diff options
author | Christian Heimes <christian@cheimes.de> | 2013-07-22 23:31:15 (GMT) |
---|---|---|
committer | Christian Heimes <christian@cheimes.de> | 2013-07-22 23:31:15 (GMT) |
commit | b911cfdd21220834204affec98b7f7688b5bace1 (patch) | |
tree | f954976c2cf7d0246afbfd73288d62ead6e8a8bf | |
parent | ba30883f60271be3b4b8c14735566c943a83c68f (diff) | |
download | cpython-b911cfdd21220834204affec98b7f7688b5bace1.zip cpython-b911cfdd21220834204affec98b7f7688b5bace1.tar.gz cpython-b911cfdd21220834204affec98b7f7688b5bace1.tar.bz2 |
Add modeling file for Coverity Scan.
The modeling file avoids false positive reports.
-rw-r--r-- | Misc/coverity_model.c | 112 |
1 files changed, 112 insertions, 0 deletions
diff --git a/Misc/coverity_model.c b/Misc/coverity_model.c new file mode 100644 index 0000000..7e04c59 --- /dev/null +++ b/Misc/coverity_model.c @@ -0,0 +1,112 @@ +/* Coverity Scan model + * + * This is a modeling file for Coverity Scan. Modeling helps to avoid false + * positives. + * + * - A model file can't import any header files. + * - Therefore only some built-in primitives like int, char and void are + * available but not wchar_t, NULL etc. + * - Modeling doesn't need full structs and typedefs. Rudimentary structs + * and similar types are sufficient. + * - An uninitialized local pointer is not an error. It signifies that the + * variable could be either NULL or have some data. + * + * Coverity Scan doesn't pick up modifications automatically. The model file + * must be uploaded by an admin in the analysis settings of + * http://scan.coverity.com/projects/200 + * + */ + + +/* dummy definitions, in most cases struct fields aren't required. */ + +#define NULL (void *)0 + +typedef int sdigit; +typedef long Py_ssize_t; +typedef unsigned short wchar_t; +typedef struct {} PyObject; +typedef struct {} grammar; +typedef int sdigit; +typedef struct {} DIR; +typedef struct {} RFILE; + + +/* Python/pythonrun.c + * resourece leak false positive */ + +void Py_FatalError(const char *msg) { + __coverity_panic__(); +} + +/* Objects/longobject.c + * NEGATIVE_RETURNS false positive */ + +static PyObject small_ints[257 + 5]; + +static PyObject *get_small_int(sdigit ival) +{ + PyObject *p; + if (((ival + 5) >= 0) && ((ival + 5) < 257 + 5)) { + return &small_ints[ival + 5]; + } + return p; +} + +/* tainted sinks + * + * Coverity considers argv, environ, read() data etc as tained. + */ + +PyObject *PyErr_SetFromErrnoWithFilename(PyObject *exc, const char *filename) +{ + __coverity_tainted_data_sink__(filename); + return NULL; +} + +/* Python/fileutils.c */ +wchar_t *_Py_char2wchar(const char* arg, size_t *size) +{ + wchar_t *w; + __coverity_tainted_data_sink__(arg); + __coverity_tainted_data_sink__(size); + return w; +} + +/* Parser/pgenmain.c */ +grammar *getgrammar(char *filename) +{ + grammar *g; + __coverity_tainted_data_sink__(filename); + return g; +} + +/* Python/marshal.c */ + +static Py_ssize_t r_string(char *s, Py_ssize_t n, RFILE *p) +{ + __coverity_tainted_string_argument__(s); + return 0; +} + +static long r_long(RFILE *p) +{ + long l; + unsigned char buffer[4]; + + r_string((char *)buffer, 4, p); + __coverity_tainted_string_sanitize_content__(buffer); + l = (long)buffer; + return l; +} + +/* Coverity doesn't understand that fdopendir() may take ownership of fd. */ + +DIR *fdopendir(int fd) { + DIR *d; + if (d) { + __coverity_close__(fd); + } + return d; +} + |