--- template4.5p2.conf 2018-07-12 11:44:03.128384300 -0400 +++ template5.0p0.conf 2018-07-12 11:39:57.860518900 -0400 @@ -1,7 +1,7 @@ # For emacs: -*- Shell-script -*- # ###################################################################### -# CodeSonar 4.5p2 Configuration File +# CodeSonar 5.0p0 Configuration File ###################################################################### # # CodeSonar will use preferences defined in this file when running @@ -69,6 +69,17 @@ # with these additional CFLAGs prepended. # # Notes +# CFLAGS_PREPEND is only suitable for use in the general template +# [doc/html/Preferences/PreferencesIndex.html#general_template] +# configuration file and general project +# [doc/html/Preferences/PreferencesIndex.html#general_project] +# configuration files. It is not suitable for use in compiler +# template +# [doc/html/Preferences/PreferencesIndex.html#compiler_template] or +# project-compiler +# [doc/html/Preferences/PreferencesIndex.html#project_compiler] +# configuration files. +# # Most compilers will implicitly define various preprocessor # symbols and include directories. Unless you are using gcc (which # can be queried for its definitions), specify those implicit @@ -78,12 +89,11 @@ # the operating system, and the compiler's include directory. # # The += operator will actually prepend to this preference (in all -# other cases except EDG_FRONTEND_OPTIONS_PREPEND, the += operator -# appends). This means that if you have two CFLAGS_PREPEND += -# statements in this file, the CFLAGS in the second statement will -# be prepended to the CFLAGS in the first statement. -# -CFLAGS_PREPEND += +# cases except for other parameters with names of the form +# *_PREPEND, the += operator appends). This means that if you have +# two CFLAGS_PREPEND += statements in this file, the CFLAGS in the +# second statement will be prepended to the CFLAGS in the first +# statement. CFLAGS_PREPEND += # Parameter CFLAGS_APPEND @@ -102,6 +112,17 @@ # with these additional CFLAGs appended. # # Notes +# CFLAGS_APPEND is only suitable for use in the general template +# [doc/html/Preferences/PreferencesIndex.html#general_template] +# configuration file and general project +# [doc/html/Preferences/PreferencesIndex.html#general_project] +# configuration files. It is not suitable for use in compiler +# template +# [doc/html/Preferences/PreferencesIndex.html#compiler_template] or +# project-compiler +# [doc/html/Preferences/PreferencesIndex.html#project_compiler] +# configuration files. +# # Most compilers will implicitly define various preprocessor # symbols and include directories. If the real compiler cannot be # automatically queried for its implicit definitions (this only @@ -505,13 +526,14 @@ # DISABLED_COMPILERS += tcpp # + # Parameter HOOK_BLACKLIST # # Tags # - BUILD_BEHAVIOR: Governs the Build/Analysis # # Purpose -# Advises CodeSonar to not monitor certain executables or their +# Instructs CodeSonar not to monitor certain executables or their # subprocesses. # # Type @@ -528,15 +550,7 @@ # # If programs listed here transitively invoke compilers, CodeSonar # will not notice those invocations. -# -# Defaults: -# -# POSIX: -# HOOK_BLACKLIST += ibtoold -# HOOK_BLACKLIST += momc -# HOOK_BLACKLIST += ssh -# HOOK_BLACKLIST += rpm -# HOOK_BLACKLIST += chroot + HOOK_BLACKLIST += ibtoold HOOK_BLACKLIST += momc HOOK_BLACKLIST += mapc @@ -544,26 +558,27 @@ HOOK_BLACKLIST += rpm HOOK_BLACKLIST += chroot -# Some yocto projects (which uses the bitbake build system) fail a -# build if the output log contains the string ERR. It is observed -# that for some do_rootfs step which invokes QEMU (https://www -# .linux-mips.org/wiki/QEMU) ERROR: ld.so: object 'libhookcs.so' -# from LD_PRELOAD cannot be preloaded can show up in the log. This -# causes the build to fail. +## Some yocto projects (which uses the bitbake build system) fail a +## build if the output log contains the string ERR. It is observed that +## for some do_rootfs step which invokes QEMU +## (https://www.linux-mips.org/wiki/QEMU) +## ERROR: ld.so: object 'libhookcs.so' from LD_PRELOAD cannot be preloaded +## can show up in the log. This causes the build to fail. HOOK_BLACKLIST += qemu-aarch64 HOOK_BLACKLIST += qemu-arm -# The QEMU Guest Agent is a daemon intended to be run within -# virtual machines. HOOK_BLACKLIST += qemu-ga +## The QEMU Guest Agent is a daemon intended to be run within virtual machines. +## HOOK_BLACKLIST += qemu-ga HOOK_BLACKLIST += qemu-i386 -# qemu-img allows you to create, convert and modify images offline -# HOOK_BLACKLIST += qemu-img QEMU Disk exerciser HOOK_BLACKLIST += -# qemu-io +## qemu-img allows you to create, convert and modify images offline +## HOOK_BLACKLIST += qemu-img +## QEMU Disk exerciser +## HOOK_BLACKLIST += qemu-io HOOK_BLACKLIST += qemu-mips HOOK_BLACKLIST += qemu-mips64 HOOK_BLACKLIST += qemu-mipsel HOOK_BLACKLIST += qemu-mips.real -# Export a QEMU disk image using the NBD protocol. HOOK_BLACKLIST -# += qemu-nbd +## Export a QEMU disk image using the NBD protocol. +## HOOK_BLACKLIST += qemu-nbd HOOK_BLACKLIST += qemu-ppc HOOK_BLACKLIST += qemu-system-aarch64 HOOK_BLACKLIST += qemu-system-arm @@ -625,8 +640,8 @@ # { Yes, No } # # Notes -# This parameter is ignored by the Windows project builder GUI and -# on non-Windows systems. +# This parameter is ignored by the Windows build wizard and on non- +# Windows systems. # # Setting this to "Yes" can be useful if running an interactive # Cygwin shell inside a hook command. @@ -1215,7 +1230,7 @@ # Parameter BUILD_OPTIONS # # Purpose -# Specifies CodeSurfer builder options. +# Specifies builder options. # # Tags # - BUILD_BEHAVIOR: Governs the Build/Analysis @@ -1224,9 +1239,8 @@ # a list of build options # # Behavior -# See the CodeSurfer manual, section Build Options: Summary -# [../csurf/doc/codesurfer/CodeSurfer.html#OptionsPreferences/BuildOptionsSummary.html] -# for a list of the available options. +# See the Options [doc/html/CsurfOptions.html] section for a list +# of the available options. # # Notes # CodeSonar users should usually not need to change this. @@ -1257,10 +1271,11 @@ # # Notes # The += operator will actually prepend to this preference (in all -# other cases except CFLAGS_PREPEND , the += operator appends). -# This means that if you have two EDG_FRONTEND_OPTIONS_PREPEND += -# statements in this file, the options in the second statement will -# be prepended to the options in the first statement. +# cases except for other parameters with names of the form +# *_PREPEND, the += operator appends). This means that if you have +# two EDG_FRONTEND_OPTIONS_PREPEND += statements in this file, the +# options in the second statement will be prepended to the options +# in the first statement. # # If you are using this parameter to define a preprocessor macro # whose definition contains spaces, double-quote the definition. @@ -1419,8 +1434,8 @@ # { Yes, No } # # Notes -# This parameter only has an effect on Unix-like operating systems, -# not Windows. +# This is a debugging feature that typically causes a minor +# performance hit. # MANAGED_OBJECTS_PROTECT_PAGES = No @@ -1706,6 +1721,9 @@ # SOURCE_PATTERN_REPLACEMENT (or SOURCE_PATTERN, # SOURCE_REPLACEMENT, SOURCE_MODIFIERS). # +# Here is an example of how to convert from a popular shift JIS +# variant to UTF8: +# SOURCE_REPLACE_COMMAND += $GTHOME/third-party/apr-iconv/inst/bin/apriconv -f cp932 -t utf-8 # Parameter PREPROCESS_IF_FAIL @@ -3197,7 +3215,7 @@ # entirely within system include files (as designated by # SYSTEM_INCLUDE_PATHS), with no user code involved. # - language : Language -# - line= : Line +# - line : Line # - line_contents : the contents of the source line on which the # warning was issued (that is, the Line'th line of Warning File) # - listing_xml : Listing XML @@ -3365,6 +3383,9 @@ # The following checks are enabled by default. To discard warnings # of a particular class, use the corresponding "discard" rule. # (C and C++ warning classes) +# WARNING_FILTER += discard class="Arctangent Domain Error" +# WARNING_FILTER += discard class="Argument Too High" +# WARNING_FILTER += discard class="Argument Too Low" # WARNING_FILTER += discard class="Blocking in Critical Section" # WARNING_FILTER += discard class="Buffer Overrun" # WARNING_FILTER += discard class="Buffer Underrun" @@ -3387,11 +3408,14 @@ # WARNING_FILTER += discard class="Encryption without Padding" # WARNING_FILTER += discard class="File System Race Condition" # WARNING_FILTER += discard class="Float Division By Zero" +# WARNING_FILTER += discard class="Floating Point Domain Error" +# WARNING_FILTER += discard class="Floating Point Range Error" # WARNING_FILTER += discard class="Format String Injection" # WARNING_FILTER += discard class="Format String" # WARNING_FILTER += discard class="Free Non-Heap Variable" # WARNING_FILTER += discard class="Free Null Pointer" # WARNING_FILTER += discard class="Function Call Has No Effect" +# WARNING_FILTER += discard class="Gamma on Zero" # WARNING_FILTER += discard class="GlobalHandle on GMEM_FIXED Memory" # WARNING_FILTER += discard class="GlobalLock on GMEM_FIXED Memory" # WARNING_FILTER += discard class="GlobalUnlock on GMEM_FIXED Memory" @@ -3406,6 +3430,8 @@ # WARNING_FILTER += discard class="LocalHandle on LMEM_FIXED Memory" # WARNING_FILTER += discard class="LocalLock on LMEM_FIXED Memory" # WARNING_FILTER += discard class="LocalUnlock on LMEM_FIXED Memory" +# WARNING_FILTER += discard class="Logarithm on Negative