gecko-dev/tools/coverity/config.yaml

508 строки
12 KiB
YAML

---
# It is used by 'mach static-analysis check-coverity' and
# 'phabricator static-analysis bot', on automation, in order to determine
# how prone to false-positive a checker is.
#
# In order to update this file please do the following:
# 1. Obtain the coverity-analysis package.
# 2. Run cov-analyze `./cov-analyze --list-checkers.
# 3. Add the new checker(s) from step 2. to the list.
# 4. Depending on the reliability of the checker please set `reliability` field,
# otherwise `medium` will be used as an reliability index.
coverity_checkers:
COPY_PASTE_ERROR:
reliability: low
DEADCODE:
reliability: low
FORWARD_NULL:
reliability: high
IDENTICAL_BRANCHES:
reliability: high
CONSTANT_EXPRESSION_RESULT:
reliability: high
UNREACHABLE:
reliability: low
REVERSE_INULL:
reliability: high
UNEXPECTED_CONTROL_FLOW:
reliability: medium
NESTING_INDENT_MISMATCH:
reliability: high
STRAY_SEMICOLON:
reliability: medium
RESOURCE_LEAK:
reliability: medium
NULL_RETURNS:
reliability: medium
DIVIDE_BY_ZERO:
reliability: medium
OVERFLOW_BEFORE_WIDEN:
reliability: high
UNINTENDED_INTEGER_DIVISION:
reliability: medium
SWAPPED_ARGUMENTS:
reliability: low
NO_EFFECT:
reliability: medium
BAD_SHIFT:
reliability: low
INFINITE_LOOP:
reliability: medium
MISSING_RESTORE:
reliability: low
UNUSED_VALUE:
reliability: medium
USELESS_CALL:
reliability: low
MISSING_BREAK:
reliability: low
CHECKED_RETURN:
reliability: low
PROPERTY_MIXUP:
reliability: medium
CALL_SUPER:
reliability: medium
IDENTIFIER_TYPO:
reliability: medium
USE_AFTER_FREE:
reliability: low
ALLOC_FREE_MISMATCH:
reliability: medium
ARRAY_VS_SINGLETON:
reliability: low
ASSERT_SIDE_EFFECT:
reliability: medium
BAD_ALLOC_ARITHMETIC:
reliability: medium
BAD_ALLOC_STRLEN:
reliability: medium
BAD_COMPARE:
reliability: medium
BAD_FREE:
reliability: medium
BAD_SIZEOF:
reliability: medium
CHAR_IO:
reliability: low
EVALUATION_ORDER:
reliability: medium
INCOMPATIBLE_CAST:
reliability: medium
MISSING_COMMA:
reliability: high
MISSING_RETURN:
reliability: medium
NEGATIVE_RETURNS:
reliability: low
OVERRUN:
reliability: low
PASS_BY_VALUE:
reliability: high
PRINTF_ARGS:
reliability: medium
READLINK:
reliability: medium
RETURN_LOCAL:
reliability: low
REVERSE_NEGATIVE:
reliability: medium
SIGN_EXTENSION:
reliability: low
SIZEOF_MISMATCH:
reliability: low
UNINIT:
reliability: high
VARARGS:
reliability: medium
INVALIDATE_ITERATOR:
reliability: medium
BAD_LOCK_OBJECT:
reliability: medium
GUARDED_BY_VIOLATION:
reliability: medium
LOCK_EVASION:
reliability: medium
MISSING_THROW:
reliability: medium
NON_STATIC_GUARDING_STATIC:
reliability: medium
VOLATILE_ATOMICITY:
reliability: medium
OVERLAPPING_COPY:
reliability: medium
BAD_OVERRIDE:
reliability: medium
CTOR_DTOR_LEAK:
reliability: low
DELETE_ARRAY:
reliability: low
DELETE_VOID:
reliability: medium
MISMATCHED_ITERATOR:
reliability: medium
MISSING_MOVE_ASSIGNMENT:
reliability: low
STREAM_FORMAT_STATE:
reliability: medium
UNCAUGHT_EXCEPT:
reliability: medium
UNINIT_CTOR:
reliability: high
VIRTUAL_DTOR:
reliability: medium
WRAPPER_ESCAPE:
reliability: low
BAD_EQ:
reliability: medium
BAD_EQ_TYPES:
reliability: medium
LOCK_INVERSION:
reliability: medium
BAD_CHECK_OF_WAIT_COND:
reliability: medium
DC.DANGEROUS:
reliability: medium
DC.DEADLOCK:
reliability: medium
HIBERNATE_BAD_HASHCODE:
reliability: medium
ORM_LOAD_NULL_CHECK:
reliability: medium
ORM_UNNECESSARY_GET:
reliability: medium
REGEX_CONFUSION:
reliability: medium
