# This preset enables the C/C++ warning classes that are considered # most useful for security audits. This is a strict subset of those # classes whose significance is 'security'. # Visit a page like # http://localhost:7340/install/codesonar/doc/html/Preferences/SecurityAnalysis.html # for documentation on what these settings do. WARNING_FILTER += allow class="2$Buffer Overrun" WARNING_FILTER += allow class="Addition Overflow of Allocation Size" WARNING_FILTER += allow class="Addition Overflow of Size" WARNING_FILTER += allow class="Hardcoded DNS Name" WARNING_FILTER += allow class="Multiplication Overflow of Allocation Size" WARNING_FILTER += allow class="Multiplication Overflow of Size" WARNING_FILTER += allow class="Return from Computational Exception Signal Handler" WARNING_FILTER += allow class="Returned Pointer Not Treated as const" WARNING_FILTER += allow class="Subtraction Underflow of Allocation Size" WARNING_FILTER += allow class="Subtraction Underflow of Size" WARNING_FILTER += allow class="Tainted Allocation Size" WARNING_FILTER += allow class="Tainted Configuration Setting" WARNING_FILTER += allow class="Tainted Filename" WARNING_FILTER += allow class="Tainted Network Address" WARNING_FILTER += allow class="Tainted Write" WARNING_FILTER += allow class="Truncation of Allocation Size" WARNING_FILTER += allow class="Truncation of Size" # Classes below are enabled by default: they are included for # completeness, in case they have been disabled by a previous rule. # Note that this default enabling means that a class may remain # enabled even if its WARNING_FILTER rule is commented out below. WARNING_FILTER += allow class="Buffer Overrun" WARNING_FILTER += allow class="Buffer Underrun" WARNING_FILTER += allow class="Coercion Alters Value" WARNING_FILTER += allow class="Command Injection" WARNING_FILTER += allow class="Double Free" WARNING_FILTER += allow class="Encryption without Padding" WARNING_FILTER += allow class="File System Race Condition" WARNING_FILTER += allow class="Format String" WARNING_FILTER += allow class="Format String Injection" WARNING_FILTER += allow class="Format String Type Error" WARNING_FILTER += allow class="Function Call Has No Effect" WARNING_FILTER += allow class="Hardcoded Authentication" WARNING_FILTER += allow class="Hardcoded Crypto Key" WARNING_FILTER += allow class="Hardcoded Crypto Salt" WARNING_FILTER += allow class="Hardcoded Seed in PRNG" WARNING_FILTER += allow class="Inappropriate Call Outside Loop" WARNING_FILTER += allow class="Integer Overflow of Allocation Size" WARNING_FILTER += allow class="LDAP Injection" WARNING_FILTER += allow class="Library Injection" WARNING_FILTER += allow class="Misaligned Object" WARNING_FILTER += allow class="Negative Character Value" WARNING_FILTER += allow class="Negative Shift Amount" WARNING_FILTER += allow class="Overlapping Memory Regions" WARNING_FILTER += allow class="Padding Passed Across a Trust Boundary" WARNING_FILTER += allow class="Plaintext Storage of Password" WARNING_FILTER += allow class="Plaintext Transmission of Password" WARNING_FILTER += allow class="Pool Mismatch" WARNING_FILTER += allow class="Predictable Seed in PRNG" WARNING_FILTER += allow class="Return Pointer to Freed" WARNING_FILTER += allow class="Return Pointer to Local" WARNING_FILTER += allow class="Return from noreturn" WARNING_FILTER += allow class="SQL Injection" WARNING_FILTER += allow class="Shift Amount Exceeds Bit Width" WARNING_FILTER += allow class="Tainted Buffer Access" WARNING_FILTER += allow class="Tainted Environment Variable" WARNING_FILTER += allow class="Thread is not Joinable" WARNING_FILTER += allow class="Type Mismatch" WARNING_FILTER += allow class="Type Overrun" WARNING_FILTER += allow class="Type Underrun" WARNING_FILTER += allow class="Uninitialized Variable" WARNING_FILTER += allow class="Unreasonable Size Argument" WARNING_FILTER += allow class="Unterminated C String" WARNING_FILTER += allow class="Use After Close" WARNING_FILTER += allow class="Use After Free" WARNING_FILTER += allow class="Use of Weak Cryptographic Algorithm"