Value" +# WARNING_FILTER += discard class="Logarithm on Zero" # WARNING_FILTER += discard class="MAX_PATH Exceeded" # WARNING_FILTER += discard class="Misaligned Object" # WARNING_FILTER += discard class="Missing Return Statement" @@ -3420,6 +3446,7 @@ # WARNING_FILTER += discard class="Overlapping Memory Regions" # WARNING_FILTER += discard class="Plaintext Storage of Password" # WARNING_FILTER += discard class="Pool Mismatch" +# WARNING_FILTER += discard class="Raises FE_INVALID" # WARNING_FILTER += discard class="Redundant Condition" # WARNING_FILTER += discard class="Return Pointer to Freed" # WARNING_FILTER += discard class="Return Pointer to Local" @@ -3430,6 +3457,7 @@ # WARNING_FILTER += discard class="Type Mismatch" # WARNING_FILTER += discard class="Type Overrun" # WARNING_FILTER += discard class="Type Underrun" +# WARNING_FILTER += discard class="Undefined Power of Zero" # WARNING_FILTER += discard class="Uninitialized Variable" # WARNING_FILTER += discard class="Unreachable Call" # WARNING_FILTER += discard class="Unreachable Computation" @@ -3443,12 +3471,16 @@ # WARNING_FILTER += discard class="Use of GetTempFileName" # WARNING_FILTER += discard class="Use of SO_REUSEADDR" # WARNING_FILTER += discard class="Use of crypt" +# WARNING_FILTER += discard class="Use of drem" +# WARNING_FILTER += discard class="Use of gamma" # WARNING_FILTER += discard class="Use of gets" # WARNING_FILTER += discard class="Use of mktemp" # WARNING_FILTER += discard class="Use of tmpfile" # WARNING_FILTER += discard class="Use of tmpnam" # WARNING_FILTER += discard class="Useless Assignment" # WARNING_FILTER += discard class="Varargs Function Cast" +# WARNING_FILTER += discard class="cosh on High Number" +# WARNING_FILTER += discard class="cosh on Low Number" # WARNING_FILTER += discard class="sqrt on Negative Value" # # (Java warning classes) @@ -3484,7 +3516,6 @@ # WARNING_FILTER += discard class="Broken Null Check" # WARNING_FILTER += discard class="Call Super First" # WARNING_FILTER += discard class="Call Super Last" -# WARNING_FILTER += discard class="Call to blocking method whilst holding lock" # WARNING_FILTER += discard class="Call to equals() comparing different interface types" # WARNING_FILTER += discard class="Call to equals() comparing different types" # WARNING_FILTER += discard class="Call to equals() comparing unrelated class and interface" @@ -3512,7 +3543,6 @@ # WARNING_FILTER += discard class="Code checks for specific values returned by compareTo" # WARNING_FILTER += discard class="Collections should not contain themselves" # WARNING_FILTER += discard class="Comparing values with incompatible type qualifiers" -# WARNING_FILTER += discard class="ConcurrentModificationException caught" # WARNING_FILTER += discard class="Condition.await() not in loop" # WARNING_FILTER += discard class="Constructor invokes Thread.start()" # WARNING_FILTER += discard class="Covariant equals() method defined for enum" @@ -3543,7 +3573,6 @@ # WARNING_FILTER += discard class="Field isn't final but should be" # WARNING_FILTER += discard class="Field not guarded against concurrent access" # WARNING_FILTER += discard class="Field only ever set to null" -# WARNING_FILTER += discard class="Field reassigned while holding a lock on its value" # WARNING_FILTER += discard class="Field should be both final and package protected" # WARNING_FILTER += discard class="Field should be moved out of an interface and made package protected" # WARNING_FILTER += discard class="Field should be package protected" @@ -3552,7 +3581,6 @@ # WARNING_FILTER += discard class="Format string placeholder incompatible with passed argument" # WARNING_FILTER += discard class="Format string references missing argument" # WARNING_FILTER += discard class="Futile attempt to change max pool size of ScheduledThreadPoolExecutor" -# WARNING_FILTER += discard class="Get/check/put used rather than putIfAbsent" # WARNING_FILTER += discard class="HTTP Response splitting vulnerability" # WARNING_FILTER += discard class="HTTP cookie formed from untrusted input" # WARNING_FILTER += discard class="Hardcoded constant database password" @@ -3562,8 +3590,6 @@ # WARNING_FILTER += discard class="Impossible downcast" # WARNING_FILTER += discard class="Incompatible bitwise-and masks" # WARNING_FILTER += discard class="Incompatible bitwise-or masks" -# WARNING_FILTER += discard class="Inconsistent collection synchronisation" -# WARNING_FILTER += discard class="Inconsistent synchronisation" # WARNING_FILTER += discard class="Inconsistent synchronization" # WARNING_FILTER += discard class="Incorrect combination of Math.max and Math.min" # WARNING_FILTER += discard class="Incorrect lazy initialization and update of static field" @@ -3607,16 +3633,12 @@ # WARNING_FILTER += discard class="Mismatched notify()" # WARNING_FILTER += discard class="Mismatched wait()" # WARNING_FILTER += discard class="Misplaced Null Check" -# WARNING_FILTER += discard class="Mixed collection synchronisation" -# WARNING_FILTER += discard class="Mixed synchronisation" # WARNING_FILTER += discard class="Monitor wait() called on Condition" # WARNING_FILTER += discard class="More arguments are passed than are actually used in the format string" # WARNING_FILTER += discard class="Mutable servlet field" # WARNING_FILTER += discard class="Naked notify" # WARNING_FILTER += discard class="No previous argument for format string" # WARNING_FILTER += discard class="No relationship between generic parameter and method argument" -# WARNING_FILTER += discard class="Non atomic Check/Put on thread-safe collection" -# WARNING_FILTER += discard class="Non atomic use of Get/Check/Put" # WARNING_FILTER += discard class="Non-null field is not initialized" # WARNING_FILTER += discard class="Non-virtual method call passes null for non-null parameter" # WARNING_FILTER += discard class="Nonconstant string passed to execute or addBatch method on an SQL statement" @@ -3652,7 +3674,6 @@ # WARNING_FILTER += discard class="Sequence of calls to concurrent abstraction may not be atomic" # WARNING_FILTER += discard class="Servlet reflected cross site scripting vulnerability in error page" # WARNING_FILTER += discard class="Servlet reflected cross site scripting vulnerability" -# WARNING_FILTER += discard class="Shared non-thread-safe content" # WARNING_FILTER += discard class="Signature declares use of unhashable class in hashed construct" # WARNING_FILTER += discard class="Static Calendar field" # WARNING_FILTER += discard class="Static DateFormat" @@ -3669,7 +3690,6 @@ # WARNING_FILTER += discard class="Synchronization performed on Lock" # WARNING_FILTER += discard class="Synchronization performed on util.concurrent instance" # WARNING_FILTER += discard class="Synchronize and null check on the same field." -# WARNING_FILTER += discard class="Synchronizing on reusable objects" # WARNING_FILTER += discard class="TestCase declares a bad suite method" # WARNING_FILTER += discard class="TestCase defines setUp that doesn't call super.setUp()" # WARNING_FILTER += discard class="TestCase defines tearDown that doesn't call super.tearDown()" @@ -3677,8 +3697,6 @@ # WARNING_FILTER += discard class="TestCase implements a non-static suite method" # WARNING_FILTER += discard class="The readResolve method must not be declared as a static method." # WARNING_FILTER += discard class="The type of a supplied argument doesn't match format specifier" -# WARNING_FILTER += discard class="Thread-safe collection consistently guarded" -# WARNING_FILTER += discard class="Thread-safe collection replaced by potentially unsafe collection" # WARNING_FILTER += discard class="Uncallable method defined in anonymous class" # WARNING_FILTER += discard class="Unconditional If Statement" # WARNING_FILTER += discard class="Unconditional wait" @@ -3686,12 +3704,9 @@ # WARNING_FILTER += discard class="Uninitialized read of field method called from constructor of superclass" # WARNING_FILTER += discard class="Unnecessary type check done using instanceof operator" # WARNING_FILTER += discard class="Unneeded use of currentThread() call, to call interrupted()" -# WARNING_FILTER += discard class="Unsafe iteration over synchronised collection" -# WARNING_FILTER += discard class="Unsynchronised write to field from asynchronous callback" # WARNING_FILTER += discard class="Unsynchronized get method, synchronized set method" # WARNING_FILTER += discard class="Unwritten field" # WARNING_FILTER += discard class="Use of class without a hashCode() method in a hashed data structure" -# WARNING_FILTER += discard class="Use of isLocked() and lock() rather tryLock()" # WARNING_FILTER += discard class="Useless increment in return statement" # WARNING_FILTER += discard class="Useless non-empty void method" # WARNING_FILTER += discard class="Useless object created on stack" @@ -3708,7 +3723,6 @@ # WARNING_FILTER += discard class="Value that might not carry a type qualifier is always used in a way requires that type qualifier" # WARNING_FILTER += discard class="Value without a type qualifier used where a value is required to have that qualifier" # WARNING_FILTER += discard class="Very confusing method names" -# WARNING_FILTER += discard class="Volatile field could be made final" # WARNING_FILTER += discard class="Wait not in loop" # WARNING_FILTER += discard class="Wait with two locks held" # WARNING_FILTER += discard class="\".\" or \"|\" used for regular expression" @@ -5277,109 +5291,123 @@ BAD_FUNCTION_REGEX = ^[dD][eE][sS]_ecb(2)?