options * Can be ignored in security inspection.
usa-do-inter	True	Configure whether to analyze Inter Class.
usa-overflow- limit	4	Limit number of result data in USA analysis.
usa-timeout	10	Configure time limit per file in USA analysis. Unit = seconds.
usa-version	usa-1	Select a version of USA engine. usa-1 : usa version 1 will be used. The engine will analyze strings for each file. usa-2 : usa version 2 will be used. Performance and accuracy are better than usa version 1.
usa2-fg-ncfa	2	Set function call depth for inter-procedural analysis. The larger number, the more accurate but its performance would be affected.
usa2-cpu	2	Number of processors that usa version 2 engine will use.
usa2-analysis- file-depth	3	Set file relationship depth for inter-procedural analysis. The larger number, the more accurate but its performance would be affected.
usa2-path- sensitive	true	Indicate path sensitive analysis. It will more exactly calculate execution paths but its performance would be affected.
usa2-file- timeout	10	Set timeout for each cluster when applying usa version 2 engine. (Unit: seconds).
usa2-extract- timeout	10	Set timeout for assembling strings after finishing usa version 2 engine's calculation. (Unit: seconds).
usa2-builtin		Set builtin file to assign library or return value of unknown function.
usa2-abstract- parser		Set abstracted parser for usa version 2 engine. It can help improving accuracy by validating extracted results.
usa2-const	true

C++ language

Attribute	Default value	Description
Parser-Options
useFilePrefix- forGlobalObj	True	Specifies if it will generate key value of dependency and global object with file dependency. If the option is true, dependency information is generated based on the current file and its “include” relationship only. If the options is false, regardless of include relationship, dependency information is generated if full names are same.
not-expands- macros		It will not expand macros specified in this option. “,” can be used for separator.
coil-trans- scope	NO SYSTEM HEADER	Specifies conversion scope for security analysis. NO SYSTEM HEADER : Converts user header and source only excepting system header. ONLY SOURCE : Converts the current file only excepting header. ALL : Converts all scopes.
usa1-trans- scope	NO SYSTEM HEADER	Specifies conversion scope for USA analysis. NO SYSTEM HEADER:: Converts user header and source only excepting system header. ONLY SOURCE: Converts the current file only excepting header. ALL: Converts all scopes.
auto-delete- temp-files	True	It sets whether temporary file is maintained or not. The temporary file include EXEC SQL processing history, source file including header content etc. FALSE value will keep the temp file regardless of error Temp file is useful for checking analysis accuracy (Temp file: after processing Exec Sql, after expanding C file, CPP log) Temp file has ‘[source file name].conv2’ format and is located at: [Installation Directory]/SRC/temp/[Analysis Unit ID]
search-header- from-top	False	Search header files with the current Analysis Unit's file path when searching user defined header file (#include “…” format). If this option value is true, header files in which high priority Analysis Unit are expanded first.
reference- header-path		User can input path within Analysis Server for not-collected header files but required header information. It is considered as a system header.
include- header-file		Separately set special Macros or DEFINEs to enforce them included in source file. Please refer to ‘Built-in-Header setting’.
include-c- header-file		It is same as “include-header-file” option. It processes files that their file extension is “C”.
report-cannot- find-include	False	It determines whether showing warnings for missing 'include files' or not.
c-extensions	C,PC,SC	It determines file extension for C language syntax. The “,” is used for a separator. It is case-insensitive.
Encoding-Options
reading- encoding	euckr	Sets encoding type of source file.
USA-Options * Can be ignored in security inspection
usa-do-inter	False	Determines Inter Class analysis.
usa-overflow- limit	4	Limits the result data count of USA analysis.
usa-timeout	10	Limits USA analysis timeout per file. Unit = seconds.
usa-version	usa-1	Select version of USA engine. usa-1 : usa-1 : Universal String Analysis engine version 1. It analyzes strings per each source file. usa-2 : usa-2 : Universal String Analysis engine version 2.
usa2-fg-ncfa	2	It means function call depth for inter-procedural analysis. The greater the number results in more accurate analysis but lower performance.
usa2-cpu	2	It means the number of processes which USA 2 will use.
usa2-analysis- file-depth	3	It means file dependency depth. The greater the number results in more accurate analysis but lower performance.
usa2-path- sensitive	true	Path sensitive analysis. If this option is turned on, more accurate analysis would be performed but it results in low performance.
usa2-file-timeout	10	It sets timeout value per each cluster of Universal String Analysis engine version 2 (unit: sec.)
usa2-extract- timeout	10	It sets timeout value for string composition after finishing calculation of Universal String Analysis engine version 2 (uit: sec.).
usa2-builtin		It sets a built-in file which is used to specify unknown return value of function or library.
usa2-abstract- parser		It specifies abstraction parser for Universal String Analysis version 2. The abstraction parser can improve accuracy by validating extracted strings.
usa2-const	true	It specifies whether the engine calculates numbers such as integer and double etc. or not. \\- true : true : calculate number. false: not calculate number. The numbers will be considered as strings.
usa2-print-time	true	It prints log for Universal String Analysis engine version 2.
usa2-struct- delimiter	@#	It is a delimiter for fields. If a literal parameter type is not String but Struct or Class, the result string will include filed name of the struct or class. The delimiter will be used to separate each field.
usa2-struct- delimiter-kv	@#	It is a delimiter for field name and extracted value. If a literal parameter type is not String but Struct or Class, the result string will include filed name of the struct or class. The delimiter will be used to separate the name of field and extracted value.

Objective C language

Attribute	Default value	Description
Parser-Options
useFilePrefix- forGlobalObj	True	Specifies if it will generate key value of dependency and global object with file dependency. If the option is true, dependency information is generated based on the current file and its “include” relationship only. if the options is false, dependency information is generated based on the same full name, regardless of “Include” relationship.
not-expands- macros		It will not expand macros specified in this option. “,” can be used for separator.
coil-trans-scope	NO SYSTEM HEADER	Specifies conversion scope for security analysis. NO SYSTEM HEADER: Converts user header and source only excepting system header. ONLY SOURCE: Converts the current file only excepting header. ALL: Converts all scopes.
usa1-trans- scope	NO SYSTEM HEADER	Specifies conversion scope for USA analysis. NO SYSTEM HEADER: Converts user header and source only excepting system header. ONLY SOURCE: Converts the current file only excepting header. ALL: Converts all scopes.
auto-delete- temp-files	True	It sets whether temporary file is maintained or not. The temporary file include EXEC SQL processing history, source file including header content etc. FALSE value will keep the temp file regardless of error. Temp file is useful for checking analysis accuracy (Temp file: after processing Exec Sql, after expanding C file, CPP log) Temp file has ‘[source file name].conv2’ format and is located at: [Installation Directory]/SRC/temp/[Analysis Unit ID]
search-header- from-top	False	Search header files with the current Analysis Unit's file path when searching user defined header file (#include “…” format). If this option value is true, header files in which high priority Analysis Unit are expanded first.
reference- header-path		User can input path within Analysis Server for not-collected header files but required header information. It is considered as a system header.
include-header-file		Separately set special Macros or DEFINEs to enforce them included in source file. Please refer to ‘Built-in-Header setting’.
xcode-version		input xcode’s version.
Encoding-Options
reading- encoding	euckr	Configure encoding type of source file.
USA-Options * Can be ignored in security inspection
usa-do-inter	False	Configure whether to analyze Inter Class.
usa-overflow-limit	4	Limit number of result data in USA analysis.
usa-timeout	10	Configure time limit per file in USA analysis. Unit = seconds.

beSOURCE Analysis Options Print

C language

C++ language

Objective C language

Related Articles