PVS-Studio pipeline (#18)

Author: akopachov

.github/workflows/pvsstudio.yml

@@ -0,0 +1,42 @@
+name: PVS-Studio build analysis
+on: workflow_dispatch
+jobs:
+  build-analyze:
+    runs-on: ubuntu-latest
+    env:
+      FBT_NO_SYNC: "true"
+      TARGETS: f7
+      DEFAULT_TARGET: f7
+    steps:
+      - name: 'Decontaminate previous build leftovers'
+        run: |
+          if [ -d .git ]; then
+            git submodule status || git checkout "$(git rev-list --max-parents=0 HEAD | tail -n 1)"
+          fi
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+          submodules: 'recursive'
+      - name: Install tools
+        run: |
+          wget -q -O - https://files.pvs-studio.com/etc/pubkey.txt \
+            | sudo apt-key add -
+          sudo wget -O /etc/apt/sources.list.d/viva64.list \
+            https://files.pvs-studio.com/etc/viva64.list
+          sudo apt update
+          sudo apt install pvs-studio
+          pvs-studio-analyzer credentials ${{ secrets.PVS_STUDIO_CREDENTIALS }}
+      - name: Build
+        run: |
+          ./pvs-build
+      - name: Analyze
+        run: |
+          pvs-studio-analyzer analyze @.pvsoptions -j$(grep -c processor /proc/cpuinfo) -f flipperzero-firmware_unleashed/build/f7-firmware-DC/compile_commands.json 
+      - name: Convert report
+        run: |
+          plog-converter -t sarif -o pvs-report.sarif PVS-Studio.log
+      - name: Publish report
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: pvs-report.sarif
+          category: PVS-Studio

.pvsconfig

@@ -0,0 +1 @@
+--rules-config .pvsconfig -e flipperzero-firmware_unleashed -e flipperzero-firmware_official

.pvsoptions

@@ -6,8 +6,8 @@ function Get-LatestDirectory {
     Get-ChildItem -Path $Path | Where-Object {$_.PSIsContainer} | Sort-Object LastWriteTime -Descending | Select-Object -First 1
 }
 
-./fbt u fap_totp
-./fbt o fap_totp
+./fbt u COMPACT=1 DEBUG=0 VERBOSE=0 fap_totp
+./fbt o COMPACT=1 DEBUG=0 VERBOSE=0 fap_totp
 
 Push-Location $PSScriptRoot
 

build.ps1

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+pushd flipperzero-firmware_unleashed
+rm -rf applications/plugins/totp
+sed -i 's/applications_user/../' site_scons/commandline.scons
+./fbt COMPACT=1 firmware_cdb fap_totp
+popd

pvs-build

@@ -251,11 +251,7 @@ bool totp_scene_add_new_token_handle_event(PluginEvent* const event, PluginState
                 tokenInfo->algo = scene_state->algo;
                 tokenInfo->digits = scene_state->digits_count;
 
-                if(plugin_state->tokens_list == NULL) {
-                    plugin_state->tokens_list = list_init_head(tokenInfo);
-                } else {
-                    list_add(plugin_state->tokens_list, tokenInfo);
-                }
+                TOTP_LIST_INIT_OR_ADD(plugin_state->tokens_list, tokenInfo);
                 plugin_state->tokens_count++;
 
                 totp_config_file_save_new_token(tokenInfo);

totp/scenes/add_new_token/totp_scene_add_new_token.c

@@ -87,6 +87,43 @@ static void furi_string_secure_free(FuriString* str) {
     furi_string_free(str);
 }
 
+static bool totp_cli_read_secret(Cli* cli, FuriString* out_str, bool mask_user_input) {
+    uint8_t c;
+    while(cli_read(cli, &c, 1) == 1) {
+        if(c == CliSymbolAsciiEsc) {
+            // Some keys generating escape-sequences
+            // We need to ignore them as we case about alpha-numerics only
+            uint8_t c2;
+            cli_read_timeout(cli, &c2, 1, 0);
+            cli_read_timeout(cli, &c2, 1, 0);
+        } else if(c == CliSymbolAsciiETX) {
+            TOTP_CLI_DELETE_CURRENT_LINE();
+            TOTP_CLI_PRINTF("Cancelled by user\r\n");
+            return false;
+        } else if((c >= '0' && c <= '9') || (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z')) {
+            if(mask_user_input) {
+                putc('*', stdout);
+            } else {
+                putc(c, stdout);
+            }
+            fflush(stdout);
+            furi_string_push_back(out_str, c);
+        } else if(c == CliSymbolAsciiBackspace || c == CliSymbolAsciiDel) {
+            size_t out_str_size = furi_string_size(out_str);
+            if(out_str_size > 0) {
+                TOTP_CLI_DELETE_LAST_CHAR();
+                furi_string_left(out_str, out_str_size - 1);
+            }
+        } else if(c == CliSymbolAsciiCR) {
+            cli_nl();
+            break;
+        }
+    }
+
+    TOTP_CLI_DELETE_LAST_LINE();
+    return true;
+}
+
 void totp_cli_command_add_handle(PluginState* plugin_state, FuriString* args, Cli* cli) {
     FuriString* temp_str = furi_string_alloc();
     TokenInfo* token_info = token_info_alloc();
@@ -148,44 +185,8 @@ void totp_cli_command_add_handle(PluginState* plugin_state, FuriString* args, Cl
     // Reading token secret
     furi_string_reset(temp_str);
     TOTP_CLI_PRINTF("Enter token secret and confirm with [ENTER]\r\n");
-
-    uint8_t c;
-    while(cli_read(cli, &c, 1) == 1) {
-        if(c == CliSymbolAsciiEsc) {
-            // Some keys generating escape-sequences
-            // We need to ignore them as we case about alpha-numerics only
-            uint8_t c2;
-            cli_read_timeout(cli, &c2, 1, 0);
-            cli_read_timeout(cli, &c2, 1, 0);
-        } else if(c == CliSymbolAsciiETX) {
-            TOTP_CLI_DELETE_CURRENT_LINE();
-            TOTP_CLI_PRINTF("Cancelled by user\r\n");
-            furi_string_secure_free(temp_str);
-            token_info_free(token_info);
-            return;
-        } else if((c >= '0' && c <= '9') || (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z')) {
-            if(mask_user_input) {
-                putc('*', stdout);
-            } else {
-                putc(c, stdout);
-            }
-            fflush(stdout);
-            furi_string_push_back(temp_str, c);
-        } else if(c == CliSymbolAsciiBackspace || c == CliSymbolAsciiDel) {
-            size_t temp_str_size = furi_string_size(temp_str);
-            if(temp_str_size > 0) {
-                TOTP_CLI_DELETE_LAST_CHAR();
-                furi_string_left(temp_str, temp_str_size - 1);
-            }
-        } else if(c == CliSymbolAsciiCR) {
-            cli_nl();
-            break;
-        }
-    }
-
-    TOTP_CLI_DELETE_LAST_LINE();
-
-    if(!totp_cli_ensure_authenticated(plugin_state, cli)) {
+    if(!totp_cli_read_secret(cli, temp_str, mask_user_input) ||
+       !totp_cli_ensure_authenticated(plugin_state, cli)) {
         furi_string_secure_free(temp_str);
         token_info_free(token_info);
         return;
@@ -210,11 +211,7 @@ void totp_cli_command_add_handle(PluginState* plugin_state, FuriString* args, Cl
         load_generate_token_scene = true;
     }
 