SERVLET_ATOMICITY:
reliability: medium
SINGLETON_RACE:
reliability: medium
WRONG_METHOD:
reliability: medium
PATH_MANIPULATION:
reliability: medium
SQLI:
reliability: medium
HARDCODED_CREDENTIALS:
reliability: medium
SENSITIVE_DATA_LEAK:
reliability: medium
SCRIPT_CODE_INJECTION:
reliability: medium
REGEX_INJECTION:
reliability: medium
BAD_CERT_VERIFICATION:
reliability: medium
COM.BAD_FREE:
reliability: medium
COM.BSTR.CONV:
reliability: medium
EXPLICIT_THIS_EXPECTED:
reliability: medium
UNINTENDED_GLOBAL:
reliability: medium
OS_CMD_INJECTION:
reliability: medium
XSS:
reliability: medium
WEAK_PASSWORD_HASH:
reliability: medium
UNSAFE_DESERIALIZATION:
reliability: medium
OPEN_REDIRECT:
reliability: medium
CSRF:
reliability: medium
UNSAFE_REFLECTION:
reliability: medium
BLACKLIST_FOR_AUTHN:
reliability: medium
DYNAMIC_OBJECT_ATTRIBUTES:
reliability: medium
RAILS_DEFAULT_ROUTES:
reliability: medium
RAILS_DEVISE_CONFIG:
reliability: medium
RAILS_MISSING_FILTER_ACTION:
reliability: medium
REGEX_MISSING_ANCHOR:
reliability: medium
RUBY_VULNERABLE_LIBRARY:
reliability: medium
SESSION_MANIPULATION:
reliability: medium
UNSAFE_BASIC_AUTH:
reliability: medium
UNSAFE_SESSION_SETTING:
reliability: medium
XPATH_INJECTION:
reliability: medium
RISKY_CRYPTO:
reliability: medium
UNENCRYPTED_SENSITIVE_DATA:
reliability: medium
XML_EXTERNAL_ENTITY:
reliability: medium
CONFIG.ATS_INSECURE:
reliability: medium
CUSTOM_KEYBOARD_DATA_LEAK:
reliability: medium
INSECURE_COMMUNICATION:
reliability: medium
INSECURE_MULTIPEER_CONNECTION:
reliability: medium
WEAK_BIOMETRIC_AUTH:
reliability: medium
BUFFER_SIZE:
reliability: high
CHROOT:
reliability: medium
DC.PREDICTABLE_KEY_PASSWORD:
reliability: medium
publish: !!bool no
DC.STREAM_BUFFER:
reliability: medium
publish: !!bool no
DC.WEAK_CRYPTO:
reliability: low
publish: !!bool no
OPEN_ARGS:
reliability: medium
STRING_NULL:
reliability: medium
STRING_OVERFLOW:
reliability: low
STRING_SIZE:
reliability: medium
TAINTED_SCALAR:
reliability: low
TAINTED_STRING:
reliability: medium
TOCTOU:
reliability: low
SECURE_TEMP:
reliability: medium
UNSAFE_XML_PARSE_CONFIG:
reliability: medium
ATOMICITY:
reliability: medium
LOCK:
reliability: medium
MISSING_LOCK:
reliability: medium
ORDER_REVERSAL:
reliability: medium
SLEEP:
reliability: medium
ASSIGN_NOT_RETURNING_STAR_THIS:
reliability: medium
COPY_WITHOUT_ASSIGN:
reliability: medium
MISSING_COPY_OR_ASSIGN:
reliability: medium
SELF_ASSIGN:
reliability: medium
WEAK_GUARD:
reliability: medium
AUDIT.SPECULATIVE_EXECUTION_DATA_LEAK:
reliability: medium
DC.STRING_BUFFER:
reliability: medium
publish: !!bool no
ENUM_AS_BOOLEAN:
reliability: medium
INTEGER_OVERFLOW:
reliability: low
MISRA_CAST:
reliability: medium
MIXED_ENUMS:
reliability: low
STACK_USE:
reliability: medium
USER_POINTER:
reliability: medium
PARSE_ERROR:
reliability: low
FLOATING_POINT_EQUALITY:
reliability: medium
ORM_LOST_UPDATE:
reliability: medium
HFA:
reliability: medium
COM.ADDROF_LEAK:
reliability: medium
COM.BSTR.ALLOC:
reliability: medium
COM.BSTR.BAD_COMPARE:
reliability: medium
COM.BSTR.NE_NON_BSTR:
reliability: medium
VCALL_IN_CTOR_DTOR:
reliability: medium
INSECURE_DIRECT_OBJECT_REFERENCE:
reliability: medium
UNESCAPED_HTML:
reliability: medium
SECURE_CODING:
reliability: medium
publish: !!bool no
SIZECHECK:
reliability: medium
MISSING_AUTHZ:
reliability: medium
NOSQL_QUERY_INJECTION:
reliability: medium
HEADER_INJECTION:
reliability: medium
INSECURE_RANDOM:
reliability: medium
