Adding upstream version 86.0.1.upstream/86.0.1upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 508 insertions, 0 deletions

diff --git a/tools/coverity/config.yaml b/tools/coverity/config.yaml
new file mode 100644
index 0000000000..b5fbfc5ae2
--- /dev/null
+++ b/tools/coverity/config.yaml
@@ -0,0 +1,508 @@
+---
+# It is used by 'mach static-analysis check-coverity' and
+# 'phabricator static-analysis bot', on automation, in order to determine
+# how prone to false-positive a checker is.
+#
+# In order to update this file please do the following:
+# 1. Obtain the coverity-analysis package.
+# 2. Run cov-analyze `./cov-analyze --list-checkers.
+# 3. Add the new checker(s) from step 2. to the list.
+# 4. Depending on the reliability of the checker please set `reliability` field,
+#    otherwise `medium` will be used as an reliability index.
+coverity_checkers:
+  COPY_PASTE_ERROR:
+    reliability: low
+  DEADCODE:
+    reliability: low
+  FORWARD_NULL:
+    reliability: high
+  IDENTICAL_BRANCHES:
+    reliability: high
+  CONSTANT_EXPRESSION_RESULT:
+    reliability: high
+  UNREACHABLE:
+    reliability: low
+  REVERSE_INULL:
+    reliability: high
+  UNEXPECTED_CONTROL_FLOW:
+    reliability: medium
+  NESTING_INDENT_MISMATCH:
+    reliability: high
+  STRAY_SEMICOLON:
+    publish: false
+    reliability: medium
+  RESOURCE_LEAK:
+    reliability: medium
+  NULL_RETURNS:
+    reliability: medium
+  DIVIDE_BY_ZERO:
+    reliability: medium
+  OVERFLOW_BEFORE_WIDEN:
+    reliability: high
+  UNINTENDED_INTEGER_DIVISION:
+    reliability: medium
+  SWAPPED_ARGUMENTS:
+    reliability: low
+  NO_EFFECT:
+    reliability: medium
+  BAD_SHIFT:
+    reliability: low
+  INFINITE_LOOP:
+    reliability: medium
+  MISSING_RESTORE:
+    reliability: low
+  UNUSED_VALUE:
+    reliability: medium
+  USELESS_CALL:
+    reliability: low
+  MISSING_BREAK:
+    reliability: low
+  CHECKED_RETURN:
+    reliability: low
+  PROPERTY_MIXUP:
+    reliability: medium
+  CALL_SUPER:
+    reliability: medium
+  IDENTIFIER_TYPO:
+    reliability: medium
+  USE_AFTER_FREE:
+    reliability: low
+  ALLOC_FREE_MISMATCH:
+    reliability: medium
+  ARRAY_VS_SINGLETON:
+    reliability: low
+  ASSERT_SIDE_EFFECT:
+    reliability: medium
+  BAD_ALLOC_ARITHMETIC:
+    reliability: medium
+  BAD_ALLOC_STRLEN:
+    reliability: medium
+  BAD_COMPARE:
+    reliability: medium
+  BAD_FREE:
+    reliability: medium
+  BAD_SIZEOF:
+    reliability: medium
+  CHAR_IO:
+    reliability: low
+  EVALUATION_ORDER:
+    reliability: medium
+  INCOMPATIBLE_CAST:
+    reliability: medium
+  MISSING_COMMA:
+    reliability: high
+  MISSING_RETURN:
+    reliability: medium
+  NEGATIVE_RETURNS:
+    reliability: low
+  OVERRUN:
+    reliability: low
+  PASS_BY_VALUE:
+    reliability: high
+  PRINTF_ARGS:
+    reliability: medium
+  READLINK:
+    reliability: medium
+  RETURN_LOCAL:
+    reliability: low
+  REVERSE_NEGATIVE:
+    reliability: medium
+  SIGN_EXTENSION:
+    reliability: low
+  SIZEOF_MISMATCH:
+    reliability: low
+  UNINIT:
+    reliability: high
+  VARARGS:
+    reliability: medium
+  INVALIDATE_ITERATOR:
+    reliability: medium
+  BAD_LOCK_OBJECT:
