• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* Coverity Scan model
2  *
3  * This is a modeling file for Coverity Scan. Modeling helps to avoid false
4  * positives.
5  *
6  * - A model file can't import any header files.
7  * - Therefore only some built-in primitives like int, char and void are
8  *   available but not wchar_t, NULL etc.
9  * - Modeling doesn't need full structs and typedefs. Rudimentary structs
10  *   and similar types are sufficient.
11  * - An uninitialized local pointer is not an error. It signifies that the
12  *   variable could be either NULL or have some data.
13  *
14  * Coverity Scan doesn't pick up modifications automatically. The model file
15  * must be uploaded by an admin in the analysis settings of
16  * http://scan.coverity.com/projects/200
17  */
18 
19 /* dummy definitions, in most cases struct fields aren't required. */
20 
21 #define NULL (void *)0
22 #define assert(op) /* empty */
23 typedef int sdigit;
24 typedef long Py_ssize_t;
25 typedef unsigned short wchar_t;
26 typedef struct {} PyObject;
27 typedef struct {} grammar;
28 typedef struct {} DIR;
29 typedef struct {} RFILE;
30 
31 /* Python/pythonrun.c
32  * resource leak false positive */
33 
Py_FatalError(const char * msg)34 void Py_FatalError(const char *msg) {
35     __coverity_panic__();
36 }
37 
38 /* Objects/longobject.c
39  * NEGATIVE_RETURNS false positive */
40 
get_small_int(sdigit ival)41 static PyObject *get_small_int(sdigit ival)
42 {
43     /* Never returns NULL */
44     PyObject *p;
45     assert(p != NULL);
46     return p;
47 }
48 
PyLong_FromLong(long ival)49 PyObject *PyLong_FromLong(long ival)
50 {
51     PyObject *p;
52     int maybe;
53 
54     if ((ival >= -5) && (ival < 257 + 5)) {
55         p = get_small_int(ival);
56         assert(p != NULL);
57         return p;
58     }
59     if (maybe)
60         return p;
61     else
62         return NULL;
63 }
64 
PyLong_FromLongLong(long long ival)65 PyObject *PyLong_FromLongLong(long long ival)
66 {
67     return PyLong_FromLong((long)ival);
68 }
69 
PyLong_FromSsize_t(Py_ssize_t ival)70 PyObject *PyLong_FromSsize_t(Py_ssize_t ival)
71 {
72     return PyLong_FromLong((long)ival);
73 }
74 
75 /* tainted sinks
76  *
77  * Coverity considers argv, environ, read() data etc as tained.
78  */
79 
PyErr_SetFromErrnoWithFilename(PyObject * exc,const char * filename)80 PyObject *PyErr_SetFromErrnoWithFilename(PyObject *exc, const char *filename)
81 {
82     __coverity_tainted_data_sink__(filename);
83     return NULL;
84 }
85 
86 /* Python/fileutils.c */
Py_DecodeLocale(const char * arg,size_t * size)87 wchar_t *Py_DecodeLocale(const char* arg, size_t *size)
88 {
89    wchar_t *w;
90     __coverity_tainted_data_sink__(arg);
91     __coverity_tainted_data_sink__(size);
92    return w;
93 }
94 
95 /* Python/marshal.c */
96 
r_string(char * s,Py_ssize_t n,RFILE * p)97 static Py_ssize_t r_string(char *s, Py_ssize_t n, RFILE *p)
98 {
99     __coverity_tainted_string_argument__(s);
100     return 0;
101 }
102 
r_long(RFILE * p)103 static long r_long(RFILE *p)
104 {
105     long l;
106     unsigned char buffer[4];
107 
108     r_string((char *)buffer, 4, p);
109     __coverity_tainted_string_sanitize_content__(buffer);
110     l = (long)buffer;
111     return l;
112 }
113 
114 /* Coverity doesn't understand that fdopendir() may take ownership of fd. */
115 
fdopendir(int fd)116 DIR *fdopendir(int fd)
117 {
118     DIR *d;
119     if (d) {
120         __coverity_close__(fd);
121     }
122     return d;
123 }
124 
125 /* Modules/_datetime.c
126  *
127  * Coverity thinks that the input values for these function come from a
128  * tainted source PyDateTime_DATE_GET_* macros use bit shifting.
129  */
130 static PyObject *
build_struct_time(int y,int m,int d,int hh,int mm,int ss,int dstflag)131 build_struct_time(int y, int m, int d, int hh, int mm, int ss, int dstflag)
132 {
133     PyObject *result;
134 
135     __coverity_tainted_data_sanitize__(y);
136     __coverity_tainted_data_sanitize__(m);
137     __coverity_tainted_data_sanitize__(d);
138     __coverity_tainted_data_sanitize__(hh);
139     __coverity_tainted_data_sanitize__(mm);
140     __coverity_tainted_data_sanitize__(ss);
141     __coverity_tainted_data_sanitize__(dstflag);
142 
143     return result;
144 }
145 
146 static int
ymd_to_ord(int year,int month,int day)147 ymd_to_ord(int year, int month, int day)
148 {
149     int ord = 0;
150 
151     __coverity_tainted_data_sanitize__(year);
152     __coverity_tainted_data_sanitize__(month);
153     __coverity_tainted_data_sanitize__(day);
154 
155     return ord;
156 }
157 
158 static int
normalize_date(int * year,int * month,int * day)159 normalize_date(int *year, int *month, int *day)
160 {
161     __coverity_tainted_data_sanitize__(*year);
162     __coverity_tainted_data_sanitize__(*month);
163     __coverity_tainted_data_sanitize__(*day);
164 
165     return 0;
166 }
167 
168 static int
weekday(int year,int month,int day)169 weekday(int year, int month, int day)
170 {
171     int w = 0;
172 
173     __coverity_tainted_data_sanitize__(year);
174     __coverity_tainted_data_sanitize__(month);
175     __coverity_tainted_data_sanitize__(day);
176 
177     return w;
178 }
179 
180