зеркало из https://github.com/mozilla/gecko-dev.git
508 строки
12 KiB
YAML
508 строки
12 KiB
YAML
---
|
|
# It is used by 'mach static-analysis check-coverity' and
|
|
# 'phabricator static-analysis bot', on automation, in order to determine
|
|
# how prone to false-positive a checker is.
|
|
#
|
|
# In order to update this file please do the following:
|
|
# 1. Obtain the coverity-analysis package.
|
|
# 2. Run cov-analyze `./cov-analyze --list-checkers.
|
|
# 3. Add the new checker(s) from step 2. to the list.
|
|
# 4. Depending on the reliability of the checker please set `reliability` field,
|
|
# otherwise `medium` will be used as an reliability index.
|
|
coverity_checkers:
|
|
COPY_PASTE_ERROR:
|
|
reliability: low
|
|
DEADCODE:
|
|
reliability: low
|
|
FORWARD_NULL:
|
|
reliability: high
|
|
IDENTICAL_BRANCHES:
|
|
reliability: high
|
|
CONSTANT_EXPRESSION_RESULT:
|
|
reliability: high
|
|
UNREACHABLE:
|
|
reliability: low
|
|
REVERSE_INULL:
|
|
reliability: high
|
|
UNEXPECTED_CONTROL_FLOW:
|
|
reliability: medium
|
|
NESTING_INDENT_MISMATCH:
|
|
reliability: high
|
|
STRAY_SEMICOLON:
|
|
reliability: medium
|
|
RESOURCE_LEAK:
|
|
reliability: medium
|
|
NULL_RETURNS:
|
|
reliability: medium
|
|
DIVIDE_BY_ZERO:
|
|
reliability: medium
|
|
OVERFLOW_BEFORE_WIDEN:
|
|
reliability: high
|
|
UNINTENDED_INTEGER_DIVISION:
|
|
reliability: medium
|
|
SWAPPED_ARGUMENTS:
|
|
reliability: low
|
|
NO_EFFECT:
|
|
reliability: medium
|
|
BAD_SHIFT:
|
|
reliability: low
|
|
INFINITE_LOOP:
|
|
reliability: medium
|
|
MISSING_RESTORE:
|
|
reliability: low
|
|
UNUSED_VALUE:
|
|
reliability: medium
|
|
USELESS_CALL:
|
|
reliability: low
|
|
MISSING_BREAK:
|
|
reliability: low
|
|
CHECKED_RETURN:
|
|
reliability: low
|
|
PROPERTY_MIXUP:
|
|
reliability: medium
|
|
CALL_SUPER:
|
|
reliability: medium
|
|
IDENTIFIER_TYPO:
|
|
reliability: medium
|
|
USE_AFTER_FREE:
|
|
reliability: low
|
|
ALLOC_FREE_MISMATCH:
|
|
reliability: medium
|
|
ARRAY_VS_SINGLETON:
|
|
reliability: low
|
|
ASSERT_SIDE_EFFECT:
|
|
reliability: medium
|
|
BAD_ALLOC_ARITHMETIC:
|
|
reliability: medium
|
|
BAD_ALLOC_STRLEN:
|
|
reliability: medium
|
|
BAD_COMPARE:
|
|
reliability: medium
|
|
BAD_FREE:
|
|
reliability: medium
|
|
BAD_SIZEOF:
|
|
reliability: medium
|
|
CHAR_IO:
|
|
reliability: low
|
|
EVALUATION_ORDER:
|
|
reliability: medium
|
|
INCOMPATIBLE_CAST:
|
|
reliability: medium
|
|
MISSING_COMMA:
|
|
reliability: high
|
|
MISSING_RETURN:
|
|
reliability: medium
|
|
NEGATIVE_RETURNS:
|
|