_encrypt$ BAD_FUNCTION_MESSAGE = Weak Cryptography -BAD_FUNCTION_INFO = it is a cryptographically weak algorithm (one of the MD5 or DES family of algorithms). +BAD_FUNCTION_INFO = it is a cryptographically weak algorithm (one of the MD5 or DES family of algorithms) BAD_FUNCTION_CATEGORIES = BADFUNC.WEAKCRYPTO;CWE:327 BAD_FUNCTION_RANK = 1.0 BAD_FUNCTION_SIGNIFICANCE = SECURITY BAD_FUNCTION_REGEX = ^[dD][eE][sS]_(x|n|p)cbc_encrypt$ BAD_FUNCTION_MESSAGE = Weak Cryptography -BAD_FUNCTION_INFO = it is a cryptographically weak algorithm (one of the MD5 or DES family of algorithms). +BAD_FUNCTION_INFO = it is a cryptographically weak algorithm (one of the MD5 or DES family of algorithms) BAD_FUNCTION_CATEGORIES = BADFUNC.WEAKCRYPTO;CWE:327 BAD_FUNCTION_RANK = 1.0 BAD_FUNCTION_SIGNIFICANCE = SECURITY BAD_FUNCTION_REGEX = ^[dD][eE][sS]_(c|o)fb(64)?_encrypt$ BAD_FUNCTION_MESSAGE = Weak Cryptography -BAD_FUNCTION_INFO = it is a cryptographically weak algorithm (one of the MD5 or DES family of algorithms). +BAD_FUNCTION_INFO = it is a cryptographically weak algorithm (one of the MD5 or DES family of algorithms) BAD_FUNCTION_CATEGORIES = BADFUNC.WEAKCRYPTO;CWE:327 BAD_FUNCTION_RANK = 1.0 BAD_FUNCTION_SIGNIFICANCE = SECURITY BAD_FUNCTION_REGEX = ^[dD][eE][sS]_ede2_(cbc|cfb64|ofb64)_encrypt$ BAD_FUNCTION_MESSAGE = Weak Cryptography -BAD_FUNCTION_INFO = it is a cryptographically weak algorithm (one of the MD5 or DES family of algorithms). +BAD_FUNCTION_INFO = it is a cryptographically weak algorithm (one of the MD5 or DES family of algorithms) BAD_FUNCTION_CATEGORIES = BADFUNC.WEAKCRYPTO;CWE:327 BAD_FUNCTION_RANK = 1.0 BAD_FUNCTION_SIGNIFICANCE = SECURITY BAD_FUNCTION_REGEX = ^[dD][eE][sS]_(f)?crypt$ BAD_FUNCTION_MESSAGE = Weak Cryptography -BAD_FUNCTION_INFO = it is a cryptographically weak algorithm (one of the MD5 or DES family of algorithms). +BAD_FUNCTION_INFO = it is a cryptographically weak algorithm (one of the MD5 or DES family of algorithms) BAD_FUNCTION_CATEGORIES = BADFUNC.WEAKCRYPTO;CWE:327 BAD_FUNCTION_RANK = 1.0 BAD_FUNCTION_SIGNIFICANCE = SECURITY BAD_FUNCTION_REGEX = ^MD(2|4|5)(_Init|_Update|_Final)?$ BAD_FUNCTION_MESSAGE = Weak Cryptography -BAD_FUNCTION_INFO = it is a cryptographically weak algorithm (one of the MD5 or DES family of algorithms). +BAD_FUNCTION_INFO = it is a cryptographically weak algorithm (one of the MD5 or DES family of algorithms) BAD_FUNCTION_CATEGORIES = BADFUNC.WEAKCRYPTO;CWE:327 BAD_FUNCTION_RANK = 1.0 BAD_FUNCTION_SIGNIFICANCE = SECURITY BAD_FUNCTION_REGEX = ^ptrace$ BAD_FUNCTION_MESSAGE = Possible Anti-Debugging -BAD_FUNCTION_INFO = it can be used to detect a debugger. +BAD_FUNCTION_INFO = it can be used to detect a debugger BAD_FUNCTION_CATEGORIES = BADFUNC.ANTIDEBUG BAD_FUNCTION_RANK = 1.0 BAD_FUNCTION_SIGNIFICANCE = SECURITY BAD_FUNCTION_REGEX = ^IsDebuggerPresent$ BAD_FUNCTION_MESSAGE = Possible Anti-Debugging -BAD_FUNCTION_INFO = it can be used to detect a debugger. +BAD_FUNCTION_INFO = it can be used to detect a debugger BAD_FUNCTION_CATEGORIES = BADFUNC.ANTIDEBUG BAD_FUNCTION_RANK = 1.0 BAD_FUNCTION_SIGNIFICANCE = SECURITY BAD_FUNCTION_REGEX = ^NtQueryInformationProcess$ BAD_FUNCTION_MESSAGE = Possible Anti-Debugging -BAD_FUNCTION_INFO = it can be used to detect a debugger. +BAD_FUNCTION_INFO = it can be used to detect a debugger BAD_FUNCTION_CATEGORIES = BADFUNC.ANTIDEBUG BAD_FUNCTION_RANK = 1.0 BAD_FUNCTION_SIGNIFICANCE = SECURITY BAD_FUNCTION_REGEX = ^ProcessDebugObjectHandle$ BAD_FUNCTION_MESSAGE = Possible Anti-Debugging -BAD_FUNCTION_INFO = it can be used to detect a debugger. +BAD_FUNCTION_INFO = it can be used to detect a debugger BAD_FUNCTION_CATEGORIES = BADFUNC.ANTIDEBUG BAD_FUNCTION_RANK = 1.0 BAD_FUNCTION_SIGNIFICANCE = SECURITY BAD_FUNCTION_REGEX = ^RtlQueryProcessHeapInformation$ BAD_FUNCTION_MESSAGE = Possible Anti-Debugging -BAD_FUNCTION_INFO = it can be used to detect a debugger. +BAD_FUNCTION_INFO = it can be used to detect a debugger BAD_FUNCTION_CATEGORIES = BADFUNC.ANTIDEBUG BAD_FUNCTION_RANK = 1.0 BAD_FUNCTION_SIGNIFICANCE = SECURITY BAD_FUNCTION_REGEX = ^RtlQueryProcessDebugInformation$ BAD_FUNCTION_MESSAGE = Possible Anti-Debugging -BAD_FUNCTION_INFO = it can be used to detect a debugger. +BAD_FUNCTION_INFO = it can be used to detect a debugger BAD_FUNCTION_CATEGORIES = BADFUNC.ANTIDEBUG BAD_FUNCTION_RANK = 1.0 BAD_FUNCTION_SIGNIFICANCE = SECURITY BAD_FUNCTION_REGEX = ^SetUnhandledExceptionFilter$ BAD_FUNCTION_MESSAGE = Possible Anti-Debugging -BAD_FUNCTION_INFO = it can be used to detect a debugger. +BAD_FUNCTION_INFO = it can be used to detect a debugger BAD_FUNCTION_CATEGORIES = BADFUNC.ANTIDEBUG BAD_FUNCTION_RANK = 1.0 BAD_FUNCTION_SIGNIFICANCE = SECURITY BAD_FUNCTION_REGEX = ^NtCreateDebugObject$ BAD_FUNCTION_MESSAGE = Possible Anti-Debugging -BAD_FUNCTION_INFO = it can be used to detect a debugger. +BAD_FUNCTION_INFO = it can be used to detect a debugger BAD_FUNCTION_CATEGORIES = BADFUNC.ANTIDEBUG BAD_FUNCTION_RANK = 1.0 BAD_FUNCTION_SIGNIFICANCE = SECURITY BAD_FUNCTION_REGEX = ^NtQuerySystemInformation$ BAD_FUNCTION_MESSAGE = Possible Anti-Debugging -BAD_FUNCTION_INFO = it can be used to detect a debugger. +BAD_FUNCTION_INFO = it can be used to detect a debugger BAD_FUNCTION_CATEGORIES = BADFUNC.ANTIDEBUG BAD_FUNCTION_RANK = 1.0 BAD_FUNCTION_SIGNIFICANCE = SECURITY +# Floating Point bad functions +BAD_FUNCTION_REGEX = ^_?