I am running the build on linux in fortify mode. Following commands get run inside the build
/usr/local/packages/fortify_360/bin/sourceanalyzer -Xmx1512M -b FORTIFY -Dcom.fortify.sca.ProjectRoot=/ade/ka/dbss/utl/fortify -jdk 1.5 -c /ade/ka_View_12.2/xa/bin/orscript -o /ade/ka/xa/dbsa/bin/avorclcoll -m64 -z noexecstack -Wl,--disable-new-dtags -L/ade/ka/xa/dbsa/lib/ -L/ade/ka/xa/lib/ -L/ade/ka/xa/lib/stubs/ /ade/ka/oracle/dbsa/lib/zaorclmain.o -lclntsh -lclntshcore -lclient12 -lavclient12 -lnnz12 -lmql1 -lipc1 -ldl -lm -lpthread -lnsl -lrt -lc -Wl,-R
when I run this I get error Unrecognized or invalid command line argument '-o'
but if I replace the script /ade/ka_View_12.2/xa/bin/orscript with gcc, it works fine.
My script /ade/ka_View_12.2/xa/bin/orscript has following code, in this code I am just having one variable CC = gcc and "$@" for parameter
#!/bin/sh
#
# $Header: buildtools/port/orald /linuxamd64/3 2012/10/02 19:28:56 ekarichk
#
# orscript
#
CC=gcc
#
# Just use CC for now
#
exec ${CC} "$@"
exit 1
Please help, I have been struggling with this error for long time :(
Examine the help for C/C++ builds by running:
sourceanalyzer -h
You will see that there are several ways of running scans on C/C++ code. One is to directly invoke the compiler, which corresponds to the successful case in your example. If you want to use a build script such as make (or your "orscript") then you should use the touchless argument, such as:
sourceanalyzer -Xmx1512M -b FORTIFY -Dcom.fortify.sca.ProjectRoot=/ade/ka/dbss/utl/fortify touchless /ade/ka_View_12.2/xa/bin/orscript {args}
Note: you also do not need to specify the -jdk argument, since you are not analyzing Java code.