reliability: low
|
|
OVERRUN:
|
|
reliability: low
|
|
PASS_BY_VALUE:
|
|
reliability: high
|
|
PRINTF_ARGS:
|
|
reliability: medium
|
|
READLINK:
|
|
reliability: medium
|
|
RETURN_LOCAL:
|
|
reliability: low
|
|
REVERSE_NEGATIVE:
|
|
reliability: medium
|
|
SIGN_EXTENSION:
|
|
reliability: low
|
|
SIZEOF_MISMATCH:
|
|
reliability: low
|
|
UNINIT:
|
|
reliability: high
|
|
VARARGS:
|
|
reliability: medium
|
|
INVALIDATE_ITERATOR:
|
|
reliability: medium
|
|
BAD_LOCK_OBJECT:
|
|
reliability: medium
|
|
GUARDED_BY_VIOLATION:
|
|
reliability: medium
|
|
LOCK_EVASION:
|
|
reliability: medium
|
|
MISSING_THROW:
|
|
reliability: medium
|
|
NON_STATIC_GUARDING_STATIC:
|
|
reliability: medium
|
|
VOLATILE_ATOMICITY:
|
|
reliability: medium
|
|
OVERLAPPING_COPY:
|
|
reliability: medium
|
|
BAD_OVERRIDE:
|
|
reliability: medium
|
|
CTOR_DTOR_LEAK:
|
|
reliability: low
|
|
DELETE_ARRAY:
|
|
reliability: low
|
|
DELETE_VOID:
|
|
reliability: medium
|
|
MISMATCHED_ITERATOR:
|
|
reliability: medium
|
|
MISSING_MOVE_ASSIGNMENT:
|
|
reliability: low
|
|
STREAM_FORMAT_STATE:
|
|
reliability: medium
|
|
UNCAUGHT_EXCEPT:
|
|
reliability: medium
|
|
UNINIT_CTOR:
|
|
reliability: high
|
|
VIRTUAL_DTOR:
|
|
reliability: medium
|
|
WRAPPER_ESCAPE:
|
|
reliability: low
|
|
BAD_EQ:
|
|
reliability: medium
|
|
BAD_EQ_TYPES:
|
|
reliability: medium
|
|
LOCK_INVERSION:
|
|
reliability: medium
|
|
BAD_CHECK_OF_WAIT_COND:
|
|
reliability: medium
|
|
DC.DANGEROUS:
|
|
reliability: medium
|
|
DC.DEADLOCK:
|
|
reliability: medium
|
|
HIBERNATE_BAD_HASHCODE:
|
|
reliability: medium
|
|
ORM_LOAD_NULL_CHECK:
|
|
reliability: medium
|
|
ORM_UNNECESSARY_GET:
|
|
reliability: medium
|
|
REGEX_CONFUSION:
|
|
reliability: medium
|
|
SERVLET_ATOMICITY:
|
|
reliability: medium
|
|
SINGLETON_RACE:
|
|
reliability: medium
|
|
WRONG_METHOD:
|
|
reliability: medium
|
|
PATH_MANIPULATION:
|
|
reliability: medium
|
|
SQLI:
|
|
reliability: medium
|
|
HARDCODED_CREDENTIALS:
|
|
reliability: medium
|
|
SENSITIVE_DATA_LEAK:
|
|
reliability: medium
|
|
SCRIPT_CODE_INJECTION:
|
|
reliability: medium
|
|
REGEX_INJECTION:
|
|
reliability: medium
|
|
BAD_CERT_VERIFICATION:
|
|
reliability: medium
|
|
COM.BAD_FREE:
|
|
reliability: medium
|
|
COM.BSTR.CONV:
|
|
reliability: medium
|
|
EXPLICIT_THIS_EXPECTED:
|
|
reliability: medium
|
|
UNINTENDED_GLOBAL:
|
|
reliability: medium
|
|
OS_CMD_INJECTION:
|
|
reliability: medium
|
|
XSS:
|
|
reliability: medium
|
|
WEAK_PASSWORD_HASH:
|
|
reliability: medium
|
|
