--- template7.0p1.conf 2022-08-12 10:18:20.944679900 -0400 +++ template7.1p0.conf 2022-08-12 10:19:28.602543500 -0400 @@ -1,7 +1,7 @@ # For emacs: -*- Shell-script -*- # ###################################################################### -# CodeSonar 7.0p1 Configuration File +# CodeSonar 7.1p0 Configuration File ###################################################################### # # CodeSonar will use preferences defined in this file when running @@ -934,12 +934,6 @@ # files might be interested in the WARNING_FILTER examples for # discard path:, or the SYSTEM_INCLUDE_PATHS setting. # -# For example, -# IGNORED_COMPILATIONS += ^.*foo\.c$ -# specifies that compilations of files whose paths end in "foo.c" -# should be ignored. This includes compilations of "foo.c", -# "/usr/local/foo.c", and "mydir/myfoo.c", but not "foo.cpp". -# # You can specify as many IGNORED_COMPILATIONS entries as you want. # # Note that backslashes used as directory separators need to be @@ -950,6 +944,23 @@ # The forward slashes used as directory separators on other systems # do not require escaping: # IGNORED_COMPILATIONS += bar/foo\.c +# +# Example 1: Ignore compilations of files whose paths end in +# "foo.c". This includes compilations of foo.c, /usr/local/foo.c, +# and mydir/myfoo.c, but not foo.cpp. +# IGNORED_COMPILATIONS += ^.*foo\.c$ +# +# Example 2: Ignore compilations of files located in or under +# directory /usr/local/testdir/. This includes compilations of +# /usr/local/testdir/foo.c and /usr/local/testdir/test1/foo.c. +# IGNORED_COMPILATIONS += ^/usr/local/testdir/ +# +# Example 3: Ignore compilations of files located directly in +# directory /usr/local/testdir/. This includes compilations of +# /usr/local/testdir/foo.c and /usr/local/testdir/foo.cpp but not +# /usr/local/testdir/test1/foo.c. +# IGNORED_COMPILATIONS += ^/usr/local/testdir/[^/]+$ + # Parameter IGNORED_COMPILATION_COMMANDS # @@ -1484,7 +1495,7 @@ # Parameter MANAGED_OBJECTS_IO_KERNEL_BUFFERING # # Purpose -# Specifies whether kernel page bufferring should be enabled for +# Specifies whether kernel page buffering should be enabled for # files that are buffered in userland (according to # MANAGED_OBJECTS_IO_BUFFER_CAPACITY). # @@ -1500,16 +1511,16 @@ # the OS kernel ALSO buffer the data can be wasteful if the file in # question is only being used by one long-running process, since # the userland buffer will obviate the need for the kernel buffer. -# Therefore, it can be desirable to simply disable kernel -# bufferring in order that the OS's file system buffers can be used -# for other purposes. +# Therefore, it can be desirable to simply disable kernel buffering +# in order that the OS's file system buffers can be used for other +# purposes. # # With short lived processes, parallel analysis, or machines with -# large amounts of physical memory, kernel bufferring is often -# beneficial. Kernel bufferring is always enabled for front end +# large amounts of physical memory, kernel buffering is often +# beneficial. Kernel buffering is always enabled for front end # processes since they are short lived. # -# Disabling kernel bufferring can make other processes on the same +# Disabling kernel buffering can make other processes on the same # computer seem more responsive. # MANAGED_OBJECTS_IO_KERNEL_BUFFERING = Yes @@ -1804,8 +1815,8 @@ # Parameter SOURCE_REPLACE_COMMAND # # Purpose -# Specify a text-replacement command to be executed on each source -# file being analyzed (before preprocessing occurs). +# Specifies a text-replacement command to be executed on each +# source file being analyzed (before preprocessing occurs). # # Tags # - PRE_PREPROC: Operations on Un-Preprocessed Files @@ -2343,6 +2354,11 @@ # stderr. With factory settings, analysis processes run in the # background and can continue running after the user has logged # out. +# +# The CodeSonar analysis will not implicitly start a launch daemon +# on behalf of a foreground analysis. For more information, see +# Letting codesonar analyze Start a Launch Daemon Implicitly +# [doc/html/Workings/LaunchDaemon.html#autostart]. ## FOREGROUND = No @@ -3332,7 +3348,10 @@ # # - categories : Categories # - class : Class -# - compilation_unit : Compilation Unit +# - compilation_unit : Compilation Unit - the full path name of the +# top level source file containing the warning point. Use system- +# appropriate path separators; escape special characters +# (including backslashes) if enclosing the path in quotes "". # - file : the basename of Warning File # - is_sysinclude matches warnings for which Listing XML lies # entirely within system include files (as designated by @@ -3406,10 +3425,10 @@ # name. # WARNING_FILTER += discard class:underrun # -# Example 3: Discard all warnings in the compilation unit +# Example 3: Discard all warnings in any compilation unit # [doc/html/Elements/PROPERTIES_File.html#compilation_unit_def] -# associated with mylib.cpp -# WARNING_FILTER += discard compilation_unit=mylib.cpp +# whose top level file has basename mylib.cpp +# WARNING_FILTER += discard compilation_unit:/mylib.cpp # # Example 4: Assign all warnings in file mylib.h to alex. If the # hub has no user called alex, this rule has no effect. @@ -3809,14 +3828,22 @@ # WARNING_FILTER += discard class="toString on Array (Java)" # # (C# warning classes) +# WARNING_FILTER += discard class="'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument (C#)" # WARNING_FILTER += discard class="== Always Fails Because Types Always Different (C#)" # WARNING_FILTER += discard class="Abs on random (C#)" +# WARNING_FILTER += discard class="All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface (C#)" # WARNING_FILTER += discard class="Ambiguous Call from Inner Class (C#)" # WARNING_FILTER += discard class="Anonymous LDAP Authentication (C#)" # WARNING_FILTER += discard class="Approximate e Constant (C#)" # WARNING_FILTER += discard class="Approximate pi Constant (C#)" +# WARNING_FILTER += discard class="Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum (C#)" +# WARNING_FILTER += discard class="Assigning symbol and its member in the same statement (C#)" # WARNING_FILTER += discard class="Assignment in Conditional (C#)" # WARNING_FILTER += discard class="Asymmetric compareTo (C#)" +# WARNING_FILTER += discard class="Avoid 'StringBuilder' parameters for P/Invokes (C#)" +# WARNING_FILTER += discard class="Avoid infinite recursion (C#)" +# WARNING_FILTER += discard class="Avoid using cref tags with a prefix (C#)" +# WARNING_FILTER += discard class="Avoid zero-length array allocations (C#)" # WARNING_FILTER += discard class="Bitwise AND on Boolean (C#)" # WARNING_FILTER += discard class="Bitwise AND on Boolean Constant (C#)" # WARNING_FILTER += discard class="Bitwise OR on Boolean (C#)" @@ -3824,6 +3851,7 @@ # WARNING_FILTER += discard class="Blocking in Critical Section (C#)" # WARNING_FILTER += discard class="Broad Throws Clause (C#)" # WARNING_FILTER += discard class="Call Might Return Null (C#)" +# WARNING_FILTER += discard class="CancellationToken parameters must come last (C#)" # WARNING_FILTER += discard class="Cast: Integer to Floating Point (C#)" # WARNING_FILTER += discard class="Cast: int Computation to long (C#)" # WARNING_FILTER += discard class="Class Enables Debug Features (C#)" @@ -3832,6 +3860,8 @@ # WARNING_FILTER += discard class="Code Injection (C#)" # WARNING_FILTER += discard class="Command Injection (C#)" # WARNING_FILTER += discard class="Comparison to Empty String (C#)" +# WARNING_FILTER += discard class="Consider using 'StringBuilder.Append(char)' when applicable (C#)" +# WARNING_FILTER += discard class="Consider using 'string.Contains' instead of 'string.IndexOf' (C#)" # WARNING_FILTER += discard class="Cross Site Scripting (C#)" # WARNING_FILTER += discard class="Cryptographic Algorithm with Risky Default Cipher (C#)" # WARNING_FILTER += discard