Skip to main content

C/C++ preprocessed source packaging

Veracode supports scanning of C/C++ source code preprocessed by standard and widely available compilers. Preprocessed source code analysis offers fewer constraints and faster scans than traditional binary analysis. Veracode uses the intermediate preprocessed output from the compiler, which is platform-independent and not affected by the target CPU or runtime environment.

Automated packaging

Auto-packaging automates the packaging process for C/C++ preprocessed source code projects.

Required files

To manually generate .i and .ii files for C/C++ source code, use your compiler's preprocessing option. These files are the result of the preprocessing stage of compilation and contain expanded source code, such as resolved #include directives and expanded macros.

Generate required files using GCC or Clang compilers

note

GCC 14 and newer versions are not currently supported.

ToolCommand Line Option
Makemake CFLAGS="$CFLAGS -save-temps=obj" CXXFLAGS="$CXXFLAGS -save-temps=obj"
CMakecmake -DCMAKE_C_FLAGS="$CMAKE_C_FLAGS -save-temps=obj" -DCMAKE_CXX_FLAGS="$CMAKE_CXX_FLAGS -save-temps=obj"
Mesonmeson setup builddir -Dc_args="$CFLAGS -save-temps=obj" -Dcxx_args="$CXXFLAGS -save-temps=obj"
BitBakeCFLAGS="-save-temps=obj" CXXFLAGS="-save-temps=obj" BB_ENV_EXTRAWHITE="CFLAGS CXXFLAGS" bitbake

Packaging guidance

Package the applications as ZIP, TAR, TAR.GZ, or TGZ files that contain all the .i or .ii preprocessed artifacts. Each directory that includes these files must also contain a veracode.json configuration file.

Examples of veracode.json configuration file

{
  "buildConfiguration" : {
    "compiler" : {
      "name" : "g++",
      "version" : "11.2.1",
      "architecture" : "arm32",
      "options" : "-std=c++20"
    }
  }
}
{
  "buildConfiguration" : {
    "compiler" : {
      "name" : "CL.exe",
      "version" : "19.42.34436",
      "architecture" : "x64",
      "options" : "/std:c++20"
    }
  }
}

Property table

PropertyAccepted Values (Case -Sensitive)
buildConfiguration.compiler.nameEquals: CL.exe or MSVC for Microsoft C/C++ Compiler
Contains: gcc or g++ for GNU C/C++ Compiler
Contains: clang for Clang C/C++ Compiler
buildConfiguration.compiler.version<major>.<minor>.<patch>
buildConfiguration.compiler.architectureContains: x86_64, amd64, or x64 for x86_64
Contains: x86 or i386 for x86
Contains: arm64, aarch64, armv8-a, or armv9-a for arm64
Contains arm for arm
buildConfiguration.compiler.optionsCompiler options used to successfully preprocess the C/C++ source files with the specified compiler version.
Last updated on