Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
allendowney
GitHub Repository: allendowney/cpython
Path: blob/main/Misc/coverity_model.c
12 views
1
/* Coverity Scan model
2
*
3
* This is a modeling file for Coverity Scan. Modeling helps to avoid false
4
* positives.
5
*
6
* - A model file can't import any header files.
7
* - Therefore only some built-in primitives like int, char and void are
8
* available but not wchar_t, NULL etc.
9
* - Modeling doesn't need full structs and typedefs. Rudimentary structs
10
* and similar types are sufficient.
11
* - An uninitialized local pointer is not an error. It signifies that the
12
* variable could be either NULL or have some data.
13
*
14
* Coverity Scan doesn't pick up modifications automatically. The model file
15
* must be uploaded by an admin in the analysis settings of
16
* http://scan.coverity.com/projects/200
17
*/
18
19
/* dummy definitions, in most cases struct fields aren't required. */
20
21
#define NULL (void *)0
22
#define assert(op) /* empty */
23
typedef int sdigit;
24
typedef long Py_ssize_t;
25
typedef unsigned short wchar_t;
26
typedef struct {} PyObject;
27
typedef struct {} grammar;
28
typedef struct {} DIR;
29
typedef struct {} RFILE;
30
31
/* Python/pythonrun.c
32
* resource leak false positive */
33
34
void Py_FatalError(const char *msg) {
35
__coverity_panic__();
36
}
37
38
/* Objects/longobject.c
39
* NEGATIVE_RETURNS false positive */
40
41
static PyObject *get_small_int(sdigit ival)
42
{
43
/* Never returns NULL */
44
PyObject *p;
45
assert(p != NULL);
46
return p;
47
}
48
49
PyObject *PyLong_FromLong(long ival)
50
{
51
PyObject *p;
52
int maybe;
53
54
if ((ival >= -5) && (ival < 257 + 5)) {
55
p = get_small_int(ival);
56
assert(p != NULL);
57
return p;
58
}
59
if (maybe)
60
return p;
61
else
62
return NULL;
63
}
64
65
PyObject *PyLong_FromLongLong(long long ival)
66
{
67
return PyLong_FromLong((long)ival);
68
}
69
70
PyObject *PyLong_FromSsize_t(Py_ssize_t ival)
71
{
72
return PyLong_FromLong((long)ival);
73
}
74
75
/* tainted sinks
76
*
77
* Coverity considers argv, environ, read() data etc as tained.
78
*/
79
80
PyObject *PyErr_SetFromErrnoWithFilename(PyObject *exc, const char *filename)
81
{
82
__coverity_tainted_data_sink__(filename);
83
return NULL;
84
}
85
86
/* Python/fileutils.c */
87
wchar_t *Py_DecodeLocale(const char* arg, size_t *size)
88
{
89
wchar_t *w;
90
__coverity_tainted_data_sink__(arg);
91
__coverity_tainted_data_sink__(size);
92
return w;
93
}
94
95
/* Python/marshal.c */
96
97
static Py_ssize_t r_string(char *s, Py_ssize_t n, RFILE *p)
98
{
99
__coverity_tainted_string_argument__(s);
100
return 0;
101
}
102
103
static long r_long(RFILE *p)
104
{
105
long l;
106
unsigned char buffer[4];
107
108
r_string((char *)buffer, 4, p);
109
__coverity_tainted_string_sanitize_content__(buffer);
110
l = (long)buffer;
111
return l;
112
}
113
114
/* Coverity doesn't understand that fdopendir() may take ownership of fd. */
115
116
DIR *fdopendir(int fd)
117
{
118
DIR *d;
119
if (d) {
120
__coverity_close__(fd);
121
}
122
return d;
123
}
124
125
/* Modules/_datetime.c
126
*
127
* Coverity thinks that the input values for these function come from a
128
* tainted source PyDateTime_DATE_GET_* macros use bit shifting.
129
*/
130
static PyObject *
131
build_struct_time(int y, int m, int d, int hh, int mm, int ss, int dstflag)
132
{
133
PyObject *result;
134
135
__coverity_tainted_data_sanitize__(y);
136
__coverity_tainted_data_sanitize__(m);
137
__coverity_tainted_data_sanitize__(d);
138
__coverity_tainted_data_sanitize__(hh);
139
__coverity_tainted_data_sanitize__(mm);
140
__coverity_tainted_data_sanitize__(ss);
141
__coverity_tainted_data_sanitize__(dstflag);
142
143
return result;
144
}
145
146
static int
147
ymd_to_ord(int year, int month, int day)
148
{
149
int ord = 0;
150
151
__coverity_tainted_data_sanitize__(year);
152
__coverity_tainted_data_sanitize__(month);
153
__coverity_tainted_data_sanitize__(day);
154
155
return ord;
156
}
157
158
static int
159
normalize_date(int *year, int *month, int *day)
160
{
161
__coverity_tainted_data_sanitize__(*year);
162
__coverity_tainted_data_sanitize__(*month);
163
__coverity_tainted_data_sanitize__(*day);
164
165
return 0;
166
}
167
168
static int
169
weekday(int year, int month, int day)
170
{
171
int w = 0;
172
173
__coverity_tainted_data_sanitize__(year);
174
__coverity_tainted_data_sanitize__(month);
175
__coverity_tainted_data_sanitize__(day);
176
177
return w;
178
}
179
180
181