class="Cryptographic Algorithm with Weak Cipher (C#)" @@ -3840,24 +3870,73 @@ # WARNING_FILTER += discard class="DOS Injection (C#)" # WARNING_FILTER += discard class="Debug Call (C#)" # WARNING_FILTER += discard class="Debug Warning (C#)" +# WARNING_FILTER += discard class="Declare types in namespaces (C#)" # WARNING_FILTER += discard class="Defines equals but not hashCode (C#)" # WARNING_FILTER += discard class="Defines hashCode but not equals (C#)" # WARNING_FILTER += discard class="Deprecated Cryptography Provider (C#)" +# WARNING_FILTER += discard class="Dispose methods should call SuppressFinalize (C#)" +# WARNING_FILTER += discard class="Dispose methods should call base class dispose (C#)" +# WARNING_FILTER += discard class="Do Not Add Schema By URL (C#)" +# WARNING_FILTER += discard class="Do Not Call Dangerous Methods In Deserialization (C#)" +# WARNING_FILTER += discard class="Do Not Disable Certificate Validation (C#)" +# WARNING_FILTER += discard class="Do Not Disable HTTP Header Checking (C#)" +# WARNING_FILTER += discard class="Do Not Disable Request Validation (C#)" +# WARNING_FILTER += discard class="Do Not Use Broken Cryptographic Algorithms (C#)" +# WARNING_FILTER += discard class="Do Not Use Deprecated Security Protocols (C#)" +# WARNING_FILTER += discard class="Do Not Use Digital Signature Algorithm (DSA) (C#)" +# WARNING_FILTER += discard class="Do Not Use Weak Cryptographic Algorithms (C#)" +# WARNING_FILTER += discard class="Do Not Use XslTransform (C#)" +# WARNING_FILTER += discard class="Do not assign a property to itself (C#)" +# WARNING_FILTER += discard class="Do not call ToImmutableCollection on an ImmutableCollection value (C#)" +# WARNING_FILTER += discard class="Do not declare event fields as virtual (C#)" +# WARNING_FILTER += discard class="Do not declare protected member in sealed type (C#)" +# WARNING_FILTER += discard class="Do not declare static members on generic types (C#)" +# WARNING_FILTER += discard class="Do not declare visible instance fields (C#)" +# WARNING_FILTER += discard class="Do not define finalizers for types derived from MemoryManager (C#)" +# WARNING_FILTER += discard class="Do not duplicate indexed element initializations (C#)" +# WARNING_FILTER += discard class="Do not hide base class methods (C#)" +# WARNING_FILTER += discard class="Do not ignore method results (C#)" +# WARNING_FILTER += discard class="Do not initialize unnecessarily (C#)" +# WARNING_FILTER += discard class="Do not prefix enum values with type name (C#)" +# WARNING_FILTER += discard class="Do not raise exceptions in finally clauses (C#)" +# WARNING_FILTER += discard class="Do not raise reserved exception types (C#)" +# WARNING_FILTER += discard class="Do not use 'OutAttribute' on string parameters for P/Invokes (C#)" +# WARNING_FILTER += discard class="Do not use 'WaitAll' with a single task (C#)" +# WARNING_FILTER += discard class="Do not use 'WhenAll' with a single task (C#)" +# WARNING_FILTER += discard class="Do not use Count() or LongCount() when Any() can be used (C#)" +# WARNING_FILTER += discard class="Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used (C#)" +# WARNING_FILTER += discard class="Do not use Enumerable methods on indexable collections (C#)" +# WARNING_FILTER += discard class="Do not use ReferenceEquals with value types (C#)" +# WARNING_FILTER += discard class="Do not use deprecated SslProtocols values (C#)" +# WARNING_FILTER += discard class="Do not use obsolete key derivation function (C#)" +# WARNING_FILTER += discard class="Do not use stackalloc in loops (C#)" # WARNING_FILTER += discard class="Double-Checked Locking (C#)" # WARNING_FILTER += discard class="Empty Branch Statement (C#)" # WARNING_FILTER += discard class="Empty Exception Handler (C#)" # WARNING_FILTER += discard class="Empty zip File Archived (C#)" +# WARNING_FILTER += discard class="Ensure Key Derivation Function algorithm is sufficiently strong (C#)" +# WARNING_FILTER += discard class="Enums values should not be duplicated (C#)" # WARNING_FILTER += discard class="Exception Information Disclosure (C#)" # WARNING_FILTER += discard class="Field Never Read (C#)" # WARNING_FILTER += discard class="Field Never Written (C#)" # WARNING_FILTER += discard class="Floating Point Equality (C#)" +# WARNING_FILTER += discard class="Forward the 'CancellationToken' parameter to methods (C#)" # WARNING_FILTER += discard class="Generic Exception Handler (C#)" +# WARNING_FILTER += discard class="Generic interface should also be implemented (C#)" # WARNING_FILTER += discard class="Hardcoded Filename (C#)" # WARNING_FILTER += discard class="Hardcoded Password (C#)" # WARNING_FILTER += discard class="Hardcoded Random Seed (C#)" # WARNING_FILTER += discard class="Hostname in Condition (C#)" +# WARNING_FILTER += discard class="Identifier contains type name (C#)" +# WARNING_FILTER += discard class="Identifiers should differ by more than case (C#)" +# WARNING_FILTER += discard class="Identifiers should have correct prefix (C#)" +# WARNING_FILTER += discard class="Identifiers should have correct suffix (C#)" +# WARNING_FILTER += discard class="Identifiers should not contain underscores (C#)" +# WARNING_FILTER += discard class="Identifiers should not have incorrect suffix (C#)" +# WARNING_FILTER += discard class="Identifiers should not match keywords (C#)" # WARNING_FILTER += discard class="Ignored Return Value (C#)" # WARNING_FILTER += discard class="Ignored Return Value for Pure Function (C#)" +# WARNING_FILTER += discard class="Implement serialization constructors (C#)" # WARNING_FILTER += discard class="Impossible Client Side Locking (C#)" # WARNING_FILTER += discard class="Impossible reference comparison (C#)" # WARNING_FILTER += discard class="Inappropriate Exception Handler (C#)" @@ -3865,12 +3944,22 @@ # WARNING_FILTER += discard class="Inefficient Bitwise AND (C#)" # WARNING_FILTER += discard class="Inefficient Bitwise OR (C#)" # WARNING_FILTER += discard class="Insecure Cookie (C#)" +# WARNING_FILTER += discard class="Insecure DTD processing in XML (C#)" # WARNING_FILTER += discard class="Insecure Key Derivation (C#)" +# WARNING_FILTER += discard class="Insecure Processing in API Design, XmlDocument and XmlTextReader (C#)" # WARNING_FILTER += discard class="Insecure Random Number Generator (C#)" # WARNING_FILTER += discard class="Insecure XSLT Execution (C#)" +# WARNING_FILTER += discard class="Insecure XSLT script processing. (C#)" # WARNING_FILTER += discard class="Instanceof Always False (C#)" # WARNING_FILTER += discard class="Instanceof Always True (C#)" +# WARNING_FILTER += discard class="Instantiate argument exceptions correctly (C#)" # WARNING_FILTER += discard class="Legacy Random Generator (C#)" +# WARNING_FILTER += discard class="Mark Verb Handlers With Validate Antiforgery Token (C#)" +# WARNING_FILTER += discard class="Mark assemblies with NeutralResourcesLanguageAttribute (C#)" +# WARNING_FILTER += discard class="Mark assemblies with assembly version (C#)" +# WARNING_FILTER += discard class="Mark attributes with AttributeUsageAttribute (C#)" +# WARNING_FILTER += discard class="Mark members as static (C#)" +# WARNING_FILTER += discard class="Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' (C#)" # WARNING_FILTER += discard class="Method Enables Debug Features (C#)" # WARNING_FILTER += discard class="Method Names Differ Only in Case (C#)" # WARNING_FILTER += discard class="Method Should Not Return null (C#)" @@ -3878,22 +3967,43 @@ # WARNING_FILTER += discard class="Missing Call to super (C#)" # WARNING_FILTER += discard class="Missing Equals Override (C#)" # WARNING_FILTER += discard class="Mutable Enumeration (C#)" +# WARNING_FILTER += discard class="Named placeholders should not be numeric values (C#)" # WARNING_FILTER += discard class="Non-Object compareTo Parameter (C#)" +# WARNING_FILTER += discard class="Non-constant fields should