JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

CodeSonar® 9.2p0 CONFIDENTIAL CodeSecure Inc
General

GUI Reference: Python Console

This page provides access to an interactive Python interpreter running within the analysis process. Code executed in the interpreter has full access to the program representation information generated by the analysis.

Use the Python Console to develop and debug your Python plug-ins, and to interactively examine program information using the Python Plug-in API.

CodeSonar also ships with a plug-in that, when enabled, opens an interactive Python console while the analysis is in progress. For more information, see Python API: Exploring The Intermediate Representation.

Warning: the Python Console is not available by default, and its use poses a grave security risk: anyone with access to the hub can execute arbitrary code in the analysis process.

The Python Console is available (when enabled) for all analyses, independent of the language or languages involved. However, note that the availability of internal representation (IR) for analyzed code depends on the code's language.

Important Note: the CodeSonar Web GUI makes extensive use of JavaScript. Make sure JavaScript is enabled in your web browser.

Availability

The hub Python Console is only available when the hub is running with debug features enabled. To enable debug features:

  1. Shut down the hub.
  2. Edit $CSONAR/codesonar/py/hub/build_options.py to set debug=True.
  3. Restart the hub.

Once debug features are enabled, you can enable the Python Console on a per-analysis basis by setting WEB_CONSOLE=Yes in the general project configuration file. Set it back to No for subsequent analyses if you don't want the console to be available for them.

Availability of Internal Representation (IR)

The Python Console is available (when enabled) for all analyses, independent of the language or languages involved. However, note that the availability of internal representation (IR) for analyzed code depends on the code's language.

Navigating To

The Python Console can be reached in any of the following ways.

From Analysis: Click the API Console link, then click the view link next to Python Console in the expanded section.
By URL: http://hub_location/analysis/analysis_id-python.html

Page Properties

Output formats none
Visibility Filter Applied none
RBAC Permissions Needed
Page AccessANALYSIS_CONSOLE
ANALYSIS_READ

Contents and Usage

The following annotated screenshot shows the various parts of the Python Console page before any code has been entered or executed.

annotated screenshot: Python Console page before any code has been entered or executed standard header breadcrumbs page heading enter Python code in text field Submit Query button standard footer

Standard Header See GUI Reference: Standard Header.
Breadcrumbs Home > [Other_ProjectTree_Ancestors >] Project_Name > Analysis_Name > Python Console

where

  • Home links to the GUI Home page
  • Together with the Home link (corresponding to the root project tree), Other_ProjectTree_Ancestors represents the project tree ancestors of the analyzed project as a >-separated sequence of project tree names. Each name links to the corresponding Project Tree page.
  • Project_Name links to the GUI Project page for Project_Name.
  • Analysis_Name links to the GUI Analysis page for Analysis_Name.
Page Heading Project_Name : Analysis_Name : Python API Console
Code Field A text field for entering your Python code.
Submit button Click to execute the specified code.
Note that every time you click this button, the code in the code field is executed in a new Python session: definitions and assignments from earlier queries are not available in later queries.
Eval Link [After execution only] A shortcut URL: navigate to this URL to re-execute the same code on the same analysis.
Output [After execution only] The output of the executed code, if any.
Standard Footer See GUI Reference: Standard Footer.

Executing Code

To execute Python code in the context of a specific analysis:

  1. Open the Python Console from the corresponding Analysis page.
  2. Enter your code in the text field.
  3. Click Submit.

CodeSonar will execute your code and display any output on the Python Console page, as in the following example. The page contents are expanded to include an eval link and the output of the executed code.

annotated screenshot: page after query execution

Code Examples

The table below includes some simple Python expressions, along with some examples using CodeSonar API functions.

Query Result Notes 
def factorial(n):
        return 1 if n==0 else n * factorial(n-1)
        
print(factorial(10))
3628800 Define and use function factorial(). 
print(factorial(5))
NameError The definition of function factorial() was in a separate Python session; there is no definition in this session. 
import cs
m = cs.project_metricclass_manager.metricclasses()
print(', '.join([cl.tag() for cl in m]))

LCom, TL, LCodeOnly, LB, LMCC, LComOnly, InclF, LCode, S1, Modules, TopLF

 Get the analysis-granularity metric classes computed by the analysis; print all their tags.

Note that the set of metric classes will depend on the analysis configuration.

 
import cs
for c in cs.project.current().compunits():
    print(c.name())
(a list of file paths) Print the paths of the root file instances for all the compilation units in the current project.
 

To report problems with this documentation, please visit https://support.codesecure.com/.