--- # It is used by 'mach static-analysis check-coverity' and # 'phabricator static-analysis bot', on automation, in order to determine # how prone to false-positive a checker is. # # In order to update this file please do the following: # 1. Obtain the coverity-analysis package. # 2. Run cov-analyze `./cov-analyze --list-checkers. # 3. Add the new checker(s) from step 2. to the list. # 4. Depending on the reliability of the checker please set `reliability` field, # otherwise `medium` will be used as an reliability index. coverity_checkers: COPY_PASTE_ERROR: reliability: low DEADCODE: reliability: low FORWARD_NULL: reliability: high IDENTICAL_BRANCHES: reliability: high CONSTANT_EXPRESSION_RESULT: reliability: high UNREACHABLE: reliability: low REVERSE_INULL: reliability: high UNEXPECTED_CONTROL_FLOW: reliability: medium NESTING_INDENT_MISMATCH: reliability: high STRAY_SEMICOLON: publish: false reliability: medium RESOURCE_LEAK: reliability: medium NULL_RETURNS: reliability: medium DIVIDE_BY_ZERO: reliability: medium OVERFLOW_BEFORE_WIDEN: reliability: high UNINTENDED_INTEGER_DIVISION: reliability: medium SWAPPED_ARGUMENTS: reliability: low NO_EFFECT: reliability: medium BAD_SHIFT: reliability: low INFINITE_LOOP: reliability: medium MISSING_RESTORE: reliability: low UNUSED_VALUE: reliability: medium USELESS_CALL: reliability: low MISSING_BREAK: reliability: low CHECKED_RETURN: reliability: low PROPERTY_MIXUP: reliability: medium CALL_SUPER: reliability: medium IDENTIFIER_TYPO: reliability: medium USE_AFTER_FREE: reliability: low ALLOC_FREE_MISMATCH: reliability: medium ARRAY_VS_SINGLETON: reliability: low ASSERT_SIDE_EFFECT: reliability: medium BAD_ALLOC_ARITHMETIC: reliability: medium BAD_ALLOC_STRLEN: reliability: medium BAD_COMPARE: reliability: medium BAD_FREE: reliability: medium BAD_SIZEOF: reliability: medium CHAR_IO: reliability: low EVALUATION_ORDER: reliability: medium INCOMPATIBLE_CAST: reliability: medium MISSING_COMMA: reliability: high MISSING_RETURN: reliability: medium NEGATIVE_RETURNS: reliability: low OVERRUN: reliability: low PASS_BY_VALUE: reliability: high PRINTF_ARGS: reliability: medium READLINK: reliability: medium RETURN_LOCAL: reliability: low REVERSE_NEGATIVE: reliability: medium SIGN_EXTENSION: reliability: low SIZEOF_MISMATCH: reliability: low UNINIT: reliability: high VARARGS: reliability: medium INVALIDATE_ITERATOR: reliability: medium BAD_LOCK_OBJECT: reliability: medium GUARDED_BY_VIOLATION: reliability: medium LOCK_EVASION: reliability: medium MISSING_THROW: reliability: medium NON_STATIC_GUARDING_STATIC: reliability: medium VOLATILE_ATOMICITY: reliability: medium OVERLAPPING_COPY: reliability: medium BAD_OVERRIDE: reliability: medium CTOR_DTOR_LEAK: reliability: low DELETE_ARRAY: reliability: low DELETE_VOID: reliability: medium MISMATCHED_ITERATOR: reliability: medium MISSING_MOVE_ASSIGNMENT: reliability: low STREAM_FORMAT_STATE: reliability: medium UNCAUGHT_EXCEPT: reliability: medium UNINIT_CTOR: reliability: high VIRTUAL_DTOR: reliability: medium WRAPPER_ESCAPE: reliability: low BAD_EQ: reliability: medium BAD_EQ_TYPES: reliability: medium LOCK_INVERSION: reliability: medium BAD_CHECK_OF_WAIT_COND: reliability: medium DC.DANGEROUS: reliability: medium DC.DEADLOCK: reliability: medium HIBERNATE_BAD_HASHCODE: reliability: medium ORM_LOAD_NULL_CHECK: reliability: medium ORM_UNNECESSARY_GET: reliability: medium REGEX_CONFUSION: reliability: medium SERVLET_ATOMICITY: reliability: medium SINGLETON_RACE: reliability: medium WRONG_METHOD: reliability: medium PATH_MANIPULATION: reliability: medium SQLI: reliability: medium HARDCODED_CREDENTIALS: reliability: medium SENSITIVE_DATA_LEAK: reliability: medium SCRIPT_CODE_INJECTION: reliability: medium REGEX_INJECTION: reliability: medium BAD_CERT_VERIFICATION: reliability: medium COM.BAD_FREE: reliability: medium COM.BSTR.CONV: reliability: medium EXPLICIT_THIS_EXPECTED: reliability: medium UNINTENDED_GLOBAL: reliability: medium OS_CMD_INJECTION: reliability: medium XSS: reliability: medium WEAK_PASSWORD_HASH: reliability: medium UNSAFE_DESERIALIZATION: reliability: medium OPEN_REDIRECT: reliability: medium CSRF: reliability: medium UNSAFE_REFLECTION: reliability: medium BLACKLIST_FOR_AUTHN: reliability: medium DYNAMIC_OBJECT_ATTRIBUTES: reliability: medium RAILS_DEFAULT_ROUTES: reliability: medium RAILS_DEVISE_CONFIG: reliability: medium RAILS_MISSING_FILTER_ACTION: reliability: medium REGEX_MISSING_ANCHOR: reliability: medium RUBY_VULNERABLE_LIBRARY: reliability: medium SESSION_MANIPULATION: reliability: medium UNSAFE_BASIC_AUTH: reliability: medium UNSAFE_SESSION_SETTING: reliability: medium XPATH_INJECTION: reliability: medium RISKY_CRYPTO: reliability: medium UNENCRYPTED_SENSITIVE_DATA: reliability: medium XML_EXTERNAL_ENTITY: reliability: medium CONFIG.ATS_INSECURE: reliability: medium CUSTOM_KEYBOARD_DATA_LEAK: reliability: medium INSECURE_COMMUNICATION: reliability: medium INSECURE_MULTIPEER_CONNECTION: reliability: medium WEAK_BIOMETRIC_AUTH: reliability: medium BUFFER_SIZE: reliability: high CHROOT: reliability: medium DC.PREDICTABLE_KEY_PASSWORD: reliability: medium publish: !!bool no DC.STREAM_BUFFER: reliability: medium publish: !!bool no DC.WEAK_CRYPTO: reliability: low publish: !!bool no OPEN_ARGS: reliability: medium STRING_NULL: reliability: medium STRING_OVERFLOW: reliability: low STRING_SIZE: reliability: medium TAINTED_SCALAR: reliability: low TAINTED_STRING: reliability: medium TOCTOU: reliability: low SECURE_TEMP: reliability: medium UNSAFE_XML_PARSE_CONFIG: reliability: medium ATOMICITY: reliability: medium LOCK: reliability: medium MISSING_LOCK: reliability: medium ORDER_REVERSAL: reliability: medium SLEEP: reliability: medium ASSIGN_NOT_RETURNING_STAR_THIS: reliability: medium COPY_WITHOUT_ASSIGN: reliability: medium MISSING_COPY_OR_ASSIGN: reliability: medium SELF_ASSIGN: reliability: medium WEAK_GUARD: reliability: medium AUDIT.SPECULATIVE_EXECUTION_DATA_LEAK: reliability: medium DC.STRING_BUFFER: reliability: medium publish: !!bool no ENUM_AS_BOOLEAN: reliability: medium INTEGER_OVERFLOW: reliability: low MISRA_CAST: reliability: medium MIXED_ENUMS: reliability: low STACK_USE: reliability: medium USER_POINTER: reliability: medium PARSE_ERROR: reliability: low FLOATING_POINT_EQUALITY: reliability: medium ORM_LOST_UPDATE: reliability: medium HFA: reliability: medium COM.ADDROF_LEAK: reliability: medium COM.BSTR.ALLOC: reliability: medium COM.BSTR.BAD_COMPARE: reliability: medium COM.BSTR.NE_NON_BSTR: reliability: medium VCALL_IN_CTOR_DTOR: reliability: medium INSECURE_DIRECT_OBJECT_REFERENCE: reliability: medium UNESCAPED_HTML: reliability: medium SECURE_CODING: reliability: medium publish: !!bool no SIZECHECK: reliability: medium MISSING_AUTHZ: reliability: medium NOSQL_QUERY_INJECTION: reliability: medium HEADER_INJECTION: reliability: medium INSECURE_RANDOM: reliability: medium CONFIG.DYNAMIC_DATA_HTML_COMMENT: