-consider-analysis-perimeter-as-trust-boundary
Consider the analysis perimeter as trust boundary so that data coming from outside the current analysis perimeter is considered tainted
Since R2020b
Syntax
-checkers cmd_name_of_check -consider-analysis-perimeter-as-trust-boundary
Description
-checkers
modifies the behavior of cmd_name_of_check -consider-analysis-perimeter-as-trust-boundarycmd_name_of_check so that data
originating from outside the analysis perimeter is considered tainted. For instance, if
you are analyzing a single file, then any data that originates outside this file is
considered tainted. This option impacts several Polyspace®
Bug Finder™defects and coding rules. For possible values of
cmd_name_of_check, see Polyspace Tainted Data Checkers
By default, these data are considered tainted:
Objects declared or defined as
volatileExternal data such as user input, hardware data, network data, and environment variable
If you specify the option -consider-analysis-perimeter-as-trust-boundary, data that does not
originate in the current scope of Polyspace analysis is considered tainted. Such data might include:
Formal parameters of externally visible function that do not have a visible caller.
Return values of stubbed functions.
Global variables external to the unit.
If you do not trust data that originates from an external module, use this option to detect operations that are vulnerable to this tainted data.
If you are running an analysis from the user interface
(Polyspace desktop products only), on the Configuration pane, you can
enter this option in the Other field. See Other.
Example
Consider this code:
#include<stdio.h>
double taintedloopboundary(int num, int denum) {
int count;
scanf("%d", &count);
for (int i=0; i<count; ++i) {
num = num/denum;
}
return num;
}The variable
countis obtained from the user. If you perform the default tainted data analysis by using the command:Polyspace flags the tainted loop variable.polyspace-bug-finder -checkers tainted_data
The variables
numanddenumare not defined in the current module. If you modify the tainted data analysis by using the command:Polyspace flags the division operation betweenpolyspace-bug-finder -checkers tainted_data -consider-analysis-perimeter-as-trust-boundarynumanddenum.
Tips
This option is not useful in a Polyspace as You Code analysis.
Version History
Introduced in R2020b
You can also select a web site from the following list
Americas
- América Latina (Español)
- Canada (English)
- United States (English)
Europe
- Belgium (English)
- Denmark (English)
- Deutschland (Deutsch)
- España (Español)
- Finland (English)
- France (Français)
- Ireland (English)
- Italia (Italiano)
- Luxembourg (English)
- Netherlands (English)
- Norway (English)
- Österreich (Deutsch)
- Portugal (English)
- Sweden (English)
- Switzerland
- United Kingdom (English)
Asia Pacific
- Australia (English)
- India (English)
- New Zealand (English)
- 中国
- 日本Japanese (日本語)
- 한국Korean (한국어)