代码静态检测工具
创建:2025-04-19 21:46
更新:2025-04-24 22:54

https://github.com/Tencent/TscanCode

静态检测可以帮我们检测出一些常见的c/c++代码错误,提高代码质量。检测结果可能存在误判,需要人工辨别。

从上边链接可以下载 tscancode 静态bin文件。 下边写了一个nodejs脚本+Makefie一键检测并且生成html友好可视化的检测结果

const fs = require("fs");
const text = fs.readFileSync("./result.xml").toString();

const serveritys = {
    "Critical": ["炸裂", 'background-color:#FE0000;color:#ffffff', 1],
    "Serious": ["严重", "color:#E74C3C", 2],
    "Warning": ["警告", "color:#F39C12", 3],
    "Information": ["提示", "color:#FFFFFF", 4]
};

let reg = /<error [\S\s]+?\/>/g;
let rst = reg.exec(text);
let items = [];
while (rst) {
    items.push(rst[0]);
    rst = reg.exec(text);
}
let results = [];
for (let i = 0; i < items.length; i++) {
    const one = items[i];
    let infos = [];
    let reg = /[a-zA-Z0-9_]+="([\S\s]*?)"/g;
    let rst = reg.exec(one);
    while (rst) {
        infos.push(rst[1]);
        rst = reg.exec(one);
    }
    let filename = infos[0];
    let fileline = infos[1];
    let serverity = infos[4];
    let message = infos[5];
    let codelines = infos[8].split("\n");
    results.push({
        sort: serveritys[serverity][2],
        filename,
        fileline,
        serverity,
        message, 
        codelines
    });
}
results.sort((a, b) => {
    return a.sort - b.sort;
});

let outputs = [];
let i = 0;
for (const { filename, fileline, serverity, message, codelines } of results) {
    i++;
    let html = "";
    html += `<h3>${i}. <span style="${serveritys[serverity][1]}">${serveritys[serverity][0]}</span> ${filename}:${fileline}</h3>\n`;
    html += `${message}\n`;
    html += `<pre>\n`;
    for (const line of codelines) {
        if (line.startsWith(fileline + ":")) {
            html += `<span style="${serveritys[serverity][1]}">${line}</span>\n`;
        } else {
            html += `${line}\n`;
        }
    }
    html += `</pre>\n`;
    outputs.push(html);
}

fs.writeFileSync("./static_check_result.html", `
<style>
body {
    font-size: 14px;
    background-color: rgb(37, 37, 37);
    color: #fff;
}
pre {
    background-color: black;
    color: #fff;
    border-radius: 5px;
    padding: 5px;
    font-family: system-ui;
}
</style>
${outputs.join("\n")}
`);

Makefile

files=$(shell find ../../server -type f | grep '\.c'|grep -v tlse/tlse|grep -v lz4\.c)

scan:
    ./tscancode -D__code_static_check__ -j$(shell nproc | awk '{print $$1 -1}') --xml $(files) 2>result.xml
    exec node result.js
    rm result.xml

获得的网页结果如下,相对于xml更加容易阅读:

alt text