CONFIG.DYNAMIC_DATA_HTML_COMMENT:
reliability: medium
LDAP_INJECTION:
reliability: medium
UNLOGGED_SECURITY_EXCEPTION:
reliability: medium
UNRESTRICTED_DISPATCH:
reliability: medium
UNSAFE_NAMED_QUERY:
reliability: medium
TAINT_ASSERT:
reliability: medium
UNKNOWN_LANGUAGE_INJECTION:
reliability: medium
URL_MANIPULATION:
reliability: medium
TAINTED_ENVIRONMENT_WITH_EXECUTION:
reliability: medium
ASPNET_MVC_VERSION_HEADER:
reliability: medium
CONFIG.ASPNET_VERSION_HEADER:
reliability: medium
CONFIG.ASP_VIEWSTATE_MAC:
reliability: medium
CONFIG.CONNECTION_STRING_PASSWORD:
reliability: medium
CONFIG.COOKIES_MISSING_HTTPONLY:
reliability: medium
CONFIG.DEAD_AUTHORIZATION_RULE:
reliability: medium
CONFIG.ENABLED_DEBUG_MODE:
reliability: medium
CONFIG.ENABLED_TRACE_MODE:
reliability: medium
CONFIG.MISSING_CUSTOM_ERROR_PAGE:
reliability: medium
PREDICTABLE_RANDOM_SEED:
reliability: medium
ATTRIBUTE_NAME_CONFLICT:
reliability: medium
CONFIG.DUPLICATE_SERVLET_DEFINITION:
reliability: medium
CONFIG.DWR_DEBUG_MODE:
reliability: medium
CONFIG.HTTP_VERB_TAMPERING:
reliability: medium
CONFIG.JAVAEE_MISSING_HTTPONLY:
reliability: medium
CONFIG.MISSING_GLOBAL_EXCEPTION_HANDLER:
reliability: medium
CONFIG.MISSING_JSF2_SECURITY_CONSTRAINT:
reliability: medium
CONFIG.SPRING_SECURITY_DEBUG_MODE:
reliability: medium
CONFIG.SPRING_SECURITY_DISABLE_AUTH_TAGS:
reliability: medium
CONFIG.SPRING_SECURITY_HARDCODED_CREDENTIALS:
reliability: medium
CONFIG.SPRING_SECURITY_REMEMBER_ME_HARDCODED_KEY:
reliability: medium
CONFIG.SPRING_SECURITY_SESSION_FIXATION:
reliability: medium
CONFIG.STRUTS2_CONFIG_BROWSER_PLUGIN:
reliability: medium
CONFIG.STRUTS2_DYNAMIC_METHOD_INVOCATION:
reliability: medium
CONFIG.STRUTS2_ENABLED_DEV_MODE:
reliability: medium
CONFIG.UNSAFE_SESSION_TIMEOUT:
reliability: medium
EL_INJECTION:
reliability: medium
JAVA_CODE_INJECTION:
reliability: medium
JCR_INJECTION:
reliability: medium
JSP_DYNAMIC_INCLUDE:
reliability: medium
JSP_SQL_INJECTION:
reliability: medium
OGNL_INJECTION:
reliability: medium
SESSION_FIXATION:
reliability: medium
TRUST_BOUNDARY_VIOLATION:
reliability: medium
UNSAFE_JNI:
reliability: medium
CONFIG.HANA_XS_PREVENT_XSRF_DISABLED:
reliability: medium
CONFIG.SEQUELIZE_ENABLED_LOGGING:
reliability: medium
COOKIE_INJECTION:
reliability: medium
CSS_INJECTION:
reliability: medium
DOM_XSS:
reliability: medium
INSECURE_SALT:
reliability: medium
INSUFFICIENT_LOGGING:
reliability: medium
LOCALSTORAGE_MANIPULATION:
reliability: medium
MISSING_IFRAME_SANDBOX:
reliability: medium
SESSIONSTORAGE_MANIPULATION:
reliability: medium
TEMPLATE_INJECTION:
reliability: medium
UNCHECKED_ORIGIN:
reliability: medium
UNRESTRICTED_MESSAGE_TARGET:
reliability: medium
ANGULAR_EXPRESSION_INJECTION:
reliability: medium
CONFIG.SYMFONY_CSRF_PROTECTION_DISABLED:
reliability: medium
SYMFONY_EL_INJECTION:
reliability: medium
LOG_INJECTION:
reliability: medium
SQL_NOT_CONSTANT:
reliability: medium
XML_INJECTION:
reliability: medium
INSECURE_COOKIE:
reliability: medium
ANGULAR_BYPASS_SECURITY:
reliability: medium
ANGULAR_ELEMENT_REFERENCE:
reliability: medium
LOCALSTORAGE_WRITE:
reliability: medium
ANDROID_CAPABILITY_LEAK:
reliability: medium
ANDROID_DEBUG_MODE:
reliability: medium
EXPOSED_PREFERENCES:
reliability: medium
IMPLICIT_INTENT:
reliability: medium
MISSING_PERMISSION_FOR_BROADCAST:
reliability: medium
MISSING_PERMISSION_ON_EXPORTED_COMPONENT:
reliability: medium
MOBILE_ID_MISUSE:
reliability: medium
UNRESTRICTED_ACCESS_TO_FILE:
reliability: medium