+    reliability: medium
+  GUARDED_BY_VIOLATION:
+    reliability: medium
+  LOCK_EVASION:
+    reliability: medium
+  MISSING_THROW:
+    reliability: medium
+  NON_STATIC_GUARDING_STATIC:
+    reliability: medium
+  VOLATILE_ATOMICITY:
+    reliability: medium
+  OVERLAPPING_COPY:
+    reliability: medium
+  BAD_OVERRIDE:
+    reliability: medium
+  CTOR_DTOR_LEAK:
+    reliability: low
+  DELETE_ARRAY:
+    reliability: low
+  DELETE_VOID:
+    reliability: medium
+  MISMATCHED_ITERATOR:
+    reliability: medium
+  MISSING_MOVE_ASSIGNMENT:
+    reliability: low
+  STREAM_FORMAT_STATE:
+    reliability: medium
+  UNCAUGHT_EXCEPT:
+    reliability: medium
+  UNINIT_CTOR:
+    reliability: high
+  VIRTUAL_DTOR:
+    reliability: medium
+  WRAPPER_ESCAPE:
+    reliability: low
+  BAD_EQ:
+    reliability: medium
+  BAD_EQ_TYPES:
+    reliability: medium
+  LOCK_INVERSION:
+    reliability: medium
+  BAD_CHECK_OF_WAIT_COND:
+    reliability: medium
+  DC.DANGEROUS:
+    reliability: medium
+  DC.DEADLOCK:
+    reliability: medium
+  HIBERNATE_BAD_HASHCODE:
+    reliability: medium
+  ORM_LOAD_NULL_CHECK:
+    reliability: medium
+  ORM_UNNECESSARY_GET:
+    reliability: medium
+  REGEX_CONFUSION:
+    reliability: medium
+  SERVLET_ATOMICITY:
+    reliability: medium
+  SINGLETON_RACE:
+    reliability: medium
+  WRONG_METHOD:
+    reliability: medium
+  PATH_MANIPULATION:
+    reliability: medium
+  SQLI:
+    reliability: medium
+  HARDCODED_CREDENTIALS:
+    reliability: medium
+  SENSITIVE_DATA_LEAK:
+    reliability: medium
+  SCRIPT_CODE_INJECTION:
+    reliability: medium
+  REGEX_INJECTION:
+    reliability: medium
+  BAD_CERT_VERIFICATION:
+    reliability: medium
+  COM.BAD_FREE:
+    reliability: medium
+  COM.BSTR.CONV:
+    reliability: medium
+  EXPLICIT_THIS_EXPECTED:
+    reliability: medium
+  UNINTENDED_GLOBAL:
+    reliability: medium
+  OS_CMD_INJECTION:
+    reliability: medium
+  XSS:
+    reliability: medium
+  WEAK_PASSWORD_HASH:
+    reliability: medium
+  UNSAFE_DESERIALIZATION:
+    reliability: medium
+  OPEN_REDIRECT:
+    reliability: medium
+  CSRF:
+    reliability: medium
+  UNSAFE_REFLECTION:
+    reliability: medium
+  BLACKLIST_FOR_AUTHN:
+    reliability: medium
+  DYNAMIC_OBJECT_ATTRIBUTES:
+    reliability: medium
+  RAILS_DEFAULT_ROUTES:
+    reliability: medium
+  RAILS_DEVISE_CONFIG:
+    reliability: medium
+  RAILS_MISSING_FILTER_ACTION:
+    reliability: medium
+  REGEX_MISSING_ANCHOR:
+    reliability: medium
+  RUBY_VULNERABLE_LIBRARY:
+    reliability: medium
+  SESSION_MANIPULATION:
+    reliability: medium
+  UNSAFE_BASIC_AUTH:
+    reliability: medium
+  UNSAFE_SESSION_SETTING:
+    reliability: medium
+  XPATH_INJECTION:
+    reliability: medium
+  RISKY_CRYPTO:
+    reliability: medium
+  UNENCRYPTED_SENSITIVE_DATA:
+    reliability: medium
+  XML_EXTERNAL_ENTITY:
+    reliability: medium
+  CONFIG.ATS_INSECURE:
+    reliability: medium
+  CUSTOM_KEYBOARD_DATA_LEAK:
+    reliability: medium
+  INSECURE_COMMUNICATION:
+    reliability: medium
+  INSECURE_MULTIPEER_CONNECTION:
+    reliability: medium
+  WEAK_BIOMETRIC_AUTH:
+    reliability: medium
+  BUFFER_SIZE:
+    reliability: high
+  CHROOT:
+    reliability: medium
+  DC.PREDICTABLE_KEY_PASSWORD:
+    reliability: medium
+    publish: !!bool no
+  DC.STREAM_BUFFER:
+    reliability: medium
+    publish: !!bool no
+  DC.WEAK_CRYPTO:
+    reliability: low
+    publish: !!bool no
+  OPEN_ARGS:
+    reliability: medium
+  STRING_NULL:
+    reliability: medium
+  STRING_OVERFLOW:
+    reliability: low
+  STRING_SIZE:
+    reliability: medium
+  TAINTED_SCALAR:
+    reliability: low
+  TAINTED_STRING:
+    reliability: medium
+  TOCTOU:
+    reliability: low
+  SECURE_TEMP:
+    reliability: medium
+  UNSAFE_XML_PARSE_CONFIG:
+    reliability: medium
+  ATOMICITY:
+    reliability: medium
+  LOCK:
+    reliability: medium
+  MISSING_LOCK:
+    reliability: medium
+  ORDER_REVERSAL:
+    reliability: medium
+  SLEEP:
+    reliability: medium
+  ASSIGN_NOT_RETURNING_STAR_THIS:
+    reliability: medium
+  COPY_WITHOUT_ASSIGN:
+    reliability: medium
+  MISSING_COPY_OR_ASSIGN:
+    reliability: medium
+  SELF_ASSIGN:
+    reliability: medium
+  WEAK_GUARD:
+    reliability: medium
+  AUDIT.SPECULATIVE_EXECUTION_DATA_LEAK:
+    reliability: medium
+  DC.STRING_BUFFER:
+    reliability: medium
+    publish: !!bool no
+  ENUM_AS_BOOLEAN:
+    reliability: medium
+  INTEGER_OVERFLOW:
+    reliability: low
+  MISRA_CAST:
+    reliability: medium
+  MIXED_ENUMS:
+    reliability: low
+  STACK_USE:
+    reliability: medium
+  USER_POINTER:
+    reliability: medium
+  PARSE_ERROR:
+    reliability: low
+  FLOATING_POINT_EQUALITY:
+    reliability: medium
+  ORM_LOST_UPDATE:
+    reliability: medium
+  HFA:
+    reliability: medium
+  COM.ADDROF_LEAK:
+    reliability: medium
+  COM.BSTR.ALLOC:
+    reliability: medium
+  COM.BSTR.BAD_COMPARE:
+    reliability: medium
+  COM.BSTR.NE_NON_BSTR:
+    reliability: medium
+  VCALL_IN_CTOR_DTOR:
+    reliability: medium
+  INSECURE_DIRECT_OBJECT_REFERENCE:
+    reliability: medium
+  UNESCAPED_HTML:
+    reliability: medium
+  SECURE_CODING:
+    reliability: medium
+    publish: !!bool no
+  SIZECHECK:
+    reliability: medium
+  MISSING_AUTHZ:
+    reliability: medium
+  NOSQL_QUERY_INJECTION:
+    reliability: medium
+  HEADER_INJECTION:
+    reliability: medium
+  INSECURE_RANDOM:
+    reliability: medium
+  CONFIG.DYNAMIC_DATA_HTML_COMMENT:
+    reliability: medium
+  LDAP_INJECTION:
+    reliability: medium
+  UNLOGGED_SECURITY_EXCEPTION:
+    reliability: medium
+  UNRESTRICTED_DISPATCH:
+    reliability: medium
+  UNSAFE_NAMED_QUERY:
+    reliability: medium
+  TAINT_ASSERT:
+    reliability: medium
+  UNKNOWN_LANGUAGE_INJECTION:
+    reliability: medium
+  URL_MANIPULATION:
+    reliability: medium
+  TAINTED_ENVIRONMENT_WITH_EXECUTION:
+    reliability: medium
+  ASPNET_MVC_VERSION_HEADER:
+    reliability: medium
+  CONFIG.ASPNET_VERSION_HEADER:
+    reliability: medium
+  CONFIG.ASP_VIEWSTATE_MAC:
+    reliability: medium
+  CONFIG.CONNECTION_STRING_PASSWORD:
+    reliability: medium
+  CONFIG.COOKIES_MISSING_HTTPONLY:
+    reliability: medium
+  CONFIG.DEAD_AUTHORIZATION_RULE:
+    reliability: medium
+  CONFIG.ENABLED_DEBUG_MODE:
+    reliability: medium
+  CONFIG.ENABLED_TRACE_MODE:
