+++ /dev/null
-
-Coverity has a static analysis tool (Prevent) which is similar to Klocwork.
-They run their tool on the Python source code (SVN head) on a daily basis.
-The results are available at:
-
- http://scan.coverity.com/
-
-About 20 people have access to the analysis reports. Other
-people can be added by request.
-
-Prevent was first run on the Python 2.5 source code in March 2006.
-There were originally about 100 defects reported. Some of these
-were false positives. Over 70 issues were uncovered.
-
-Each warning has a unique id and comments that can be made on it.
-When checking in changes due to a warning, the unique id
-as reported by the tool was added to the SVN commit message.
-
-False positives were annotated so that the comments can
-be reviewed and reversed if the analysis was incorrect.
-
-Contact python-dev@python.org for more information.
+++ /dev/null
-/* Coverity Scan model
- *
- * This is a modeling file for Coverity Scan. Modeling helps to avoid false
- * positives.
- *
- * - A model file can't import any header files.
- * - Therefore only some built-in primitives like int, char and void are
- * available but not wchar_t, NULL etc.
- * - Modeling doesn't need full structs and typedefs. Rudimentary structs
- * and similar types are sufficient.
- * - An uninitialized local pointer is not an error. It signifies that the
- * variable could be either NULL or have some data.
- *
- * Coverity Scan doesn't pick up modifications automatically. The model file
- * must be uploaded by an admin in the analysis settings of
- * http://scan.coverity.com/projects/200
- */
-
-/* dummy definitions, in most cases struct fields aren't required. */
-
-#define NULL (void *)0
-#define assert(op) /* empty */
-typedef int sdigit;
-typedef long Py_ssize_t;
-typedef unsigned short wchar_t;
-typedef struct {} PyObject;
-typedef struct {} grammar;
-typedef struct {} DIR;
-typedef struct {} RFILE;
-
-/* Python/pythonrun.c
- * resource leak false positive */
-
-void Py_FatalError(const char *msg) {
- __coverity_panic__();
-}
-
-/* Objects/longobject.c
- * NEGATIVE_RETURNS false positive */
-
-static PyObject *get_small_int(sdigit ival)
-{
- /* Never returns NULL */
- PyObject *p;
- assert(p != NULL);
- return p;
-}
-
-PyObject *PyLong_FromLong(long ival)
-{
- PyObject *p;
- int maybe;
-
- if ((ival >= -5) && (ival < 257 + 5)) {
- p = get_small_int(ival);
- assert(p != NULL);
- return p;
- }
- if (maybe)
- return p;
- else
- return NULL;
-}
-
-PyObject *PyLong_FromLongLong(long long ival)
-{
- return PyLong_FromLong((long)ival);
-}
-
-PyObject *PyLong_FromSsize_t(Py_ssize_t ival)
-{
- return PyLong_FromLong((long)ival);
-}
-
-/* tainted sinks
- *
- * Coverity considers argv, environ, read() data etc as tainted.
- */
-
-PyObject *PyErr_SetFromErrnoWithFilename(PyObject *exc, const char *filename)
-{
- __coverity_tainted_data_sink__(filename);
- return NULL;
-}
-
-/* Python/fileutils.c */
-wchar_t *Py_DecodeLocale(const char* arg, size_t *size)
-{
- wchar_t *w;
- __coverity_tainted_data_sink__(arg);
- __coverity_tainted_data_sink__(size);
- return w;
-}
-
-/* Python/marshal.c */
-
-static Py_ssize_t r_string(char *s, Py_ssize_t n, RFILE *p)
-{
- __coverity_tainted_string_argument__(s);
- return 0;
-}
-
-static long r_long(RFILE *p)
-{
- long l;
- unsigned char buffer[4];
-
- r_string((char *)buffer, 4, p);
- __coverity_tainted_string_sanitize_content__(buffer);
- l = (long)buffer;
- return l;
-}
-
-/* Coverity doesn't understand that fdopendir() may take ownership of fd. */
-
-DIR *fdopendir(int fd)
-{
- DIR *d;
- if (d) {
- __coverity_close__(fd);
- }
- return d;
-}
-
-/* Modules/_datetime.c
- *
- * Coverity thinks that the input values for these function come from a
- * tainted source PyDateTime_DATE_GET_* macros use bit shifting.
- */
-static PyObject *
-build_struct_time(int y, int m, int d, int hh, int mm, int ss, int dstflag)
-{
- PyObject *result;
-
- __coverity_tainted_data_sanitize__(y);
- __coverity_tainted_data_sanitize__(m);
- __coverity_tainted_data_sanitize__(d);
- __coverity_tainted_data_sanitize__(hh);
- __coverity_tainted_data_sanitize__(mm);
- __coverity_tainted_data_sanitize__(ss);
- __coverity_tainted_data_sanitize__(dstflag);
-
- return result;
-}
-
-static int
-ymd_to_ord(int year, int month, int day)
-{
- int ord = 0;
-
- __coverity_tainted_data_sanitize__(year);
- __coverity_tainted_data_sanitize__(month);
- __coverity_tainted_data_sanitize__(day);
-
- return ord;
-}
-
-static int
-normalize_date(int *year, int *month, int *day)
-{
- __coverity_tainted_data_sanitize__(*year);
- __coverity_tainted_data_sanitize__(*month);
- __coverity_tainted_data_sanitize__(*day);
-
- return 0;
-}
-
-static int
-weekday(int year, int month, int day)
-{
- int w = 0;
-
- __coverity_tainted_data_sanitize__(year);
- __coverity_tainted_data_sanitize__(month);
- __coverity_tainted_data_sanitize__(day);
-
- return w;
-}
-
projects / thirdparty / Python / cpython.git / commitdiff