_?gamma[fl]?$ +BAD_FUNCTION_MESSAGE = Use of gamma +BAD_FUNCTION_INFO = it is not portable. Use tgamma() or lgamma() instead +BAD_FUNCTION_CATEGORIES = BADFUNC.FLOAT.GAMMA +BAD_FUNCTION_BASE_RANK = 1.0 +BAD_FUNCTION_SIGNIFICANCE = RELIABILITY + +BAD_FUNCTION_REGEX = ^_?_?drem[fl]?$ +BAD_FUNCTION_MESSAGE = Use of drem +BAD_FUNCTION_INFO = it is obsolete. Use remainder() instead +BAD_FUNCTION_CATEGORIES = BADFUNC.FLOAT.DREM +BAD_FUNCTION_BASE_RANK = 1.0 +BAD_FUNCTION_SIGNIFICANCE = RELIABILITY # Parameter PLUGINS # @@ -5455,6 +5483,12 @@ # For example: # JAVA_PLUGIN_JVM = C:\Program Files\Java\jre6\bin\server\jvm.dll # JAVA_PLUGIN_JVM = /usr/lib/jvm/java-6-openjdk-amd64/jre/lib/amd64/server/libjvm.so +# JAVA_PLUGIN_JVM = /Library/Java/JavaVirtualMachines/jdk1.7.0_51.jdk/Contents/Home/jre/lib/server/libjvm.dylib +# +# In some situations on Mac OS, Java may falsely complain that it +# isn't installed (JDK-7131356). One workaround is to use +# libjli.dylib instead of libjvm.dylib: +# JAVA_PLUGIN_JVM = /Library/Java/JavaVirtualMachines/jdk1.7.0_51.jdk/Contents/Home/jre/lib/jli/libjli.dylib # Parameter JAVA_PLUGIN_CLASSPATH @@ -6399,29 +6433,34 @@ # # The warning classes affected by this parameter are: # +# - Addition Overflow of Allocation Size +# - Addition Overflow of Size # - Command Injection # - Format String Injection +# - Hardcoded Authentication +# - Hardcoded Crypto Key +# - Hardcoded Crypto Salt # - LDAP Injection # - Library Injection +# - Multiplication Overflow of Allocation Size +# - Multiplication Overflow of Size +# - Plaintext Storage of Password +# - Potential Timebomb # - SQL Injection -# - Tainted Network Address +# - Subtraction Underflow of Allocation Size +# - Subtraction Underflow of Size +# - Tainted Allocation Size +# - Tainted Buffer Access # - Tainted Configuration Setting # - Tainted Filename -# - Tainted Allocation Size +# - Tainted Network Address # - Tainted Write -# - Untrusted Network Host +# - Truncation of Allocation Size +# - Truncation of Size # - Untrusted Library Load +# - Untrusted Network Host # - Untrusted Network Port -# - Untrusted Process Creation -# - Tainted Buffer Access -# - Multiplication Overflow of Allocation Size -# - Multiplication Overflow of Size -# - Subtraction Underflow of Allocation Size -# - Subtraction Underflow of Size -# - Addition Overflow of Allocation Size -# - Addition Overflow of Size -# - Truncation of Allocation Size -# - Truncation of Size. +# - Untrusted Process Creation. TIME_LIMIT_TAINT_REFINE = 60 @@ -7612,6 +7651,9 @@ # - TIME_LIMIT: Analysis Time Limits # # - WC_LANG.MEM.TBA: Used by Tainted Buffer Access +# - WC_ALLOC.SIZE.ADDOFLOW: Used by Addition Overflow of Allocation +# Size +# - WC_MISC.MEM.SIZE.ADDOFLOW: Used by Addition Overflow of Size # - WC_ALLOC.SIZE.MULOFLOW: Used by Multiplication Overflow of # Allocation Size # - WC_MISC.MEM.SIZE.MULOFLOW: Used by Multiplication Overflow of @@ -7620,9 +7662,6 @@ # Allocation Size # - WC_MISC.MEM.SIZE.SUBUFLOW: Used by Subtraction Underflow of # Size -# - WC_ALLOC.SIZE.ADDOFLOW: Used by Addition Overflow of Allocation -# Size -# - WC_MISC.MEM.SIZE.ADDOFLOW: Used by Addition Overflow of Size # - WC_ALLOC.SIZE.TRUNC: Used by Truncation of Allocation Size # - WC_MISC.MEM.SIZE.TRUNC: Used by Truncation of Size # @@ -7634,12 +7673,12 @@ # classes. # # - Tainted Buffer Access +# - Addition Overflow of Allocation Size +# - Addition Overflow of Size # - Multiplication Overflow of Allocation Size # - Multiplication Overflow of Size # - Subtraction Underflow of Allocation Size # - Subtraction Underflow of Size -# - Addition Overflow of Allocation Size -# - Addition Overflow of Size # - Truncation of Allocation Size # - Truncation of Size. # @@ -7681,6 +7720,9 @@ # - WARNING_TUNING: Fine Tuning for Warnings # # - WC_LANG.MEM.TBA: Used by Tainted Buffer Access +# - WC_ALLOC.SIZE.ADDOFLOW: Used by Addition Overflow of Allocation +# Size +# - WC_MISC.MEM.SIZE.ADDOFLOW: Used by Addition Overflow of Size # - WC_ALLOC.SIZE.MULOFLOW: Used by Multiplication Overflow of # Allocation Size # - WC_MISC.MEM.SIZE.MULOFLOW: Used by Multiplication