+    reliability: medium
+  CONFIG.MISSING_CUSTOM_ERROR_PAGE:
+    reliability: medium
+  PREDICTABLE_RANDOM_SEED:
+    reliability: medium
+  ATTRIBUTE_NAME_CONFLICT:
+    reliability: medium
+  CONFIG.DUPLICATE_SERVLET_DEFINITION:
+    reliability: medium
+  CONFIG.DWR_DEBUG_MODE:
+    reliability: medium
+  CONFIG.HTTP_VERB_TAMPERING:
+    reliability: medium
+  CONFIG.JAVAEE_MISSING_HTTPONLY:
+    reliability: medium
+  CONFIG.MISSING_GLOBAL_EXCEPTION_HANDLER:
+    reliability: medium
+  CONFIG.MISSING_JSF2_SECURITY_CONSTRAINT:
+    reliability: medium
+  CONFIG.SPRING_SECURITY_DEBUG_MODE:
+    reliability: medium
+  CONFIG.SPRING_SECURITY_DISABLE_AUTH_TAGS:
+    reliability: medium
+  CONFIG.SPRING_SECURITY_HARDCODED_CREDENTIALS:
+    reliability: medium
+  CONFIG.SPRING_SECURITY_REMEMBER_ME_HARDCODED_KEY:
+    reliability: medium
+  CONFIG.SPRING_SECURITY_SESSION_FIXATION:
+    reliability: medium
+  CONFIG.STRUTS2_CONFIG_BROWSER_PLUGIN:
+    reliability: medium
+  CONFIG.STRUTS2_DYNAMIC_METHOD_INVOCATION:
+    reliability: medium
+  CONFIG.STRUTS2_ENABLED_DEV_MODE:
+    reliability: medium
+  CONFIG.UNSAFE_SESSION_TIMEOUT:
+    reliability: medium
+  EL_INJECTION:
+    reliability: medium
+  JAVA_CODE_INJECTION:
+    reliability: medium
+  JCR_INJECTION:
+    reliability: medium
+  JSP_DYNAMIC_INCLUDE:
+    reliability: medium
+  JSP_SQL_INJECTION:
+    reliability: medium
+  OGNL_INJECTION:
+    reliability: medium
+  SESSION_FIXATION:
+    reliability: medium
+  TRUST_BOUNDARY_VIOLATION:
+    reliability: medium
+  UNSAFE_JNI:
+    reliability: medium
+  CONFIG.HANA_XS_PREVENT_XSRF_DISABLED:
+    reliability: medium
+  CONFIG.SEQUELIZE_ENABLED_LOGGING:
+    reliability: medium
+  COOKIE_INJECTION:
+    reliability: medium
+  CSS_INJECTION:
+    reliability: medium
+  DOM_XSS:
+    reliability: medium
+  INSECURE_SALT:
+    reliability: medium
+  INSUFFICIENT_LOGGING:
+    reliability: medium
+  LOCALSTORAGE_MANIPULATION:
+    reliability: medium
+  MISSING_IFRAME_SANDBOX:
+    reliability: medium
+  SESSIONSTORAGE_MANIPULATION:
+    reliability: medium
+  TEMPLATE_INJECTION:
+    reliability: medium
+  UNCHECKED_ORIGIN:
+    reliability: medium
+  UNRESTRICTED_MESSAGE_TARGET:
+    reliability: medium
+  ANGULAR_EXPRESSION_INJECTION:
+    reliability: medium
+  CONFIG.SYMFONY_CSRF_PROTECTION_DISABLED:
+    reliability: medium
+  SYMFONY_EL_INJECTION:
+    reliability: medium
+  LOG_INJECTION:
+    reliability: medium
+  SQL_NOT_CONSTANT:
+    reliability: medium
+  XML_INJECTION:
+    reliability: medium
+  INSECURE_COOKIE:
+    reliability: medium
+  ANGULAR_BYPASS_SECURITY:
+    reliability: medium
+  ANGULAR_ELEMENT_REFERENCE:
+    reliability: medium
+  LOCALSTORAGE_WRITE:
+    reliability: medium
+  ANDROID_CAPABILITY_LEAK:
+    reliability: medium
+  ANDROID_DEBUG_MODE:
+    reliability: medium
+  EXPOSED_PREFERENCES:
+    reliability: medium
+  IMPLICIT_INTENT:
+    reliability: medium
+  MISSING_PERMISSION_FOR_BROADCAST:
+    reliability: medium
+  MISSING_PERMISSION_ON_EXPORTED_COMPONENT:
+    reliability: medium
+  MOBILE_ID_MISUSE:
+    reliability: medium
+  UNRESTRICTED_ACCESS_TO_FILE:
+    reliability: medium