reliability: medium LDAP_INJECTION: reliability: medium UNLOGGED_SECURITY_EXCEPTION: reliability: medium UNRESTRICTED_DISPATCH: reliability: medium UNSAFE_NAMED_QUERY: reliability: medium TAINT_ASSERT: reliability: medium UNKNOWN_LANGUAGE_INJECTION: reliability: medium URL_MANIPULATION: reliability: medium TAINTED_ENVIRONMENT_WITH_EXECUTION: reliability: medium ASPNET_MVC_VERSION_HEADER: reliability: medium CONFIG.ASPNET_VERSION_HEADER: reliability: medium CONFIG.ASP_VIEWSTATE_MAC: reliability: medium CONFIG.CONNECTION_STRING_PASSWORD: reliability: medium CONFIG.COOKIES_MISSING_HTTPONLY: reliability: medium CONFIG.DEAD_AUTHORIZATION_RULE: reliability: medium CONFIG.ENABLED_DEBUG_MODE: reliability: medium CONFIG.ENABLED_TRACE_MODE: reliability: medium CONFIG.MISSING_CUSTOM_ERROR_PAGE: reliability: medium PREDICTABLE_RANDOM_SEED: reliability: medium ATTRIBUTE_NAME_CONFLICT: reliability: medium CONFIG.DUPLICATE_SERVLET_DEFINITION: reliability: medium CONFIG.DWR_DEBUG_MODE: reliability: medium CONFIG.HTTP_VERB_TAMPERING: reliability: medium CONFIG.JAVAEE_MISSING_HTTPONLY: reliability: medium CONFIG.MISSING_GLOBAL_EXCEPTION_HANDLER: reliability: medium CONFIG.MISSING_JSF2_SECURITY_CONSTRAINT: reliability: medium CONFIG.SPRING_SECURITY_DEBUG_MODE: reliability: medium CONFIG.SPRING_SECURITY_DISABLE_AUTH_TAGS: reliability: medium CONFIG.SPRING_SECURITY_HARDCODED_CREDENTIALS: reliability: medium CONFIG.SPRING_SECURITY_REMEMBER_ME_HARDCODED_KEY: reliability: medium CONFIG.SPRING_SECURITY_SESSION_FIXATION: reliability: medium CONFIG.STRUTS2_CONFIG_BROWSER_PLUGIN: reliability: medium CONFIG.STRUTS2_DYNAMIC_METHOD_INVOCATION: reliability: medium CONFIG.STRUTS2_ENABLED_DEV_MODE: reliability: medium CONFIG.UNSAFE_SESSION_TIMEOUT: reliability: medium EL_INJECTION: reliability: medium JAVA_CODE_INJECTION: reliability: medium JCR_INJECTION: reliability: medium JSP_DYNAMIC_INCLUDE: reliability: medium JSP_SQL_INJECTION: reliability: medium OGNL_INJECTION: reliability: medium SESSION_FIXATION: reliability: medium TRUST_BOUNDARY_VIOLATION: reliability: medium UNSAFE_JNI: reliability: medium CONFIG.HANA_XS_PREVENT_XSRF_DISABLED: reliability: medium CONFIG.SEQUELIZE_ENABLED_LOGGING: reliability: medium COOKIE_INJECTION: reliability: medium CSS_INJECTION: reliability: medium DOM_XSS: reliability: medium INSECURE_SALT: reliability: medium INSUFFICIENT_LOGGING: reliability: medium LOCALSTORAGE_MANIPULATION: reliability: medium MISSING_IFRAME_SANDBOX: reliability: medium SESSIONSTORAGE_MANIPULATION: reliability: medium TEMPLATE_INJECTION: reliability: medium UNCHECKED_ORIGIN: reliability: medium UNRESTRICTED_MESSAGE_TARGET: reliability: medium ANGULAR_EXPRESSION_INJECTION: reliability: medium CONFIG.SYMFONY_CSRF_PROTECTION_DISABLED: reliability: medium SYMFONY_EL_INJECTION: reliability: medium LOG_INJECTION: reliability: medium SQL_NOT_CONSTANT: reliability: medium XML_INJECTION: reliability: medium INSECURE_COOKIE: reliability: medium ANGULAR_BYPASS_SECURITY: reliability: medium ANGULAR_ELEMENT_REFERENCE: reliability: medium LOCALSTORAGE_WRITE: reliability: medium ANDROID_CAPABILITY_LEAK: reliability: medium ANDROID_DEBUG_MODE: reliability: medium EXPOSED_PREFERENCES: reliability: medium IMPLICIT_INTENT: reliability: medium MISSING_PERMISSION_FOR_BROADCAST: reliability: medium MISSING_PERMISSION_ON_EXPORTED_COMPONENT: reliability: medium MOBILE_ID_MISUSE: reliability: medium UNRESTRICTED_ACCESS_TO_FILE: reliability: medium