Software Security - PREfast project

Installing PREfast

Due to possible license restrictions, the link to the PREfast archive to install it will be posted in Brightspace and emailed around.

PREfast is included in some (but not all) versions of Visual Studio. But because Visual Studio is a huge download, of several GB, and the version of PREfast and the syntax used varies between Visual Studio versions, we provide two simple ways to use PREfast from the command line:

  1. from the Windows command line
  2. from the Linux command line using wine
Not so pretty, using the tool on the command line without fancy GUI, but very simple and reliable.

Windows command line

To use, just unzip the archive in some directory. Now start a Windows command-line (i.e. Run... -> cmd) and navigate to the directory. Just run prefast.bat to run PREfast over the exercise file, or prefast.bat FILENAME if you renamed the exercise file.

Wine on Linux command line (historic)

 Not sure how well this still works; just installing Windows in a VM and then following the instructions above, or using a Windows machine in any of the terminal rooms in Huygens (if you are allowed to still use these with Corona restrictions) or borrowing a laptop in the library in Huygens, is probably much easier...

PREfast can run on Unix/Linux using wine. Install wine using your systems package manager or download and install it manually from its website.

Unpack the TAR.GZ archive - the link of which is provided by e-mail. Now, on the command-line go to this directory and use ./prefast to check the exercise file or ./prefast FILENAME if you renamed the file.

Wine may (will?) complain about a non-existent directory C:\users\pim\Temp. To fix that

One student reported that they had install the msxml3 library (using winetricks and a customized prefix pointing to the "dotwine" directory).