diff options
author | Elena Zhelezina <elena.zhelezina@arm.com> | 2022-12-06 13:29:19 +0000 |
---|---|---|
committer | Peng Sun <peng.sun@arm.com> | 2023-08-22 14:05:58 +0100 |
commit | 117a5d39f548b27e62a5b41d626ee107fcc71e92 (patch) | |
tree | ab05532aecf237e1da3ca494b09922ba42818383 | |
parent | 45c4a9acdb6f9445c8d279a614bd91df0a055dbf (diff) | |
download | tosa_checker-117a5d39f548b27e62a5b41d626ee107fcc71e92.tar.gz |
Added cppcheck config to avoid usage of security sensitive functions.
Change-Id: I4247c5e937e33904b1db5de6c07b50bec2559b03
-rw-r--r-- | cppcheck.cfg | 39 | ||||
-rw-r--r-- | docker/CI.Dockerfile | 2 |
2 files changed, 40 insertions, 1 deletions
diff --git a/cppcheck.cfg b/cppcheck.cfg new file mode 100644 index 0000000..f8e2620 --- /dev/null +++ b/cppcheck.cfg @@ -0,0 +1,39 @@ +<?xml version="1.0"?> +<!-- Based on https://confluence.arm.com/display/ARMSW/Security+Sensitive+APIs Exclude errors if you still need this function. --> +<def format="2"> +<function name="strlen"> + <warn severity="error">This function is considered security sensitive. Please make sure of its proper use by following https://confluence.arm.com/display/ARMSW/Security+Sensitive+APIs + </warn> + <arg nr="1"/> +</function> +<function name="strcpy"> + <warn severity="error">This function is considered security sensitive. Please make sure of its proper use by following https://confluence.arm.com/display/ARMSW/Security+Sensitive+APIs + </warn> + <arg nr="1"/> +</function> +<function name="strncpy"> + <warn severity="error">This function is considered security sensitive. Please make sure of its proper use by following https://confluence.arm.com/display/ARMSW/Security+Sensitive+APIs + </warn> + <arg nr="1"/> +</function> +<function name="snprintf"> + <warn severity="error">This function is considered security sensitive. Please make sure of its proper use by following https://confluence.arm.com/display/ARMSW/Security+Sensitive+APIs + </warn> + <arg nr="1"/> +</function> +<function name="strncat"> + <warn severity="error">This function is considered security sensitive. Please make sure of its proper use by following https://confluence.arm.com/display/ARMSW/Security+Sensitive+APIs + </warn> + <arg nr="1"/> +</function> +<function name="strtok"> + <warn severity="error">This function is considered security sensitive. Please make sure of its proper use by following https://confluence.arm.com/display/ARMSW/Security+Sensitive+APIs + </warn> + <arg nr="1"/> +</function> +<function name="scanfk"> + <warn severity="error">This function is considered security sensitive. Please make sure of its proper use by following https://confluence.arm.com/display/ARMSW/Security+Sensitive+APIs + </warn> + <arg nr="1"/> +</function> +</def>
\ No newline at end of file diff --git a/docker/CI.Dockerfile b/docker/CI.Dockerfile index 7994cb8..66c78bf 100644 --- a/docker/CI.Dockerfile +++ b/docker/CI.Dockerfile @@ -7,7 +7,7 @@ ARG BAZEL_VERSION=5.3.0 ARG TENSORFLOW_VERSION=2.13.0 RUN apt-get update -RUN apt-get install -y build-essential software-properties-common clang curl unzip git libc++-dev libc++abi-dev +RUN apt-get install -y build-essential software-properties-common clang curl unzip git libc++-dev libc++abi-dev cppcheck RUN add-apt-repository -y ppa:deadsnakes/ppa RUN apt-get update |