not be visible (C#)" # WARNING_FILTER += discard class="Non-overriding Method Signature (C#)" # WARNING_FILTER += discard class="Nonserializable Field (C#)" # WARNING_FILTER += discard class="Nonserializable Field Element (C#)" # WARNING_FILTER += discard class="Nonserializable Outer Class (C#)" # WARNING_FILTER += discard class="Null Parameter Dereference (C#)" # WARNING_FILTER += discard class="Null Pointer Dereference (C#)" +# WARNING_FILTER += discard class="Overload operator equals on overriding value type Equals (C#)" +# WARNING_FILTER += discard class="Override Object.Equals(object) when implementing IEquatable (C#)" +# WARNING_FILTER += discard class="Override methods on comparable types (C#)" +# WARNING_FILTER += discard class="P/Invokes should not be visible (C#)" +# WARNING_FILTER += discard class="Parameter count mismatch (C#)" +# WARNING_FILTER += discard class="Parameter names should match base declaration (C#)" # WARNING_FILTER += discard class="Password in Property File (C#)" # WARNING_FILTER += discard class="Possible XML External Entity Reference (C#)" # WARNING_FILTER += discard class="Potential Infinite Recursion (C#)" +# WARNING_FILTER += discard class="Prefer 'AsSpan' over 'Substring' (C#)" +# WARNING_FILTER += discard class="Prefer Dictionary.Contains methods (C#)" +# WARNING_FILTER += discard class="Prefer IsEmpty over Count (C#)" +# WARNING_FILTER += discard class="Prefer strongly-typed Append and Insert method overloads on StringBuilder (C#)" +# WARNING_FILTER += discard class="Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' (C#)" +# WARNING_FILTER += discard class="Provide ObsoleteAttribute message (C#)" +# WARNING_FILTER += discard class="Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' (C#)" +# WARNING_FILTER += discard class="Provide correct 'enum' argument to 'Enum.HasFlag' (C#)" +# WARNING_FILTER += discard class="Provide correct arguments to formatting methods (C#)" +# WARNING_FILTER += discard class="Provide memory-based overrides of async methods when subclassing 'Stream' (C#)" +# WARNING_FILTER += discard class="Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported (C#)" # WARNING_FILTER += discard class="Redundant Call for Integral Argument (C#)" # WARNING_FILTER += discard class="Redundant Call for String Argument (C#)" # WARNING_FILTER += discard class="Redundant Condition (C#)" # WARNING_FILTER += discard class="Reflection Bypasses Member Accessibility (C#)" # WARNING_FILTER += discard class="Reflection Injection (C#)" # WARNING_FILTER += discard class="Reflection Modifies Member Accessibility (C#)" +# WARNING_FILTER += discard class="Remove empty Finalizers (C#)" +# WARNING_FILTER += discard class="Rethrow to preserve stack details (C#)" # WARNING_FILTER += discard class="Return null Array (C#)" # WARNING_FILTER += discard class="Risky Cipher Algorithm (C#)" # WARNING_FILTER += discard class="Risky Cipher Field (C#)" @@ -3902,10 +4012,15 @@ # WARNING_FILTER += discard class="Risky Cryptographic Field (C#)" # WARNING_FILTER += discard class="Risky array store (C#)" # WARNING_FILTER += discard class="SQL Injection (C#)" +# WARNING_FILTER += discard class="Set ViewStateUserKey For Classes Derived From Page (C#)" # WARNING_FILTER += discard class="Shadowed Identifier (C#)" # WARNING_FILTER += discard class="Should Use == Instead of equals() (C#)" # WARNING_FILTER += discard class="Should Use equals() Instead of == (C#)" # WARNING_FILTER += discard class="Single-use Random Number Generator (C#)" +# WARNING_FILTER += discard class="Specify CultureInfo (C#)" +# WARNING_FILTER += discard class="Specify IFormatProvider (C#)" +# WARNING_FILTER += discard class="Specify StringComparison for correctness (C#)" +# WARNING_FILTER += discard class="Specify marshaling for P/Invoke string arguments (C#)" # WARNING_FILTER += discard class="Static Field Assigned Non-Static (C#)" # WARNING_FILTER += discard class="Synchronization on Interned String (C#)" # WARNING_FILTER += discard class="Synchronization on static (C#)" @@ -3929,6 +4044,11 @@ # WARNING_FILTER += discard class="Tainted XAML (C#)" # WARNING_FILTER += discard class="Tainted XML (C#)" # WARNING_FILTER += discard class="Tainted Xpath (C#)" +# WARNING_FILTER += discard class="Template should be a static expression (C#)" +# WARNING_FILTER += discard class="Test for NaN correctly (C#)" +# WARNING_FILTER += discard class="The 'ModuleInitializer' attribute should not be used in libraries (C#)" +# WARNING_FILTER += discard class="This API requires opting into preview features (C#)" +# WARNING_FILTER += discard class="Types that own disposable fields should be disposable (C#)" # WARNING_FILTER += discard class="Unchecked Parameter Dereference (C#)" # WARNING_FILTER += discard class="Unnecessary Field (C#)" # WARNING_FILTER += discard class="Unreachable Instruction (C#)" @@ -3939,11 +4059,35 @@ # WARNING_FILTER += discard class="Unused Value: Actual Parameter (C#)" # WARNING_FILTER += discard class="Unused Value: Variable (C#)" # WARNING_FILTER += discard class="Unused Value: Write to Parameter (C#)" +# WARNING_FILTER += discard class="Use 'Environment.CurrentManagedThreadId' (C#)" +# WARNING_FILTER += discard class="Use 'Environment.ProcessId' (C#)" +# WARNING_FILTER += discard class="Use 'Environment.ProcessPath' (C#)" +# WARNING_FILTER += discard class="Use 'ThrowIfCancellationRequested' (C#)" +# WARNING_FILTER += discard class="Use 'string.Equals' (C#)" +# WARNING_FILTER += discard class="Use AsSpan or AsMemory instead of Range-based indexers (C#)" +# WARNING_FILTER += discard class="Use AsSpan or AsMemory instead of Range-based indexers for getting Span of an array (C#)" +# WARNING_FILTER += discard class="Use AsSpan or AsMemory instead of Range-based indexers when appropriate (C#)" +# WARNING_FILTER += discard class="Use Length/Count property instead of Count() when available (C#)" +# WARNING_FILTER += discard class="Use PascalCase for named placeholders (C#)" +# WARNING_FILTER += discard class="Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size (C#)" +# WARNING_FILTER += discard class="Use ValueTasks correctly (C#)" +# WARNING_FILTER += discard class="Use XmlReader for 'DataSet.ReadXml()' (C#)" +# WARNING_FILTER += discard class="Use XmlReader for 'XmlSchema.Read()' (C#)" +# WARNING_FILTER += discard class="Use XmlReader for 'XmlSerializer.Deserialize()' (C#)" +# WARNING_FILTER += discard class="Use XmlReader for XPathDocument constructor (C#)" +# WARNING_FILTER += discard class="Use XmlReader for XmlValidatingReader constructor (C#)" +# WARNING_FILTER += discard class="Use char literal for a single character lookup (C#)" +# WARNING_FILTER += discard class="Use nameof to express symbol names (C#)" +# WARNING_FILTER += discard class="Use ordinal string comparison (C#)" +# WARNING_FILTER += discard class="Use span-based 'string.Concat' (C#)" +# WARNING_FILTER += discard class="Use the LoggerMessage delegates (C#)" +# WARNING_FILTER += discard class="Use valid platform string (C#)" # WARNING_FILTER += discard class="Useless Assignment (C#)" # WARNING_FILTER += discard class="Useless Assignment to Default (C#)" # WARNING_FILTER += discard class="Useless Class Cast (C#)" # WARNING_FILTER += discard class="Useless Synchronization (C#)" # WARNING_FILTER += discard class="Useless volatile Modifier (C#)" +# WARNING_FILTER += discard class="Validate platform compatibility (C#)" # WARNING_FILTER += discard class="Weak Cryptographic Value (C#)" # WARNING_FILTER += discard class="Weak Hash Algorithm (C#)" # WARNING_FILTER += discard class="Weak Hash Algorithm Field (C#)" @@ -4099,6 +4243,7 @@ # WARNING_FILTER += allow class="Missing for-loop Step" # WARNING_FILTER += allow class="Missing for-loop Termination" # WARNING_FILTER += allow class="Mixed Assembly and Code" +# WARNING_FILTER += allow class="Modification of Standard Namespaces" # WARNING_FILTER += allow