Add directory with Coverity stuff, uploaded modeling file

DOMjudge · Sep 17, 2024 · f30e6d3 · f30e6d3
1 parent 6a70aa0
commit f30e6d3
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 0 deletions.
diff --git a/coverity/README.md b/coverity/README.md
@@ -0,0 +1,12 @@
+# Coverity settings/configuration
+
+We use Coverity scan for static code analysis. This directory contains
+[configuration](https://scan.coverity.com/projects/domjudge?tab=analysis_settings)
+that has also been uploaded toCoverity, but is also stored here for
+visibility and tracking.
+
+The file `modeling.c` is used to explicitly tell the analysis engine
+which code paths terminate execution and related things.
+
+The file `components.csv` lists which components we have configured
+and whether they are ignored (for external code) in the analysis.
diff --git a/coverity/components.tsv b/coverity/components.tsv
@@ -0,0 +1,7 @@
+Component name	Pattern	Ignore in analysis
+Included standard libraries	/usr/include/.*	Yes
+External JS libraries	/webapp/web/js/(ace/.*|flot/.*|jquery\..*\.js)	No
+Generated cache files in var	/webapp/var/cache/.*	Yes
+Generated doc build files	/doc/manual/build/.*	Yes
+Symfony external resources	/webapp/resources/.*	Yes
+External PHP libraries	/webapp/vendor/.*	Yes
diff --git a/coverity/modeling.c b/coverity/modeling.c
@@ -0,0 +1,8 @@
+/* To be uploaded to scan.coverity.com as modeling file to exclude
+ * false positives because it does not detect that error() always
+ * terminates the program.
+ */
+
+void error(int errnum, const char *format, ...) {
+	__coverity_panic__();
+}