Overflow of @@ -7689,9 +7731,6 @@ # Allocation Size # - WC_MISC.MEM.SIZE.SUBUFLOW: Used by Subtraction Underflow of # Size -# - WC_ALLOC.SIZE.ADDOFLOW: Used by Addition Overflow of Allocation -# Size -# - WC_MISC.MEM.SIZE.ADDOFLOW: Used by Addition Overflow of Size # - WC_ALLOC.SIZE.TRUNC: Used by Truncation of Allocation Size # - WC_MISC.MEM.SIZE.TRUNC: Used by Truncation of Size # @@ -7721,6 +7760,9 @@ # - WARNING_TUNING: Fine Tuning for Warnings # # - WC_LANG.MEM.TBA: Used by Tainted Buffer Access +# - WC_ALLOC.SIZE.ADDOFLOW: Used by Addition Overflow of Allocation +# Size +# - WC_MISC.MEM.SIZE.ADDOFLOW: Used by Addition Overflow of Size # - WC_ALLOC.SIZE.MULOFLOW: Used by Multiplication Overflow of # Allocation Size # - WC_MISC.MEM.SIZE.MULOFLOW: Used by Multiplication Overflow of @@ -7729,9 +7771,6 @@ # Allocation Size # - WC_MISC.MEM.SIZE.SUBUFLOW: Used by Subtraction Underflow of # Size -# - WC_ALLOC.SIZE.ADDOFLOW: Used by Addition Overflow of Allocation -# Size -# - WC_MISC.MEM.SIZE.ADDOFLOW: Used by Addition Overflow of Size # - WC_ALLOC.SIZE.TRUNC: Used by Truncation of Allocation Size # - WC_MISC.MEM.SIZE.TRUNC: Used by Truncation of Size # @@ -9371,15 +9410,25 @@ # { Yes, No } # # Behavior -# - Yes : any attempt to convert a floating point to an integer -# will result in an adversarial value. -# - No : CodeSonar treats floating point values as unknown but not -# adversarial. -# -# Notes +# - Yes : all floating point values will be treated as unknown and +# adversarial, even constants. +# - No : CodeSonar will reason about floating point values. +# +# Notes +# Do not set to Yes if any floating point warning classes (Float +# Division By Zero plus any class with a mnemonic of the form +# MATH.* [doc/html/WarningClasses/MnemonicHierarchy.html#MATH]) are +# enabled: it will cause a large number of false positive warnings +# with those classes. +# +# For example, a Float Division By Zero warning will be issued for +# the following when FLOAT_IS_ADVERSARIAL=Yes because the +# denominator is treated as adversarial even though it is a +# constant. +# float c = 5.0 / 2.0 # # The following test case will produce two Buffer Overrun warnings -# if this preference is set to "Yes". +# when FLOAT_IS_ADVERSARIAL=Yes. # char A[10]; # double d = 11.0; # A[d] = 0; @@ -9568,7 +9617,6 @@ # - =~ (regular expression match against a Boost 'POSIX Extended # Regular Expression' # [http://www.boost.org/doc/libs/1_63_0/libs/regex/doc/html/boost_regex/syntax/basic_extended.html]) - # # Behavior # Depends on the : @@ -9657,7 +9705,10 @@ # - start with characters matching: [a-zA-Z] # - only contain characters matching: [a-zA-Z][0-9] _- # - have string length <= 15 characters -# - be unique (in combination with a granularity). +# - be unique, in combination with . (This allows you +# to use the same tag for a conceptually similar metric across +# multiple granularities, while preventing duplicate tags within +# a single granularity.) # - not match any function name in the expression grammar # # is the quoted description for the new @@ -9734,30 +9785,15 @@ # N2, D, I, T, E, N, L, V), set # BUILD_OPTIONS += -retain-unnormalized-c-ast yes # -# The following are some examples defining file-granularity -# versions of the Halstead and McCabe metrics. -# METRIC_DERIVED_DEF += "vG", "Cyclomatic Complexity", FILE, sum("vG[PROCEDURE]") -# METRIC_DERIVED_DEF += "ivG", "Module Design Complexity", FILE, sum("ivG[PROCEDURE]") -# METRIC_DERIVED_DEF += "evG", "Essential Complexity", FILE, sum("evG[PROCEDURE]") -# METRIC_DERIVED_DEF += "n1", "Distinct Operators", FILE, sum("n1[PROCEDURE]") -# METRIC_DERIVED_DEF += "N1", "Total Operators", FILE, sum("N1[PROCEDURE]") -# METRIC_DERIVED_DEF += "n2", "Distinct Operands", FILE, sum("n2[PROCEDURE]") -# METRIC_DERIVED_DEF += "N2", "Total Operands", FILE, sum("N2[PROCEDURE]") -# METRIC_DERIVED_DEF += "D", "Halstead Program Difficulty", FILE, sum("D[PROCEDURE]") -# METRIC_DERIVED_DEF += "I", "Halstead Intelligent Content", FILE, sum("I[PROCEDURE]") -# METRIC_DERIVED_DEF += "T", "Halstead Programming Time", FILE, sum("T[PROCEDURE]") -# METRIC_DERIVED_DEF += "E", "Halstead Programming Effort", FILE, sum("E[PROCEDURE]") -# METRIC_DERIVED_DEF += "N", "Halstead Program Length", FILE, sum("N[PROCEDURE]") -# METRIC_DERIVED_DEF += "L", "Halstead Program Level", FILE, sum("L[PROCEDURE]") -# METRIC_DERIVED_DEF += "V", "Halstead Program Volume", FILE, sum("V[PROCEDURE]") -# -# The following are more examples, this time slight variations on -# the basic McCabe metrics. -# METRIC_DERIVED_DEF += "vG-code", "Cyclomatic Density", PROCEDURE, "vG[PROCEDURE]" / "LCode[PROCEDURE]" +# Example 1: Divide LCode by 1000 to get a "kLOC" metric. +# METRIC_DERIVED_DEF += "kLOC", "Lines With