[FFmpeg-devel] [PATCH] Add coverity model file

Michael Niedermayer michaelni at gmx.at
Thu Feb 19 13:43:00 CET 2015

The comments/header of the file are taken from qemu, they provide some
basic documentation
The code from the examples

Ive no means to test this except uploading to coverity for FFmpeg, so each
commit should stay simple, making it easy to revert.

Also please help making this a useful and effective file by contributing
changes/code to it and reviewing contributions.
I am happy to upload changes but i cannot really maintain this (alone) as
i cannot test changes.

Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
 tools/model.c |   42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 tools/model.c

diff --git a/tools/model.c b/tools/model.c
new file mode 100644
index 0000000..80fc1c2
--- /dev/null
+++ b/tools/model.c
@@ -0,0 +1,42 @@
+/* Coverity Scan model
+* Copyright (C) 2014 Red Hat, Inc.
+* Authors:
+* Markus Armbruster <armbru at redhat.com>
+* Paolo Bonzini <pbonzini at redhat.com>
+* This work is licensed under the terms of the GNU GPL, version 2 or, at your
+* option, any later version. See the COPYING file in the top-level directory.
+* This is the source code for our Coverity user model file. The
+* purpose of user models is to increase scanning accuracy by explaining
+* code Coverity can't see (out of tree libraries) or doesn't
+* sufficiently understand. Better accuracy means both fewer false
+* positives and more true defects. Memory leaks in particular.
+* - A model file can't import any header files. Some built-in primitives are
+* available but not wchar_t, NULL etc.
+* - Modeling doesn't need full structs and typedefs. Rudimentary structs
+* and similar types are sufficient.
+* - An uninitialized local variable signifies that the variable could be
+* any value.
+* The model file must be uploaded by an admin in the analysis settings of
+* https://scan.coverity.com/projects/54
+* above text is based on https://github.com/qemu/qemu/blob/master/scripts/coverity-model.c
+#define NULL (void *)0
+// Based on https://scan.coverity.com/models
+void *av_malloc(size_t size) {
+    int has_memory;
+    __coverity_negative_sink__(size);
+    if(has_memory)
+        return __coverity_alloc__(size);
+    else
+        return 0;

More information about the ffmpeg-devel mailing list