class="Modified Parameter" # WARNING_FILTER += allow class="Multiple Abnormal Loop Exits" # WARNING_FILTER += allow class="Multiple Accesses of Atomic" @@ -4244,6 +4389,7 @@ # WARNING_FILTER += allow class="Use of atol" # WARNING_FILTER += allow class="Use of atoll" # WARNING_FILTER += allow class="Use of bsearch" +# WARNING_FILTER += allow class="Use of catch" # WARNING_FILTER += allow class="Use of catopen" # WARNING_FILTER += allow class="Use of chroot" # WARNING_FILTER += allow class="Use of cuserid" @@ -4290,6 +4436,7 @@ # WARNING_FILTER += allow class="Use of syslog" # WARNING_FILTER += allow class="Use of system" # WARNING_FILTER += allow class="Use of t_open" +# WARNING_FILTER += allow class="Use of throw" # WARNING_FILTER += allow class="Use of ttyname" # WARNING_FILTER += allow class="Use of vfork" # WARNING_FILTER += allow class="Using Declaration in Header File" @@ -4350,45 +4497,180 @@ # WARNING_FILTER += allow class="null Passed to Method (deep) (Java)" # # (C# warning classes) +# WARNING_FILTER += allow class="Abstract types should not have public constructors (C#)" # WARNING_FILTER += allow class="Actual Parameter Element may be null (C#)" +# WARNING_FILTER += allow class="Attribute string literals should parse correctly (C#)" +# WARNING_FILTER += allow class="Avoid dead conditional code (C#)" +# WARNING_FILTER += allow class="Avoid empty interfaces (C#)" +# WARNING_FILTER += allow class="Avoid excessive class coupling (C#)" +# WARNING_FILTER += allow class="Avoid excessive complexity (C#)" +# WARNING_FILTER += allow class="Avoid excessive inheritance (C#)" +# WARNING_FILTER += allow class="Avoid excessive parameters on generic types (C#)" +# WARNING_FILTER += allow class="Avoid hardcoded SslProtocols values (C#)" +# WARNING_FILTER += allow class="Avoid hardcoding SecurityProtocolType value (C#)" +# WARNING_FILTER += allow class="Avoid out parameters (C#)" +# WARNING_FILTER += allow class="Avoid uninstantiated internal classes (C#)" +# WARNING_FILTER += allow class="Avoid unmaintainable code (C#)" +# WARNING_FILTER += allow class="Avoid unsealed attributes (C#)" +# WARNING_FILTER += allow class="Avoid unused private fields (C#)" +# WARNING_FILTER += allow class="Call async methods when in an async method (C#)" # WARNING_FILTER += allow class="Certificate Added to Root Store (C#)" +# WARNING_FILTER += allow class="Collection properties should be read only (C#)" +# WARNING_FILTER += allow class="Consider calling ConfigureAwait on the awaited task (C#)" +# WARNING_FILTER += allow class="Define accessors for attribute arguments (C#)" # WARNING_FILTER += allow class="Deprecated Transfer Protocol (C#)" # WARNING_FILTER += allow class="Deserializable Class (C#)" -# WARNING_FILTER += allow class="Deserializing Non-Serializable Class (C#)" # WARNING_FILTER += allow class="Disabled Input Validation (C#)" -# WARNING_FILTER += allow class="Empty jar File Archived (C#)" +# WARNING_FILTER += allow class="Disposable fields should be disposed (C#)" +# WARNING_FILTER += allow class="Disposable types should declare finalizer (C#)" +# WARNING_FILTER += allow class="Dispose objects before losing scope (C#)" +# WARNING_FILTER += allow class="Do Not Add Archive Item's Path To The Target File System Path (C#)" +# WARNING_FILTER += allow class="Do Not Add Certificates To Root Store (C#)" +# WARNING_FILTER += allow class="Do Not Catch Corrupted State Exceptions (C#)" +# WARNING_FILTER += allow class="Do Not Disable SChannel Use of Strong Crypto (C#)" +# WARNING_FILTER += allow class="Do Not Serialize Types With Pointer Fields (C#)" +# WARNING_FILTER += allow class="Do Not Use Account Shared Access Signature (C#)" +# WARNING_FILTER += allow class="Do Not Use Weak Key Derivation Function With Insufficient Iteration Count (C#)" +# WARNING_FILTER += allow class="Do not always skip token validation in delegates (C#)" +# WARNING_FILTER += allow class="Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder (C#)" +# WARNING_FILTER += allow class="Do not call overridable methods in constructors (C#)" +# WARNING_FILTER += allow class="Do not catch general exception types (C#)" +# WARNING_FILTER += allow class="Do not create tasks without passing a TaskScheduler (C#)" +# WARNING_FILTER += allow class="Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver (C#)" +# WARNING_FILTER += allow class="Do not deserialize with JsonSerializer using an insecure configuration (C#)" +# WARNING_FILTER += allow class="Do not deserialize without first setting NetDataContractSerializer.Binder (C#)" +# WARNING_FILTER += allow class="Do not disable ServicePointManagerSecurityProtocols (C#)" +# WARNING_FILTER += allow class="Do not disable token validation checks (C#)" +# WARNING_FILTER += allow class="Do not expose generic lists (C#)" +# WARNING_FILTER += allow class="Do not hard-code certificate (C#)" +# WARNING_FILTER += allow class="Do not hard-code encryption key (C#)" +# WARNING_FILTER += allow class="Do not lock on objects with weak identity (C#)" +# WARNING_FILTER += allow class="Do not mark enums with FlagsAttribute (C#)" +# WARNING_FILTER += allow class="Do not name enum values 'Reserved' (C#)" +# WARNING_FILTER += allow class="Do not overload equality operator on reference types (C#)" +# WARNING_FILTER += allow class="Do not pass literals as localized parameters (C#)" +# WARNING_FILTER += allow class="Do not pass types by reference (C#)" +# WARNING_FILTER += allow class="Do not raise exceptions in unexpected locations (C#)" +# WARNING_FILTER += allow class="Do not use CreateEncryptor with non-default IV (C#)" +# WARNING_FILTER += allow class="Do not use DataSet.ReadXml() with untrusted data (C#)" +# WARNING_FILTER += allow class="Do not use DataTable.ReadXml() with untrusted data (C#)" +# WARNING_FILTER += allow class="Do not use TypeNameHandling values other than None (C#)" +# WARNING_FILTER += allow class="Do not use insecure JsonSerializerSettings (C#)" +# WARNING_FILTER += allow class="Do not use insecure deserializer BinaryFormatter (C#)" +# WARNING_FILTER += allow class="Do not use insecure deserializer LosFormatter (C#)" +# WARNING_FILTER += allow class="Do not use insecure deserializer NetDataContractSerializer (C#)" +# WARNING_FILTER += allow class="Do not use insecure deserializer ObjectStateFormatter (C#)" +# WARNING_FILTER += allow class="Do not use insecure randomness (C#)" +# WARNING_FILTER += allow class="Do not use unsafe DllImportSearchPath value (C#)" +# WARNING_FILTER += allow class="Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize (C#)" +# WARNING_FILTER += allow class="Ensure Certificates Are Not Added To Root Store (C#)" +# WARNING_FILTER += allow class="Ensure HttpClient certificate revocation list check is not disabled (C#)" +# WARNING_FILTER += allow class="Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing (C#)" +# WARNING_FILTER += allow class="Ensure NetDataContractSerializer.Binder is set before deserializing (C#)" +# WARNING_FILTER += allow class="Ensure Sufficient Iteration Count When Using Weak Key Derivation Function (C#)" +# WARNING_FILTER += allow class="Ensure Use Secure Cookies In ASP.NET Core (C#)" +# WARNING_FILTER += allow class="Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data (C#)" +# WARNING_FILTER += allow class="Ensure that JsonSerializer has a secure configuration when deserializing (C#)" +# WARNING_FILTER += allow class="Ensure that JsonSerializerSettings are secure (C#)" +# WARNING_FILTER += allow class="Enum Storage should be Int32 (C#)" +# WARNING_FILTER += allow class="Enums should have zero value (C#)" +# WARNING_FILTER += allow class="Events should not have 'Before' or 'After' prefix (C#)" +# WARNING_FILTER += allow class="Exceptions should be public (C#)" # WARNING_FILTER += allow class="Field Element may be null (deep) (C#)" # WARNING_FILTER += allow class="Field Too Visible (C#)" # WARNING_FILTER += allow class="Field may be null (deep) (C#)" # WARNING_FILTER += allow class="Hardcoded IP Address (C#)" +# WARNING_FILTER += allow class="HttpClients should enable certificate revocation list checks (C#)" +# WARNING_FILTER += allow class="Implement IDisposable Correctly (C#)" +# WARNING_FILTER += allow class="Implement IEquatable when overriding Object.Equals (C#)" +# WARNING_FILTER += allow class="Implement standard exception constructors (C#)" # WARNING_FILTER += allow class="Inadequate Salt (C#)" -# WARNING_FILTER += allow class="Lambda Parameter may be null (C#)" +# WARNING_FILTER += allow class="Initialize reference type static fields inline (C#)" +# WARNING_FILTER += allow class="Initialize value type static fields inline (C#)" +# WARNING_FILTER += allow class="Interface methods should be callable by child types (C#)" +# WARNING_FILTER += allow class="Invalid entry in code metrics rule specification file (C#)" +# WARNING_FILTER += allow class="Mark ISerializable types with serializable (C#)" +# WARNING_FILTER += allow class="Mark all non-serializable fields (C#)" +# WARNING_FILTER += allow class="Mark assemblies with CLSCompliant (C#)" +# WARNING_FILTER += allow class="Mark assemblies with ComVisible (C#)" +# WARNING_FILTER += allow class="Mark enums with FlagsAttribute (C#)" # WARNING_FILTER += allow class="Method Disables Security Setting (C#)" # WARNING_FILTER += allow class="Method Should be final (C#)" # WARNING_FILTER += allow class="Method Should be private (C#)" -# WARNING_FILTER += allow class="Missing Serial Version Field (C#)" +# WARNING_FILTER += allow class="Miss HttpVerb attribute for action methods (C#)" # WARNING_FILTER += allow class="Missing synchronized Statement (C#)" +# WARNING_FILTER += allow class="Move pinvokes to native methods class (C#)" # WARNING_FILTER += allow class="Mutable Constant Field (C#)" # WARNING_FILTER += allow class="Naming Style Violation (C#)" +# WARNING_FILTER += allow class="Nested types should not be visible (C#)" +# WARNING_FILTER += allow class="Normalize strings to uppercase (C#)" # WARNING_FILTER += allow class="Null Pointer Dereference (deep) (C#)" +# WARNING_FILTER += allow class="Operator overloads have named alternates (C#)" +# WARNING_FILTER += allow class="Operators should have symmetrical overloads (C#)" +# WARNING_FILTER += allow class="Override equals and operator equals on value types (C#)" +# WARNING_FILTER += allow class="Pass system uri objects instead of strings (C#)" +# WARNING_FILTER += allow class="Potential reference cycle in deserialized object graph (C#)" +# WARNING_FILTER += allow class="Prefer jagged arrays over multidimensional (C#)" +# WARNING_FILTER += allow class="Properties should not be write only (C#)" +# WARNING_FILTER += allow class="Properties should not return arrays (C#)" +# WARNING_FILTER += allow class="Property names should not match get methods (C#)" # WARNING_FILTER += allow class="Return Value may Contain null Element (C#)" # WARNING_FILTER += allow class="Return Value may be null (C#)" -# WARNING_FILTER += allow class="Return null Boolean (C#)" -# WARNING_FILTER += allow class="Return null Optional (C#)" +# WARNING_FILTER += allow class="Review SQL queries for security vulnerabilities (C#)" +# WARNING_FILTER += allow class="Review cipher mode usage with cryptography experts (C#)" +# WARNING_FILTER += allow class="Review code for DLL injection vulnerabilities (C#)" +# WARNING_FILTER += allow class="Review code for LDAP injection vulnerabilities (C#)" +# WARNING_FILTER += allow class="Review code for SQL injection vulnerabilities (C#)" +# WARNING_FILTER += allow class="Review code for XAML injection vulnerabilities (C#)" +# WARNING_FILTER += allow class="Review code for XML injection vulnerabilities (C#)" +# WARNING_FILTER += allow class="Review code for XPath injection vulnerabilities (C#)" +# WARNING_FILTER += allow class="Review code for XSS vulnerabilities (C#)" +# WARNING_FILTER += allow class="Review code for file path injection vulnerabilities (C#)" +# WARNING_FILTER += allow class="Review code for information disclosure vulnerabilities (C#)" +# WARNING_FILTER += allow class="Review code for open redirect vulnerabilities (C#)" +# WARNING_FILTER += allow class="Review code for process command injection vulnerabilities (C#)" +# WARNING_FILTER += allow class="Review code for regex injection vulnerabilities (C#)" +# WARNING_FILTER += allow class="Review visible event handlers (C#)" +# WARNING_FILTER += allow class="Seal methods that satisfy private interfaces (C#)" # WARNING_FILTER += allow class="Security Annotation Conflict (C#)" -# WARNING_FILTER += allow class="Serialization Not Disabled (C#)" +# WARNING_FILTER += allow class="Set HttpOnly to true for HttpCookie (C#)" +# WARNING_FILTER += allow class="Specify StringComparison for clarity (C#)" # WARNING_FILTER += allow class="Static Field Too Visible (C#)" +# WARNING_FILTER += allow class="Static holder types should be Static or NotInheritable (C#)" +# WARNING_FILTER += allow class="Test for empty strings using string length (C#)" +# WARNING_FILTER += allow class="Type names should not match namespaces (C#)" +# WARNING_FILTER += allow class="Types should not extend certain base types (C#)" +# WARNING_FILTER += allow class="URI-like parameters should not be strings (C#)" +# WARNING_FILTER += allow class="URI-like properties should not be strings (C#)" +# WARNING_FILTER += allow class="URI-like return values should not be strings (C#)" # WARNING_FILTER += allow class="Unchecked Parameter Dereference (deep) (C#)" # WARNING_FILTER += allow class="Unchecked Parameter Element Dereference (deep) (C#)" -# WARNING_FILTER += allow class="Unexpected Serial Version Field (C#)" # WARNING_FILTER += allow class="Unguarded Field (C#)" # WARNING_FILTER += allow class="Unguarded Method (C#)" # WARNING_FILTER += allow class="Unguarded Parameter (C#)" # WARNING_FILTER += allow class="Unsafe Base64 Encoding (C#)" +# WARNING_FILTER += allow class="Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks (C#)" +# WARNING_FILTER += allow class="Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks (C#)" +# WARNING_FILTER += allow class="Unsafe DataSet or DataTable in serializable type (C#)" +# WARNING_FILTER += allow class="Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks (C#)" +# WARNING_FILTER += allow class="Unsafe DataSet or DataTable type found in deserializable object graph (C#)" +# WARNING_FILTER += allow class="Unsafe DataSet or DataTable type in web deserializable object graph (C#)" +# WARNING_FILTER += allow class="Use Container Level Access Policy (C#)" +# WARNING_FILTER += allow class="Use CreateEncryptor with the default IV (C#)" +# WARNING_FILTER += allow class="Use DefaultDllImportSearchPaths attribute for P/Invokes (C#)" +# WARNING_FILTER += allow class="Use Integral Or String Argument For Indexers (C#)" +# WARNING_FILTER += allow class="Use Secure Cookies In ASP.NET Core (C#)" +# WARNING_FILTER += allow class="Use SharedAccessProtocol HttpsOnly (C#)" +# WARNING_FILTER += allow class="Use antiforgery tokens in ASP.NET Core MVC controllers (C#)" +# WARNING_FILTER += allow class="Use events where appropriate (C#)" +# WARNING_FILTER += allow class="Use generic event handler instances (C#)" +# WARNING_FILTER += allow class="Use literals where appropriate (C#)" +# WARNING_FILTER += allow class="Use properties where appropriate (C#)" # WARNING_FILTER += allow class="Useless null Test (C#)" # WARNING_FILTER += allow class="Useless null Test of Field (C#)" # WARNING_FILTER += allow class="Useless null Test of Parameter (C#)" # WARNING_FILTER += allow class="Useless null Test of Return Value (C#)" +# WARNING_FILTER += allow class="Validate arguments of public methods (C#)" # WARNING_FILTER += allow class="clone Subclass of Non-clonable (C#)" # WARNING_FILTER += allow class="null Passed to Method (deep) (C#)" # @@ -4613,6 +4895,11 @@ # that traverses the procedures of the project, printing the # verbose name of each. # +# import cs +# @cs.procedure_visitor +# def proc(p): +# print('\nFUNCTION NAME:', p.verbose_name()) +# # For example, suppose we have a C++ compilation unit that includes # the following. # @@ -5469,6 +5756,12 @@ # exactly one compilation unit before including any CodeSonar # header files. This will define some global variables that would # otherwise cause link errors. +# +# CodeSonar SaaS Note: If you are using CodeSonar SaaS, PLUGINS can +# only be used to load plug-ins that were shipped with CodeSonar in +# directory $GTHOME/plugins. To install other plug-ins, including +# any custom plug-ins you have created, contact GrammaTech support +# for assistance. # Parameter JAVA_PLUGIN_JVM @@ -5617,6 +5910,13 @@ # JAVA_PLUGIN_CLASSES += Test # or, if it is in a package: # JAVA_PLUGIN_CLASSES += com/example/csplugin/Test +# +# CodeSonar SaaS Note: If you are using CodeSonar SaaS, +# JAVA_PLUGIN_CLASSES can only be used to load plug-ins that were +# shipped with CodeSonar in directory $GTHOME/plugins. To install +# other plug-ins, including any custom plug-ins you have created, +# contact GrammaTech support for assistance. + # Parameter CSHARP_PLUGIN_DOTNET_VERSION @@ -5714,6 +6014,13 @@ # } # } # +# +# CodeSonar SaaS Note: If you are using CodeSonar SaaS, +# CSHARP_PLUGINS can only be used to load plug-ins that were +# shipped with CodeSonar in directory $GTHOME/plugins. To install +# other plug-ins, including any custom plug-ins you have created, +# contact GrammaTech support for assistance. +# ## CSHARP_PLUGINS += h:\pluginassembly.dll @@ -6520,6 +6827,28 @@ TIME_LIMIT_TAINT_REFINE_PER_PROCEDURE = 200 +# Parameter TIME_LIMIT_LIVEVAR +# +# Purpose +# Bounds the time that analysis can spend figuring out live +# variables in a single procedure. +# +# Tags +# - TIME_LIMIT: Analysis Time Limits +# +# Type +# integer +# +# Behavior +# When set to integer N, specifies that live variable analysis in a +# procedure will be terminated if it takes more than N seconds. +# This can result in incomplete taint information for the +# procedure. +# + +TIME_LIMIT_LIVEVAR = 8 + + # Parameter CPU_SPEED_ADJUSTMENT # # Purpose @@ -6877,6 +7206,97 @@ EXPLORE_MORE_LOOP_PATHS = No +# Parameter EXPLORE_SELF_ASSIGNMENT +# +# Purpose +# Specifies whether or not the analysis should explore the +# possibility of self assignment. +# +# Tags +# - ANALYSIS_PROPERTY: Analysis Properties +# +# Type +# { Yes, No } +# +# Behavior +# - Yes : The analysis will explicitly consider the self-assignment +# case for all assignment operations. +# - No : The analysis will only consider the self-assignment case +# for an assignment operation if there is a specific reason to do +# so. For example, it will consider the self-assignment case if +# the assignment operator explicitly compares the left- and +# right-hand sides. +# +# Notes +# Set to Yes to check for violations of CERT +# [doc/html/WarningClasses/CERT.html] CERT-CPP:OOP54-CPP +# "Gracefully handle self-copy assignment". This can reduce false +# negatives for issues caused by self assignment, at the cost of +# increased resource usage (time and space). +# +# For example, suppose a class with a dynamically allocated member +# has an assignment operator which unconditionally deletes the +# member. This will cause undefined behavior when the operator is +# used for self-assignment. +# +# C& C::operator=(const C& rhs){ +# delete this->stuff; +# this->stuff = new int(*rhs.stuff); // rhs.stuff already freed if &rhs==this +# return *this; +# } +# +# - If EXPLORE_SELF_ASSIGNMENT=Yes, a Use After Free warning is +# issued at the marked line. +# - If EXPLORE_SELF_ASSIGNMENT=No, this warning is not issued. +# +# Setting EXPLORE_SELF_ASSIGNMENT=Yes can reduce false negatives +# for issues caused by self assignment, at the cost of increased +# resource usage (time and space). +# +EXPLORE_SELF_ASSIGNMENT = Yes + + +# Parameter LOOP_TAINT_TRANSFER +# +# Purpose +# Specifies whether or not the analysis should transfer taint to +# loop variables when they are compared to tainted values. +# +# Tags +# - ANALYSIS_PROPERTY: Analysis Properties +# +# Type +# { Yes, No } +# +# Behavior +# - Yes : The analysis will transfer taint to loop variables when +# they are compared to tainted values (in particular, when they +# are compared to tainted loop bounds). If the loop variable +# subsequently reaches a taint sink, a warning will be issued. +# - No : The analysis will not transfer taint to loop variables at +# such comparisons. Taint transfer to loop variables may still +# occur by other means, such as assignment to the variable. +# +# Notes +# A "loop variable" is defined here as a variable that is +# incremented or decremented by a fixed amount over each loop +# iteration. +# +# Example: When LOOP_TAINT_TRANSFER=Yes, the analysis will produce +# a Tainted Buffer Access warning at the marked location in the +# following code. +# int f(void) { +# char buf[1024]; +# size_t n = fread( buf, 1, 1024, stdin ); // n has file taint +# int i; +# int x = 0; +# for( i = 0; i <= n; ++i ) // i is tainted by comparison with n +# x += buf[i]; // Tainted Buffer Access +# } + +LOOP_TAINT_TRANSFER = No + + # Parameter LOOP_COUNTER_DISTRUST # # Purpose @@ -7291,7 +7711,7 @@ # - ANALYSIS_BOUND: Analysis resource/effort limit # # Type -# integer +# non-negative integer # # Behavior # If a procedure modifies more values than this maximum, CodeSonar @@ -7312,6 +7732,73 @@ MAX_MODIFIED_VALUES = 100 +# Parameter MAX_CLOBBERED_FIELDS +# +# Purpose +# When a non-const pointer to an object escapes analysis, specifies +# a bound on the number of transitive fields of that object that +# the analysis should treat as potentially changed to an unknown +# value. +# +# Tags +# - ANALYSIS_BOUND: Analysis resource/effort limit +# +# Type +# non-negative integer +# +# Behavior +# Given MAX_CLOBBERED_FIELDS=N : if a non-const pointer to an +# object O escapes the analysis' ability to see how the pointer is +# used, the CodeSonar analysis will treat the first N fields of O +# as if they may have been changed to an unknown value. +# - Fields are counted in memory layout order. +# - If O has more than N transitive fields, the analysis will treat +# the remaining fields as if they have not been changed. +# +# Notes +# Pointers can escape for a variety of reasons. One reason would be +# getting passed to an undefined function. +# undefined_function( &some_object ); +# +# To avoid potential false positives, the analysis will assume that +# undefined_function() can modify some_object. MAX_CLOBBERED_FIELDS +# places an upper bound on the analysis cost associated with this +# assumption. + +MAX_CLOBBERED_FIELDS = 200 + + +# Parameter MAX_COPIED_FIELDS +# +# Purpose +# Specifies a bound on the number of transitive fields of a type +# (such as a class or struct) that the CodeSonar analysis will copy +# by-value when simulating a corresponding by-value copy operation +# in the software under analysis. +# +# Tags +# - ANALYSIS_BOUND: Analysis resource/effort limit +# +# Type +# non-negative integer +# +# Behavior +# Given MAX_COPIED_FIELDS=N : if the software under analysis +# performs a by-value copy operation from object S to object D, the +# CodeSonar analysis will simulate this by performing a by-value +# copy of the first N fields of S to D. +# - Fields are counted in memory layout order. +# - If S has more than N transitive fields, the analysis will treat +# the remainder of D as if it has not been changed. +# +# Notes +# Copying a large number of fields by-value can be resource- +# intensive. MAX_COPIED_FIELDS places an upper bound on the +# analysis cost associated with copying an object by-value. + +MAX_COPIED_FIELDS = 1000 + + # Parameter DP_REFINEMENT_EXACT # # Purpose @@ -14220,6 +14707,224 @@ TAINT_CALLSITE_EXPANSION_EFFORT = 1000 +# Parameter TAINT_BLOCK_PROPAGATION_FUNCS +# +# Purpose +# Specifies how a function propagates data, and the taint on that +# data, into a structured memory block. +# +# Type +# A string of the form +# , , , , , +# +# where: +# - is the name of the function. If you have defined a +# CodeSonar replacement function csonar_replace_f() +# [doc/html/Extensions/Prototypes.html#csonar_replace] for the +# function f() of interest, specify csonar_replace_f as the +# (not f). +# - is the position of the 'destination' argument (counting +# from 1). +# - is the number of the 'source' argument (counting from 1), +# or 0 if there is no source parameter - that is, if the source +# is implicit to the function. +# - is the position of the 'size' argument (counting from 1), +# or 0 if there is no single size parameter, as is the case with +# fread. +# - is the factor by which the size parameter should be +# multiplied in order to determine the block size in bytes. In +# many cases this is 1, but it may be larger, for instance when +# the function copies words rather than bytes. This can +# be either an integer or a type name: one of { SHORT, LONG, +# SIZE_T, PTRDIFF_T, WCHAR_T, POINTER, LONG_LONG, INT128, INT, +# FLOAT, DOUBLE, LONG_DOUBLE }. +# - characterizes the general behavior of the function: one +# of { MEMCPY, MEMCPY+PROPAGATE, MEMSET+PROPAGATE, READ, +# READ+PROPAGATE, IGNORE }. +# +# Behavior +# CodeSonar will treat calls to function as propagating data +# - including any taint on that data - to the block of memory +# starting at the address specified by the parameter, where +# the size of the block is determined by multiplying the value of +# the parameter by . +# +# The details of data and taint propagation depend the value of +# : +# +# - MEMCPY : the function is like memcpy(): the fields of are +# copied to the corresponding fields of the destination block, +# with taint propagated along with the data for each field. If +# 's implementation applies taint to , it is +# propagated only to the first field of the destination block. +# - MEMCPY+PROPAGATE : as for MEMCPY except that if 's +# implementation applies taint to , it is propagated to all +# fields of the destination block. +# - MEMSET+PROPAGATE : the function is like memset(): a single +# element is distributed to each of the fields of the +# destination block. The taint on is likewise distributed +# to all fields of the destination block. If 's +# implementation applies taint to , it is propagated to all +# fields of the destination block. +# - READ : the function is like read(): content comes from an +# indeterminate source, filling the block. When has this +# value, the is ignored. If 's implementation applies +# taint to , it is propagated only to the first field of the +# destination block. +# - READ+PROPAGATE : as for READ except that if 's +# implementation applies taint to , it is propagated to all +# fields of the destination block. +# - IGNORE : all previous rules with the same are ignored. +# Note that a subsequent rule with the same will take +# precedence over an IGNORE rule. +# +# Notes +# In some cases, the data propagation behavior of a function +# depends on type information that is only available to the +# function caller and not to the function itself. For example, +# memcpy() copies the contents of a source block to a destination, +# bytewise, without regard for the actual organization of those +# contents. An analysis that only considers this bytewise behavior +# will not have information about the internal structure of the +# destination block. The TAINT_BLOCK_PROPAGATION_FUNCS parameter +# allows you to provide the CodeSonar taint analysis with +# information about how functions propagate data: this will +# generally reduce false negatives but increase analysis resource +# use (time and space). +# +# For example, one of the rules in the factory setting for this +# parameter is: +# TAINT_BLOCK_PROPAGATION_FUNCS += memcpy, 1, 2, 3, 1, MEMCPY +# This rule specifies that function memcpy() propagates taint as +# follows. +# - The source block is indicated by the second (2) argument. +# - The destination block starts at the address given in the first +# (1) argument. +# - The length of the destination block is obtained by multiplying +# the third (3) argument by 1. +# - Propagation is MEMCPY-like: data (and thus any taint on that +# data) is copied from fields in the source block to the +# corresponding fields in the destination block. Any taint +# applied to the second argument by memcpy() should only be +# propagated to the first field of the destination block (rather +# than to the entire block). +# +# With this setting, the analysis can account for pointer aliasing +# introduced when memcpy() is used to copy structured data. +# struct S { +# int *p; +# int *q; +# }; +# +# void f(struct S *d, struct S *s) { +# memcpy( d, s, sizeof(*d) ); +# } +# +# void g(void) { +# int A[10], B[10]; +# struct S a = {A, B}, b = {}; +# f(&b, &a); // data from a is propagated to b +# // (nothing is tainted at this point) +# B[5] = getchar(); // B[5] is now tainted +# int C[10]; +# C[b.q[5]] = 123; // Tainted Buffer Access: can only be detected if +# // the analysis understands that b.q[5] is the +# // same as B[5]. +# } +# +# If there are multiple TAINT_BLOCK_PROPAGATION_FUNCS rules with +# the same , only the last one is used. +# +# The additional analysis enabled by TAINT_BLOCK_PROPAGATION_FUNCS +# rules is applied at call sites to each identified function f(), +# and only when a summary [doc/html/Summaries.html] is used. +# - There is no additional taint propagation modeling within the +# body of f(). +# - If the CodeSonar refinement phase expands the body of f() +# rather than using its summary, the additional information +# provided by the TAINT_BLOCK_PROPAGATION_FUNCS rule will not be +# used. To avoid this, create a replacement function +# csonar_replace_f() that wraps a call to f() (and nothing else), +# and use __CSURF_MARKER_LIBRARY_FUNCTION__ +# [doc/html/Extensions/Prototypes.html#csurf_marker_library_function] +# to mark csonar_replace_f() as a library function so that its +# body is not expanded. +TAINT_BLOCK_PROPAGATION_FUNCS += __aeabi_memclr, 1, 0, 2, 1, MEMSET+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __aeabi_memclr4, 1, 0, 2, 1, MEMSET+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __aeabi_memclr8, 1, 0, 2, 1, MEMSET+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __aeabi_memcpy, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __aeabi_memcpy4, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __aeabi_memcpy8, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __aeabi_memmove, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __aeabi_memmove4, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __aeabi_memmove8, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __aeabi_memset, 1, 3, 2, 1, MEMSET+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __aeabi_memset4, 1, 3, 2, 1, MEMSET+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __aeabi_memset8, 1, 3, 2, 1, MEMSET+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __builtin___memcpy_chk, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __builtin___memmove_chk, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __builtin___mempcpy_chk, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __builtin___memset_chk, 1, 2, 3, 1, MEMSET+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __builtin__memcpy_chk, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __builtin__memmove_chk, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __builtin__mempcpy_chk, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __builtin__memset_chk, 1, 2, 3, 1, MEMSET+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __builtin_bcopy, 2, 1, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __builtin_bzero, 1, 0, 2, 1, MEMSET+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __builtin_memcpy, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __builtin_memmove, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __builtin_memset, 1, 2, 3, 1, MEMSET+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __copy_from_user, 1, 2, 3, 1, MEMCPY+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __copy_from_user_inatomic, 1, 2, 3, 1, MEMCPY+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __fread_chk, 1, 0, 0, 1, READ+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __memcpy_chk, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __memmove_chk, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __mempcpy, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __mempcpy_chk, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __memset_chk, 1, 2, 3, 1, MEMSET+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __pread64, 2, 0, 3, 1, READ+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __pread_chk, 2, 0, 3, 1, READ+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __read_chk, 2, 0, 3, 1, READ+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __recv_chk, 2, 0, 3, 1, READ+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __recvfrom_chk, 2, 0, 3, 1, READ+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += __wmemcpy_chk, 1, 2, 3, WCHAR_T, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __wmemmove_chk, 1, 2, 3, WCHAR_T, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __wmempcpy, 1, 2, 3, WCHAR_T, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += __wmemset_chk, 1, 2, 3, WCHAR_T, MEMSET+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += _bcopy, 2, 1, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += _fread_nolock, 1, 0, 0, 1, READ+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += bcopy, 2, 1, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += bcopyLongs, 2, 1, 3, LONG, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += bcopyWords, 2, 1, 3, SHORT, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += bfill, 1, 3, 2, 1, MEMSET+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += bfillBytes, 1, 3, 2, 1, MEMSET+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += bzero, 1, 0, 2, 1, MEMSET+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += copy_from_user, 1, 2, 3, 1, MEMCPY+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += copyin, 2, 1, 3, 1, MEMCPY+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += copyinmsg, 2, 1, 3, 1, MEMCPY+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += fread, 1, 0, 0, 1, READ+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += memcpy, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += memcpy_s, 1, 3, 4, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += memmove, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += memmove_s, 1, 3, 4, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += mempcpy, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += memset, 1, 2, 3, 1, MEMSET+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += pread, 2, 0, 3, 1, READ+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += pread64, 2, 0, 3, 1, READ+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += qMemCopy, 1, 2, 3, 1, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += qMemSet, 1, 2, 3, 1, MEMSET+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += read, 2, 0, 3, 1, READ+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += recv, 2, 0, 3, 1, READ+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += recvfrom, 2, 0, 3, 1, READ+PROPAGATE, +TAINT_BLOCK_PROPAGATION_FUNCS += tyRead, 2, 0, 3, 1, READ+PROPAGATE +TAINT_BLOCK_PROPAGATION_FUNCS += wmemcpy, 1, 2, 3, WCHAR_T, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += wmemcpy_s, 1, 3, 4, WCHAR_T, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += wmemmove, 1, 2, 3, WCHAR_T, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += wmemmove_s, 1, 3, 4, WCHAR_T, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += wmempcpy, 1, 2, 3, WCHAR_T, MEMCPY +TAINT_BLOCK_PROPAGATION_FUNCS += wmemset, 1, 2, 3, WCHAR_T, MEMSET+PROPAGATE + + # Parameter BOOL_TYPES # # Purpose @@ -14841,7 +15546,7 @@ # Parameter UNTRUSTED_PROC_BLACKLIST # # Purpose -# Specify process names that will trigger Untrusted Process +# Specifies process names that will trigger Untrusted Process # Creation warnings. # # Type @@ -14906,7 +15611,7 @@ # Parameter UNTRUSTED_PROC_WHITELIST # # Purpose -# Specify process names that will not trigger a Untrusted Process +# Specifies process names that will not trigger a Untrusted Process # Creation warning. # # Type @@ -14964,8 +15669,8 @@ # Parameter UNTRUSTED_LIB_BLACKLIST # # Purpose -# Specify dynamic library names that will trigger Untrusted Library -# Load warnings. +# Specifies dynamic library names that will trigger Untrusted +# Library Load warnings. # # Type # Boost 'POSIX Extended Regular Expression' @@ -15017,7 +15722,7 @@ # Parameter UNTRUSTED_LIB_WHITELIST # # Purpose -# Specify dynamic library names that will not trigger a Untrusted +# Specifies dynamic library names that will not trigger a Untrusted # Library Load warning. # # Type @@ -15337,7 +16042,7 @@ # Parameter TIMEBOMB_IGNORE_ZERO # # Purpose -# Specify whether the Potential Timebomb check should ignore +# Specifies whether the Potential Timebomb check should ignore # comparisons against zero. # # Type @@ -16010,7 +16715,7 @@ # Parameter JAVA_ANALYSIS_JVM_OPTIONS # # Purpose -# Specify options to the JVM that will execute the Java +# Specifies options to the JVM that will execute the Java # build/analysis [doc/html/Java_Module/Building/Building.html]. # # Tags @@ -17387,7 +18092,7 @@ # Parameter CSHARP_ANALYSIS_JVM_OPTIONS # # Purpose -# Specify options to the JVM that will execute the C# +# Specifies options to the JVM that will execute the C# # build/analysis [doc/html/Csharp_Module/Building/Building.html]. # # Tags @@ -18385,8 +19090,6 @@ # (deep) (C#) # - WC_CSHARP.DEEPNULL.FIELD: Used by Field may be null (deep) (C#) # - WC_CSHARP.CRYPTO.SALT: Used by Inadequate Salt (C#) -# - WC_CSHARP.NULL.PARAM.LAMBDA: Used by Lambda Parameter may be -# null (C#) # - WC_CSHARP.NULL.RET.NONNULL: Used by Method Should Not Return # null (C#) # - WC_CSHARP.NULL.PARAM.ACTUAL: Used by Null Parameter Dereference @@ -18395,8 +19098,6 @@ # - WC_CSHARP.DEEPNULL.DEREF: Used by Null Pointer Dereference # (deep) (C#) # - WC_CSHARP.NULL.RET.ARRAY: Used by Return null Array (C#) -# - WC_CSHARP.NULL.RET.BOOL: Used by Return null Boolean (C#) -# - WC_CSHARP.NULL.RET.OPT: Used by Return null Optional (C#) # - WC_CSHARP.STRUCT.UPD: Used by Unchecked Parameter Dereference # (C#) # - WC_CSHARP.STRUCT.DUPD: Used by Unchecked Parameter Dereference @@ -18661,7 +19362,7 @@ # { Yes, No } # # Languages -# C# +# C++ # # Behavior # - Yes : Warning is not issued if derived class doesn't have @@ -18670,3 +19371,32 @@ # additional data members. OBJSLICE_WARN_NEW_MEMBER_ONLY = Yes + + +# Parameter ALWAYS_EXPAND_FUNCTIONS +# +# Purpose +# Specifies certain functions by name that should always be +# expanded when CALL_SITE_EXPANSIONS is not None. +# +# Tags +# - ANALYSIS_BOUND: Analysis resource/effort limit +# +# Type +# string +# +# Languages +# C/C++ +# +# Behavior +# This is the analysis' version of inlining a function. During +# refinement of a pathy warning, CodeSonar will always expand +# functions that have one of these names. In some cases, this can +# help CodeSonar rule out potential false positives. In other +# cases, it will cause blue "[+]" icons to appear in the margin of +# warning reports adjacent to calls to these named functions. Full +# verbose names are required; see the BAD_FUNCTION_REGEX +# documentation for information about recovering and using verbose +# names. +# +## ALWAYS_EXPAND_FUNCTIONS +=