CodeGuard - Detect C++ vulnerability using AI

Features

The MCP Server CodeGuard provides the following AI-powered features:

• Detects standard MISRA C/C++, AUTOSAR C++14, CERT C++ violations and custom rules defined by the user.
• Analyzes race condition, memory leak, and other resource leaks (e.g., socket, file, etc).
• Provides code refactoring suggestion to avoid C++ vulnerabilities and improve code quality.

Requirements

• Use Copilot in Agent mode.
• Python 3.10.1 or higher.
• Pip 22.1.2 or higher.
• VSCode 1.101.1 or higher (latest version recommended).
• For Linux: Ubuntu 20.04 or higher.

Installation

Windows

• Install Python (including PIP) at https://www.python.org/downloads/windows/
• Open Command Palette (Ctrl+Shift+P), type LGEDV CodeGuard: Install MCP Server to install.
• Extension will install the MCP server in C:\Program Files\MCP Server CodeGuard (default).
• A sample configuration file mcp.json is created at C:\Program Files\MCP Server CodeGuard\.vscode\mcp.json.
• In VSCode, right-click to create a folder named .vscode.
• Copy mcp.json from C:\Program Files\MCP Server CodeGuard\.vscode\mcp.json to the .vscode
• Edit mcp.json to match project requirements:

{
  "servers": {
    "lgedv": {
      "command": "C:\\Program Files\\MCP Server CodeGuard\\venv\\Scripts\\codeguard.exe",
      "args": ["--transport", "stdio"],
      "env": {
        "src_dir": "\\path\\to\\source_code",
        "custom_path": "\\path\\to\\custom_file",
        "reset_cache": "true",
        "prompt_lang": "en",
        "report_dir": "\\path\\to\\http_report"
      }
    }
  }
}

Configuration Parameters:

• src_dir: Path to folder containing C++ files to be analyzed (memory leak, resource leak, race condition).
• custom_path: Path to custom rule file defined by the user.
• prompt_lang: Select the prompt language (en for English, vi for Vietnamese).
• reset_cache: Automatically clean previous analysis cache when starting the MCP server.
• report_dir: Specifies directory for HTML reports.

Linux

• Install Python: sudo apt install python3 python3-venv python3-pip
• Open Command Palette (Ctrl+Shift+P), type LGEDV CodeGuard: Install MCP Server to install.
• Extension will install MCP server in ~/mcp_server (default).
• A sample configuration file mcp.json is created at ~/mcp_server/.vscode/mcp.json.
• In VSCode, in Explorer bar, right-click to create a folder named .vscode.
• Copy mcp.json from ~/mcp_server/.vscode/mcp.json to the .vscode.
• Edit mcp.json to match your project requirements.

MCP Server Usage

MCP Server Prompts

For checking rule, open current .cpp file first.

MISRA C++ Rule Check

• Run /check_misra_cpp prompt to check MISRA C++ 2008 rule violation.

CERT C++ Rule Check

• Run /check_certcpp prompt to check CERT C++ rule violation.

AUTOSAR C++14 Rule Check

• Run /check_autosar prompt to check AUTOSAR C++14 rule violation.

MISRA C Rule Check

• Run /check_misra_c prompt to check for MISRA C 2023 rule violation (C file).

Custom Rule Check

• Run /check_custom prompt to check for user-defined custom rule violation.
• Custom rule should be defined in Markdown format. A typical custom rule should follow this format:

## Rule rule_id:
Definition: content of rule.

LGEDV Rule Check (custom rule for LGEDV)

• Run /check_lgedv prompt to check for LGEDV rule violation.

LGE Static Analysis Rule Check (custom rule for LGE)

• Run /check_static_analysis prompt to check for LGE Static Analysis rule violation.

Verify Coverity result (LGE system)

• Run /check_cim_misra_cpp prompt to check CIM result for Misra CPP.
• Run /check_cim_static prompt to check CIM result for LGE static analysic.

Race Condition, Memory Leak, Resource Leak Analysis

Available prompts:

• /check_races: Analyze race condition.
• /check_leaks: Analyze memory leak.
• /check_resources: Analyze resource leak.
• /reset_analysis: Clear all previous analyses.
• /reset_race_check: Clear analysis cache for race condition.
• /reset_mem_check: Clear analysis cache for memory leak.
• /reset_resource_check: Clear analysis cache for resource leak.

Generating and Viewing HTML Reports

Creating Report Files

• Ensure report_dir field in mcp.json points to report directory.
• After Copilot analyzes your code (using /check_lgedv, /check_misra, /check_certcpp, etc.), create an empty .md file in report directory (e.g., a1.md).
• Copy the analysis results from Copilot chat into the .md file.
• Use appropriate tool call to generate HTML reports:
  • #report_rule_violation - Generate HTML report (rule_violation.html) from rule violation .md files.
  • #report_race_condition - Generate HTML report for race condition analysis.
  • #report_mem_leak - Generate HTML report for memory leak analysis.
  • #report_resource_leak - Generate HTML report for resource leak analysis.
• Open generated HTML file in web browser to view the report.

Notes:

• The tool #report_rule_violation generate a single HTML report from multiple input files (e.g., a1.md, a2.md, etc.).
• All .md files must be located in directory specified by report_dir.

Setting Up Web Server (Optional)

For easier report viewing, you can set up a local web server:

Configure the web server directory:

• In VSCode, go to File → Preferences → Settings and search for "lgedv".
• Set report directory in "Lgedv Code Guard: Report Directory".
• Important: Ensure this directory matches report_dir in mcp.json.

Start the web server:

• Open Command Palette (Ctrl+Shift+P), type LGEDV CodeGuard: Start Web Server.

View reports:

• Open web browser at http://localhost:8888/ to view HTML reports.

Uninstallation

To completely remove the MCP Server: Windows: Delete the folder C:\Program Files\MCP Server CodeGuard. Linux: Delete the folder ~/mcp_server.

License

This project is licensed under the MIT License.

Feedback

For questions or feedback, please contact: tai2.tran@lge.com