UNSAFE_DESERIALIZATION:
|
|
reliability: medium
|
|
OPEN_REDIRECT:
|
|
reliability: medium
|
|
CSRF:
|
|
reliability: medium
|
|
UNSAFE_REFLECTION:
|
|
reliability: medium
|
|
BLACKLIST_FOR_AUTHN:
|
|
reliability: medium
|
|
DYNAMIC_OBJECT_ATTRIBUTES:
|
|
reliability: medium
|
|
RAILS_DEFAULT_ROUTES:
|
|
reliability: medium
|
|
RAILS_DEVISE_CONFIG:
|
|
reliability: medium
|
|
RAILS_MISSING_FILTER_ACTION:
|
|
reliability: medium
|
|
REGEX_MISSING_ANCHOR:
|
|
reliability: medium
|
|
RUBY_VULNERABLE_LIBRARY:
|
|
reliability: medium
|
|
SESSION_MANIPULATION:
|
|
reliability: medium
|
|
UNSAFE_BASIC_AUTH:
|
|
reliability: medium
|
|
UNSAFE_SESSION_SETTING:
|
|
reliability: medium
|
|
XPATH_INJECTION:
|
|
reliability: medium
|
|
RISKY_CRYPTO:
|
|
reliability: medium
|
|
UNENCRYPTED_SENSITIVE_DATA:
|
|
reliability: medium
|
|
XML_EXTERNAL_ENTITY:
|
|
reliability: medium
|
|
CONFIG.ATS_INSECURE:
|
|
reliability: medium
|
|
CUSTOM_KEYBOARD_DATA_LEAK:
|
|
reliability: medium
|
|
INSECURE_COMMUNICATION:
|
|
reliability: medium
|
|
INSECURE_MULTIPEER_CONNECTION:
|
|
reliability: medium
|
|
WEAK_BIOMETRIC_AUTH:
|
|
reliability: medium
|
|
BUFFER_SIZE:
|
|
reliability: high
|
|
CHROOT:
|
|
reliability: medium
|
|
DC.PREDICTABLE_KEY_PASSWORD:
|
|
reliability: medium
|
|
publish: !!bool no
|
|
DC.STREAM_BUFFER:
|
|
reliability: medium
|
|
publish: !!bool no
|
|
DC.WEAK_CRYPTO:
|
|
reliability: low
|
|
publish: !!bool no
|
|
OPEN_ARGS:
|
|
reliability: medium
|
|
STRING_NULL:
|
|
reliability: medium
|
|
STRING_OVERFLOW:
|
|
reliability: low
|
|
STRING_SIZE:
|
|
reliability: medium
|
|
TAINTED_SCALAR:
|
|
reliability: low
|
|
TAINTED_STRING:
|
|
reliability: medium
|
|
TOCTOU:
|
|
reliability: low
|
|
SECURE_TEMP:
|
|
reliability: medium
|
|
UNSAFE_XML_PARSE_CONFIG:
|
|
reliability: medium
|
|
ATOMICITY:
|
|
reliability: medium
|
|
LOCK:
|
|
reliability: medium
|
|
MISSING_LOCK:
|
|
reliability: medium
|
|
ORDER_REVERSAL:
|
|
reliability: medium
|
|
SLEEP:
|
|
reliability: medium
|
|
ASSIGN_NOT_RETURNING_STAR_THIS:
|
|
reliability: medium
|
|
COPY_WITHOUT_ASSIGN:
|
|
reliability: medium
|
|
MISSING_COPY_OR_ASSIGN:
|
|
reliability: medium
|
|
SELF_ASSIGN:
|
|
reliability: medium
|
|
WEAK_GUARD:
|
|
reliability: medium
|
|
AUDIT.SPECULATIVE_EXECUTION_DATA_LEAK:
|
|
reliability: medium
|
|
DC.STRING_BUFFER:
|
|
reliability: medium
|
|
publish: !!bool no
|
|
ENUM_AS_BOOLEAN:
|
|
reliability: medium
|
|
INTEGER_OVERFLOW:
|
|
reliability: low
|
|
MISRA_CAST:
|
|
reliability: medium
|
|
MIXED_ENUMS:
|
|
reliability: low
|
|
STACK_USE:
|
|
reliability: medium
|
|
USER_POINTER:
|
|
reliability: medium
|
|
PARSE_ERROR:
|
|
reliability: low
|
|
FLOATING_POINT_EQUALITY:
|
|
reliability: medium
|
|
ORM_LOST_UPDATE:
|
|
reliability: medium
|
|
HFA:
|
|
reliability: medium
|
|
COM.ADDROF_LEAK:
|
|
reliability: medium
|
|
COM.BSTR.ALLOC:
|
|
reliability: medium
|
|
COM.BSTR.BAD_COMPARE:
|
|
reliability: medium
|
|
COM.BSTR.NE_NON_BSTR:
|
|
reliability: medium
|
|
VCALL_IN_CTOR_DTOR:
|
|
reliability: medium
|
|
INSECURE_DIRECT_OBJECT_REFERENCE:
|
|
reliability: medium
|
|
UNESCAPED_HTML:
|
|
reliability: medium
|
|
SECURE_CODING:
|
|
reliability: medium
|
|
publish: !!bool no
|
|
SIZECHECK:
|
|
reliability: medium
|
|
MISSING_AUTHZ:
|
|
reliability: medium
|
|
NOSQL_QUERY_INJECTION:
|
|
reliability: medium
|
|
HEADER_INJECTION:
|
|
reliability: medium
|
|
INSECURE_RANDOM:
|
|
reliability: medium
|
|
CONFIG.DYNAMIC_DATA_HTML_COMMENT:
|
|
reliability: medium
|
|
LDAP_INJECTION:
|
|
reliability: medium
|
|
UNLOGGED_SECURITY_EXCEPTION:
|
|
reliability: medium
|
|
UNRESTRICTED_DISPATCH:
|
|
reliability: medium
|
|
UNSAFE_NAMED_QUERY:
|
|
reliability: medium
|
|
TAINT_ASSERT:
|
|
reliability: medium
|
|
UNKNOWN_LANGUAGE_INJECTION:
|
|
reliability: medium
|
|
URL_MANIPULATION:
|
|
reliability: medium
|
|
TAINTED_ENVIRONMENT_WITH_EXECUTION:
|
|
reliability: medium
|
|
ASPNET_MVC_VERSION_HEADER:
|
|
reliability: medium
|
|
CONFIG.ASPNET_VERSION_HEADER:
|
|
reliability: medium
|
|
CONFIG.ASP_VIEWSTATE_MAC:
|
|
reliability: medium
|
|
CONFIG.CONNECTION_STRING_PASSWORD:
|
|
reliability: medium
|
|
CONFIG.COOKIES_MISSING_HTTPONLY:
|
|
reliability: medium
|
|
CONFIG.DEAD_AUTHORIZATION_RULE:
|
|
reliability: medium
|
|
CONFIG.ENABLED_DEBUG_MODE:
|
|
reliability: medium
|
|
CONFIG.ENABLED_TRACE_MODE:
|
|
reliability: medium
|
|
CONFIG.MISSING_CUSTOM_ERROR_PAGE:
|
|
reliability: medium
|
|
PREDICTABLE_RANDOM_SEED:
|
|
reliability: medium
|
|
ATTRIBUTE_NAME_CONFLICT:
|
|
reliability: medium
|
|
CONFIG.DUPLICATE_SERVLET_DEFINITION:
|
|
reliability: medium
|
|
CONFIG.DWR_DEBUG_MODE:
|
|
reliability: medium
|
|
CONFIG.HTTP_VERB_TAMPERING:
|
|
reliability: medium
|
|
CONFIG.JAVAEE_MISSING_HTTPONLY:
|
|
reliability: medium
|
|
CONFIG.MISSING_GLOBAL_EXCEPTION_HANDLER:
|
|
reliability: medium
|
|
CONFIG.MISSING_JSF2_SECURITY_CONSTRAINT:
|
|
reliability: medium
|
|
CONFIG.SPRING_SECURITY_DEBUG_MODE:
|
|
reliability: medium
|
|
CONFIG.SPRING_SECURITY_DISABLE_AUTH_TAGS:
|
|
reliability: medium
