Update StaticAnalyzer & address errors (#525)

* Add antimalware and psscriptanalyzer

* Attempt to address existing static analysis errors

* Fix displayname

Author: willxie-eng

build/yaml/jobs/codeanalysis/antimalware.yaml

@@ -0,0 +1,57 @@
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License.
+
+# Job Template: Run AntiMalware Analysis
+
+jobs:
+- job: CodeAnaysis_AntiMalware
+  displayName: Code Analysis - AntiMalware
+
+  pool:
+    name: VSEngSS-MicroBuild2022-1ES
+
+  workspace:
+    clean: all
+
+  steps:
+  - checkout: self
+    clean: true
+
+  - task: DownloadBuildArtifacts@0
+    displayName: Download Windows Files (Release)
+    inputs:
+      downloadType: single
+      artifactName: binaries-windows-Release
+      downloadPath: $(Build.ArtifactStagingDirectory)
+
+  # Run AntiMalware on source
+  - task: AntiMalware@4
+    displayName: Run AntiMalware on Source
+    inputs:
+      InputType: Basic
+      ScanType: CustomScan
+      FileDirPath: $(Build.SourcesDirectory)
+    continueOnError: true
+
+  # Run AntiMalware on artifacts
+  - task: AntiMalware@4
+    displayName: Run AntiMalware on Artifacts
+    inputs:
+      InputType: Basic
+      ScanType: CustomScan
+      DisableRemediation: false
+      FileDirPath: $(Build.ArtifactStagingDirectory)
+    continueOnError: true
+
+  # Publish SecurityAnalysis Logs
+  - template: ../../steps/codeanalysis/publishreports.yaml
+    parameters:
+      ArtifactName: AntiMalware
+
+  - template: ../../steps/codeanalysis/filebugs.yaml
+    parameters:
+      BuildName: AntiMalware
+      Tags: CLRIEAntiMalware
+
+  # Microbuild Cleanup
+  - template: ../../steps/microbuild/cleanup.yaml

build/yaml/jobs/codeanalysis/psscriptanalyzer.yaml

@@ -0,0 +1,42 @@
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License.
+
+# Job Template: Run PS Script Code Analysis
+# Invokes PS Script analysis
+
+jobs:
+- job: CodeAnaysis_PSScriptAnalyzer
+  displayName: Code Analysis - PSScriptAnalyzer
+
+  pool:
+    name: VSEngSS-MicroBuild2022-1ES
+
+  workspace:
+    clean: all
+
+  steps:
+  - checkout: self
+    clean: true
+
+  # Run PSScriptAnalyzer
+  - task: PSScriptAnalyzer@1
+    displayName: 'Run PSScriptAnalyzer'
+    inputs:
+      Path: '$(Build.SourcesDirectory)'
+      Settings: required
+      IgnorePattern: .gdn
+      Recurse: true
+    continueOnError: true
+
+  # Publish SecurityAnalysis Logs
+  - template: ../../steps/codeanalysis/publishreports.yaml
+    parameters:
+      ArtifactName: PSScriptAnalyzer
+
+  - template: ../../steps/codeanalysis/filebugs.yaml
+    parameters:
+      BuildName: PSScriptAnalyzer
+      Tags: CLRIEPSScriptAnalyzer
+
+  # Microbuild Cleanup
+  - template: ../../steps/microbuild/cleanup.yaml

build/yaml/pipelines/codeanalysis.yaml

@@ -39,6 +39,7 @@ stages:
 
   jobs:
   - template: ../jobs/codeanalysis/policheck.yaml
+  - template: ../jobs/codeanalysis/psscriptanalyzer.yaml
 
 - stage: Analyze_PostBuild
   displayName: Code Analysis (After Build)
@@ -47,6 +48,7 @@ stages:
   jobs:
   - template: ../jobs/codeanalysis/apiscan.yaml
   - template: ../jobs/codeanalysis/binskim.yaml
+  - template: ../jobs/codeanalysis/antimalware.yaml
 
 - stage: Run_CS_Analyzers
   displayName: Code Analysis (Build Time Managed)

src/Tests/InstrEngineTests/NaglerInstrumentationMethod/InstrumentationEngineApi.cpp

@@ -52,10 +52,11 @@ namespace InstrumentationEngineApi
 #else
             // Aid in finding the line of code associated with the error message:
             // stderr: The specified module could not be found.
-            wchar_t err[256];
+            WCHAR err[256];
             memset(err, 0, 256);
             FormatMessageW(FORMAT_MESSAGE_FROM_SYSTEM, NULL, GetLastError(), MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), err, 255, NULL);
-            AssertLogFailure(err);
+            LPCWSTR errMsg = err;
+            AssertLogFailure(errMsg);
 #endif
         }
 

src/Tests/InstrEngineTests/NaglerInstrumentationMethod/NaglerInstrumentationMethod.cpp

@@ -1023,7 +1023,7 @@ HRESULT CInstrumentationMethod::InstrumentMethod(_In_ IMethodInfo* pMethodInfo,
 
             IfFailRet(spIMetaDataEmit->DefineMemberRef(tkTypeToken, spPointTo->m_methodName.c_str(), pSignature, cbSignature, &tkMethodToken));
         }
-        else if (FAILED(hrFound))
+        else
         {
             IfFailRet(hrFound);
         }