summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChristian Heimes <christian@cheimes.de>2013-07-22 23:31:15 (GMT)
committerChristian Heimes <christian@cheimes.de>2013-07-22 23:31:15 (GMT)
commitb911cfdd21220834204affec98b7f7688b5bace1 (patch)
treef954976c2cf7d0246afbfd73288d62ead6e8a8bf
parentba30883f60271be3b4b8c14735566c943a83c68f (diff)
downloadcpython-b911cfdd21220834204affec98b7f7688b5bace1.zip
cpython-b911cfdd21220834204affec98b7f7688b5bace1.tar.gz
cpython-b911cfdd21220834204affec98b7f7688b5bace1.tar.bz2
Add modeling file for Coverity Scan.
The modeling file avoids false positive reports.
-rw-r--r--Misc/coverity_model.c112
1 files changed, 112 insertions, 0 deletions
diff --git a/Misc/coverity_model.c b/Misc/coverity_model.c
new file mode 100644
index 0000000..7e04c59
--- /dev/null
+++ b/Misc/coverity_model.c
@@ -0,0 +1,112 @@
+/* Coverity Scan model
+ *
+ * This is a modeling file for Coverity Scan. Modeling helps to avoid false
+ * positives.
+ *
+ * - A model file can't import any header files.
+ * - Therefore only some built-in primitives like int, char and void are
+ * available but not wchar_t, NULL etc.
+ * - Modeling doesn't need full structs and typedefs. Rudimentary structs
+ * and similar types are sufficient.
+ * - An uninitialized local pointer is not an error. It signifies that the
+ * variable could be either NULL or have some data.
+ *
+ * Coverity Scan doesn't pick up modifications automatically. The model file
+ * must be uploaded by an admin in the analysis settings of
+ * http://scan.coverity.com/projects/200
+ *
+ */
+
+
+/* dummy definitions, in most cases struct fields aren't required. */
+
+#define NULL (void *)0
+
+typedef int sdigit;
+typedef long Py_ssize_t;
+typedef unsigned short wchar_t;
+typedef struct {} PyObject;
+typedef struct {} grammar;
+typedef int sdigit;
+typedef struct {} DIR;
+typedef struct {} RFILE;
+
+
+/* Python/pythonrun.c
+ * resourece leak false positive */
+
+void Py_FatalError(const char *msg) {
+ __coverity_panic__();
+}
+
+/* Objects/longobject.c
+ * NEGATIVE_RETURNS false positive */
+
+static PyObject small_ints[257 + 5];
+
+static PyObject *get_small_int(sdigit ival)
+{
+ PyObject *p;
+ if (((ival + 5) >= 0) && ((ival + 5) < 257 + 5)) {
+ return &small_ints[ival + 5];
+ }
+ return p;
+}
+
+/* tainted sinks
+ *
+ * Coverity considers argv, environ, read() data etc as tained.
+ */
+
+PyObject *PyErr_SetFromErrnoWithFilename(PyObject *exc, const char *filename)
+{
+ __coverity_tainted_data_sink__(filename);
+ return NULL;
+}
+
+/* Python/fileutils.c */
+wchar_t *_Py_char2wchar(const char* arg, size_t *size)
+{
+ wchar_t *w;
+ __coverity_tainted_data_sink__(arg);
+ __coverity_tainted_data_sink__(size);
+ return w;
+}
+
+/* Parser/pgenmain.c */
+grammar *getgrammar(char *filename)
+{
+ grammar *g;
+ __coverity_tainted_data_sink__(filename);
+ return g;
+}
+
+/* Python/marshal.c */
+
+static Py_ssize_t r_string(char *s, Py_ssize_t n, RFILE *p)
+{
+ __coverity_tainted_string_argument__(s);
+ return 0;
+}
+
+static long r_long(RFILE *p)
+{
+ long l;
+ unsigned char buffer[4];
+
+ r_string((char *)buffer, 4, p);
+ __coverity_tainted_string_sanitize_content__(buffer);
+ l = (long)buffer;
+ return l;
+}
+
+/* Coverity doesn't understand that fdopendir() may take ownership of fd. */
+
+DIR *fdopendir(int fd) {
+ DIR *d;
+ if (d) {
+ __coverity_close__(fd);
+ }
+ return d;
+}
+