|
|
CONFIG.SPRING_SECURITY_HARDCODED_CREDENTIALS:
|
|
reliability: medium
|
|
CONFIG.SPRING_SECURITY_REMEMBER_ME_HARDCODED_KEY:
|
|
reliability: medium
|
|
CONFIG.SPRING_SECURITY_SESSION_FIXATION:
|
|
reliability: medium
|
|
CONFIG.STRUTS2_CONFIG_BROWSER_PLUGIN:
|
|
reliability: medium
|
|
CONFIG.STRUTS2_DYNAMIC_METHOD_INVOCATION:
|
|
reliability: medium
|
|
CONFIG.STRUTS2_ENABLED_DEV_MODE:
|
|
reliability: medium
|
|
CONFIG.UNSAFE_SESSION_TIMEOUT:
|
|
reliability: medium
|
|
EL_INJECTION:
|
|
reliability: medium
|
|
JAVA_CODE_INJECTION:
|
|
reliability: medium
|
|
JCR_INJECTION:
|
|
reliability: medium
|
|
JSP_DYNAMIC_INCLUDE:
|
|
reliability: medium
|
|
JSP_SQL_INJECTION:
|
|
reliability: medium
|
|
OGNL_INJECTION:
|
|
reliability: medium
|
|
SESSION_FIXATION:
|
|
reliability: medium
|
|
TRUST_BOUNDARY_VIOLATION:
|
|
reliability: medium
|
|
UNSAFE_JNI:
|
|
reliability: medium
|
|
CONFIG.HANA_XS_PREVENT_XSRF_DISABLED:
|
|
reliability: medium
|
|
CONFIG.SEQUELIZE_ENABLED_LOGGING:
|
|
reliability: medium
|
|
COOKIE_INJECTION:
|
|
reliability: medium
|
|
CSS_INJECTION:
|
|
reliability: medium
|
|
DOM_XSS:
|
|
reliability: medium
|
|
INSECURE_SALT:
|
|
reliability: medium
|
|
INSUFFICIENT_LOGGING:
|
|
reliability: medium
|
|
LOCALSTORAGE_MANIPULATION:
|
|
reliability: medium
|
|
MISSING_IFRAME_SANDBOX:
|
|
reliability: medium
|
|
SESSIONSTORAGE_MANIPULATION:
|
|
reliability: medium
|
|
TEMPLATE_INJECTION:
|
|
reliability: medium
|
|
UNCHECKED_ORIGIN:
|
|
reliability: medium
|
|
UNRESTRICTED_MESSAGE_TARGET:
|
|
reliability: medium
|
|
ANGULAR_EXPRESSION_INJECTION:
|
|
reliability: medium
|
|
CONFIG.SYMFONY_CSRF_PROTECTION_DISABLED:
|
|
reliability: medium
|
|
SYMFONY_EL_INJECTION:
|
|
reliability: medium
|
|
LOG_INJECTION:
|
|
reliability: medium
|
|
SQL_NOT_CONSTANT:
|
|
reliability: medium
|
|
XML_INJECTION:
|
|
reliability: medium
|
|
INSECURE_COOKIE:
|
|
reliability: medium
|
|
ANGULAR_BYPASS_SECURITY:
|
|
reliability: medium
|
|
ANGULAR_ELEMENT_REFERENCE:
|
|
reliability: medium
|
|
LOCALSTORAGE_WRITE:
|
|
reliability: medium
|
|
ANDROID_CAPABILITY_LEAK:
|
|
reliability: medium
|
|
ANDROID_DEBUG_MODE:
|
|
reliability: medium
|
|
EXPOSED_PREFERENCES:
|
|
reliability: medium
|
|
IMPLICIT_INTENT:
|
|
reliability: medium
|
|
MISSING_PERMISSION_FOR_BROADCAST:
|
|
reliability: medium
|
|
MISSING_PERMISSION_ON_EXPORTED_COMPONENT:
|
|
reliability: medium
|
|
MOBILE_ID_MISUSE:
|
|
reliability: medium
|
|
UNRESTRICTED_ACCESS_TO_FILE:
|
|
reliability: medium
|