Code / 1000", PROCEDURE, "LCode[PROCEDURE]" / 1000) +# METRIC_DERIVED_DEF += "kLOC", "Lines With Code / 1000", FILE, "LCode[FILE]" / 1000) +# +# Example 2: Some slight variations on the basic McCabe metrics. +# METRIC_DERIVED_DEF += "vG-code", "Cyclomatic Density", PROCEDURE, "[PROCEDURE]" / "LCode[PROCEDURE]" # METRIC_DERIVED_DEF += "ivG-vG", "Module Design Density", PROCEDURE, "ivG[PROCEDURE]" / "vG[PROCEDURE]" # METRIC_DERIVED_DEF += "evG-vG", "Essential Density", PROCEDURE, ("evG[PROCEDURE]" - 1) / "vG[PROCEDURE]" -# -## The following define the default derived metrics. + METRIC_DERIVED_DEF += "LCodeOnly", "Code Lines", DIRECTORY, sum("LCodeOnly[FILE]") + sum("LCodeOnly[DIRECTORY]") METRIC_DERIVED_DEF += "LMCC", "Mixed Lines", DIRECTORY, sum("LMCC[FILE]") + sum("LMCC[DIRECTORY]") METRIC_DERIVED_DEF += "LComOnly", "Comment Lines", DIRECTORY, sum("LComOnly[FILE]") + sum("LComOnly[DIRECTORY]") @@ -10338,6 +10374,8 @@ # Tags # - ANALYSIS_FILTER: Analysis-Side Filtering # +# - WC_LANG.ID.NU.LIBFN: Used by Library Function Override +# # Type # string # @@ -10354,7 +10392,20 @@ # in "\"), add whitespace after the "\" before the newline # character. # - +# Checks for the following warning classes will always be excluded +# from files matching any of these paths. +# +# - Library Function Override +# +# WARNING_FILTER discard rules can specify is_sysinclude to match +# warnings whose Listing XML lies entirely within system include +# files as designated by SYSTEM_INCLUDE_FILES. +# +# For example, the factory settings for WARNING_FILTER include the +# following rule: all warnings in C++ code whose Listing XML lies +# entirely within system include files will be discarded. Note that +# this rule does not affect warnings in C code. +# WARNING_FILTER += discard language="C++" is_sysinclude SYSTEM_INCLUDE_PATHS += /codesonar/smel/ SYSTEM_INCLUDE_PATHS += /codesonar/libmodels/ @@ -11449,8 +11500,8 @@ # # Notes # The += operator will actually prepend to this preference (in all -# other cases except EDG_FRONTEND_OPTIONS_PREPEND and -# CFLAGS_PREPEND, the += operator appends). This means that if you +# cases except for other parameters with names of the form +# *_PREPEND, the += operator appends). This means that if you # specify two JAVA_FLAGS_PREPEND+= settings, the options in the # second rule will be prepended to the options in the first # setting. @@ -11523,33 +11574,54 @@ JAVA_ENABLE_PMD = Yes -# Parameter JAVA_ENABLE_THREADSAFE +# Parameter CSHARP_FLAGS_PREPEND # # Purpose -# Specifies whether or not Contemplate ThreadSafe will be run by -# default during Java analyses. -# +# Modify the set of options being passed to the C# build/analysis +# [doc/html/Csharp_Module/Building/Building.html]. # # Tags # - BUILD_BEHAVIOR: Governs the Build/Analysis # # Type -# { Yes, No } +# a list of C# build options +# [doc/html/Csharp_Module/Building/CsharpBuildOptions.html] # # Behavior -# - Yes : ThreadSafe will be run during Java analyses. -# - No : ThreadSafe will not be run during Java analyses, unless -# build option -enable_threadsafe is specified (through -# JAVA_FLAGS_APPEND or JAVA_FLAGS_PREPEND). -# - unspecified : ThreadSafe will not be run during Java analyses, -# unless build option -enable_threadsafe is specified. +# The specified options will be prepended to the set of options +# passed to the Java build/analysis +# [doc/html/Java_Module/Building/Building.html]. # # Notes -# Contemplate ThreadSafe has special licensing requirements. See -# the documentation for details -# [doc/html/WarningClasses/JavaWarningClasses.html#cts_lic]. +# The += operator will actually prepend to this preference (in all +# cases except for other parameters with names of the form +# *_PREPEND, the += operator appends). This means that if you +# specify two CSHARP_FLAGS_PREPEND+= settings, the options in the +# second rule will be prepended to the options in the first +# setting. + +CSHARP_FLAGS_PREPEND += + + +# Parameter CSHARP_FLAGS_APPEND +# +# Purpose +# Modify the set of options being passed to the C# build/analysis +# [doc/html/Csharp_Module/Building/Building.html]. +# +# Tags +# - BUILD_BEHAVIOR: Governs the Build/Analysis +# +# Type +# a list of C# build options +# [doc/html/Csharp_Module/Building/CsharpBuildOptions.html] +# +# Behavior +# The specified options will be appended to the set of options +# passed to the C# build/analysis +# [doc/html/Csharp_Module/Building/Building.html]. -JAVA_ENABLE_THREADSAFE = No +CSHARP_FLAGS_APPEND += # Parameter MAX_POINTER_ANALYSIS_PASSES @@ -11853,7 +11925,8 @@ # the slave is manually shut down. # # Notes -# The Yes setting is almost never needed. +# This is useful for debugging CodeSonar in some cases or CodeSonar +# plugins. UNIT_OF_WORK_ISOLATION = No