CodeGuard - Detect C++ vulnerability using AI

✨ Features

The MCP Server CodeGuard provides the following AI-powered features:

• Detects standard MISRA C++ violations
• Detects standard CERT C++ violations
• Detects custom rules defined by the user
• Analyzes race conditions, memory leaks, and other resource leaks (e.g., socket, file, etc.)
• Provides code refactoring suggestions to avoid C++ vulnerabilities and improve code quality

🎯 Requirements

• Use Copilot in Agent mode
• VSCode 1.101.1 or higher (latest version recommended)
• For Linux: Ubuntu 20.04 or higher

🧩 Installation

Windows

• Install Python (including PIP) from https://www.python.org/downloads/windows/
• Open the Command Palette (Ctrl+Shift+P), type LGEDV CodeGuard: Install MCP Server, and select the command.
• Note: If you update to a new version of the CodeGuard extension, please reinstall the MCP server using the steps above to ensure compatibility and access to the latest features.
• The extension will install the MCP server in C:\Program Files\MCP Server CodeGuard (default).
• A sample configuration file mcp.json is created at C:\Program Files\MCP Server CodeGuard\.vscode\mcp.json.
• In VSCode, open the folder containing your source code. In the Explorer bar, right-click to create a folder named .vscode.
• Copy mcp.json from C:\Program Files\MCP Server CodeGuard\.vscode\mcp.json to the .vscode folder you just created.
• Edit mcp.json to match your project requirements.

"lgedv": {
      "command": "D:\\src\\codefun\\deepl\\mcp_server\\venv\\Scripts\\codeguard.exe",
      "args": ["--transport", "stdio"],
      "env": {
        "src_dir": "\\path\\to\\source_code",
        "custom_path": "\\path\\to\\custom_file",
        "reset_cache": "true",
        "prompt_lang": "vi", // en: english, vi: vietnamese
        "report_dir": "\\path\\to\\http_report"
      }
    }

• src_dir: Path to the folder containing C++ files to be analyzed (memory leak, resource leak, race condition).
• custom_path: Path to the custom rule file defined by the user, used for the check_custom prompt.
• prompt_lang: Select the prompt language (English or Vietnamese). Default is English.
• reset_cache: Automatically clean previous analysis cache when starting the MCP server. If set to false, the MCP server will skip files that have already been analyzed.
• report_dir: Specifies the directory for HTML reports.

Linux

• Install Python using your package manager (e.g., sudo apt install python3 python3-venv python3-pip).
• Open Command Palette (Ctrl+Shift+P), type LGEDV CodeGuard: Install MCP Server and select the command.
• Note: If you update to a new version of the CodeGuard extension, please reinstall the MCP server using the steps above to ensure compatibility and access to the latest features.
• The extension will install the MCP server in ~/mcp_server (default).
• A sample configuration file mcp.json is created at ~/mcp_server/.vscode/mcp.json.
• In VSCode, open the folder containing your source code. In the Explorer bar, right-click to create a folder named .vscode.
• Copy mcp.json from ~/mcp_server/.vscode/mcp.json to .vscode folder just created.
• Edit mcp.json to match your project requirements.

🌐 MCP Server Usage

For rule-based checks, you must download the rule set before running the check prompt. If the rule set has already been downloaded, you can skip this step.

MCP Server Prompts

• LGEDV Rule Check

  • Download the latest LGEDV rules by calling the tool: #fetch_lgedv_rule.
  • Run the prompt /check_lgedv to check LGEDV rule violations.

• MISRA Rule Check

  • Download the latest MISRA rules by calling the tool: #fetch_misra_rule.
  • Run the prompt /check_misra to check MISRA C++ rule violations.

• CERTCPP Rule Check

  • Download the latest CERTCPP rules by calling the tool: #fetch_certcpp_rule.
  • Run the prompt /check_certcpp to check CERT C++ rule violations.

• Custom Rule Check

  • Download or specify your custom rule file by calling the tool: #fetch_custom_rule.
  • Run the prompt /check_custom to check user-defined custom rule violations.

• Race Condition, Memory Leak, Resource Leak Analysis

  • Due to AI token limitations, MCP server will analyze up to 3 files in the specified source directory per analysis run.
  • Available prompts:
  • /check_races: Analyze race condition.
  • /check_leaks: Analyze memory leak.
  • /check_resources: Analyze resource leak.
  • /reset_analysis: Clear all previous analysics.
  • /reset_race_check: Clear analysis cache for race condition.
  • /reset_mem_check: Clear analysis cache for memory leaks.
  • /reset_resouce_check: Clear analysis cache for resource leak.

View HTTP report

• Create report file

  • Set the report path in mcp.json "report_path": "path\\to\\report"
  • For rule violation analysis (such as /check_lgedv, /check_misra,/check_lgedv, /check_certcpp, after Copilot analyzes your code, create an empty .md file in the report directory (as specified in report_path), for example, a1.md.
  • Copy the content (answer) from Copilot chat into the .md file.
  • Use tool call #report_rule_violcation to generate an HTML report (rule_violation.html) from the .md files.
  • Tool #report_rule_violcation can generate a single HTML report from multiple input files (e.g., a1.md, a2.md, etc.).
  • Open rule_violation.html in your web browser to view the report.
  • Additionally, following tool calls are supported:
    • #report_race_condition to generate an HTML report for race conditions.
    • #report_mem_leak to generate an HTML report for memory leaks.
    • #report_resource_leak to generate an HTML report for resource leaks.

• Setup a Web Server to view HTTP report (Optional)

  • Configure web server directory (should be the same as the report directory)
    • In VSCode, go to File -> Preferences -> Settings and search for "lgedv".
    • Set the report directory in "Lgedv Code Guard: Report Directory".
    • Note: The report directory should match the report_path in mcp.json.
    • Open Command Palette (Ctrl+Shift+P), type Reload Window to apply new configuration.
  • Open Command Palette (Ctrl+Shift+P), type LGEDV CodeGuard: Start Web Server and select the command to start server.
  • In your web browser, open http://localhost:8888/ to view HTTP reports

Uninstall MCP Server

• Delete the MCP server installation folder (e.g., C:\\Program Files\\MCP Server CodeGuard) to completely remove it.