-    if(plugin_state->tokens_list == NULL) {
-        plugin_state->tokens_list = list_init_head(token_info);
-    } else {
-        list_add(plugin_state->tokens_list, token_info);
-    }
+    TOTP_LIST_INIT_OR_ADD(plugin_state->tokens_list, token_info);
     plugin_state->tokens_count++;
     totp_config_file_save_new_token(token_info);
 

totp/services/cli/commands/add/add.c

@@ -409,11 +409,7 @@ TokenLoadingResult totp_config_file_load_tokens(PluginState* const plugin_state)
 
         FURI_LOG_D(LOGGING_TAG, "Found token \"%s\"", tokenInfo->name);
 
-        if(plugin_state->tokens_list == NULL) {
-            plugin_state->tokens_list = list_init_head(tokenInfo);
-        } else {
-            list_add(plugin_state->tokens_list, tokenInfo);
-        }
+        TOTP_LIST_INIT_OR_ADD(plugin_state->tokens_list, tokenInfo);
 
         index++;
     }

totp/services/config/config.c

@@ -26,7 +26,7 @@ ListNode* list_add(ListNode* head, void* data) {
     return head;
 }
 
-ListNode* list_find(ListNode* head, void* data) {
+ListNode* list_find(ListNode* head, const void* data) {
     ListNode* it;
 
     for(it = head; it != NULL; it = it->next)
@@ -66,7 +66,8 @@ ListNode* list_remove(ListNode* head, ListNode* ep) {
 }
 
 void list_free(ListNode* head) {
-    ListNode *it = head, *tmp;
+    ListNode* it = head;
+    ListNode* tmp;
 
     while(it != NULL) {
         tmp = it;

totp/services/list/list.c

@@ -14,11 +14,20 @@ ListNode* list_add(
     void* data); /* adds element with specified data to the end of the list and returns new head node. */
 ListNode* list_find(
     ListNode* head,
-    void* data); /* returns pointer of element with specified data in list. */
+    const void* data); /* returns pointer of element with specified data in list. */
 ListNode* list_element_at(
     ListNode* head,
     uint16_t index); /* returns pointer of element with specified index in list. */
 ListNode* list_remove(
     ListNode* head,
     ListNode* ep); /* removes element from the list and returns new head node. */
 void list_free(ListNode* head); /* deletes all elements of the list. */
+
+#define TOTP_LIST_INIT_OR_ADD(head, item) \
+    do {                                  \
+        if(head == NULL) {                \
+            head = list_init_head(item);  \
+        } else {                          \
+            list_add(head, item);         \
+        }                                 \
+    } while(false)

totp/services/list/list.h

@@ -25,10 +25,10 @@ bool token_info_set_secret(
     TokenInfo* token_info,
     const char* base32_token_secret,
     size_t token_secret_length,
-    uint8_t* iv) {
+    const uint8_t* iv) {
     uint8_t* plain_secret = malloc(token_secret_length);
     int plain_secret_length =
-        base32_decode((uint8_t*)base32_token_secret, plain_secret, token_secret_length);
+        base32_decode((const uint8_t*)base32_token_secret, plain_secret, token_secret_length);
     bool result;
     if(plain_secret_length >= 0) {
         token_info->token =
@@ -43,7 +43,7 @@ bool token_info_set_secret(
     return result;
 }
 
-uint8_t token_info_get_digits_count(TokenInfo* token_info) {
+uint8_t token_info_get_digits_count(const TokenInfo* token_info) {
     switch(token_info->digits) {
     case TOTP_6_DIGITS:
         return 6;

totp/types/token_info.c

@@ -20,5 +20,5 @@ bool token_info_set_secret(
     TokenInfo* token_info,
     const char* base32_token_secret,
     size_t token_secret_length,
-    uint8_t* iv);
-uint8_t token_info_get_digits_count(TokenInfo* token_info);
+    const uint8_t* iv);
+uint8_t token_info_get_digits_count(const TokenInfo* token_info);