diff --git a/coverity/README.md b/coverity/README.md new file mode 100644 index 0000000000..4dbf4cc8e3 --- /dev/null +++ b/coverity/README.md @@ -0,0 +1,12 @@ +# Coverity settings/configuration + +We use Coverity scan for static code analysis. This directory contains +[configuration](https://scan.coverity.com/projects/domjudge?tab=analysis_settings) +that has also been uploaded toCoverity, but is also stored here for +visibility and tracking. + +The file `modeling.c` is used to explicitly tell the analysis engine +which code paths terminate execution and related things. + +The file `components.csv` lists which components we have configured +and whether they are ignored (for external code) in the analysis. diff --git a/coverity/components.tsv b/coverity/components.tsv new file mode 100644 index 0000000000..c11aee695e --- /dev/null +++ b/coverity/components.tsv @@ -0,0 +1,7 @@ +Component name Pattern Ignore in analysis +Included standard libraries /usr/include/.* Yes +External JS libraries /webapp/web/js/(ace/.*|flot/.*|jquery\..*\.js) No +Generated cache files in var /webapp/var/cache/.* Yes +Generated doc build files /doc/manual/build/.* Yes +Symfony external resources /webapp/resources/.* Yes +External PHP libraries /webapp/vendor/.* Yes diff --git a/coverity/modeling.c b/coverity/modeling.c new file mode 100644 index 0000000000..5b42be28b9 --- /dev/null +++ b/coverity/modeling.c @@ -0,0 +1,8 @@ +/* To be uploaded to scan.coverity.com as modeling file to exclude + * false positives because it does not detect that error() always + * terminates the program. + */ + +void error(int errnum, const char *format, ...) { + __coverity_panic__(); +}