This topic explains how to manually suppress Parasoft findings in source code or in a suppression file. See Suppressing Findings in the GUI for information about suppressing findings using the UI of your IDE.
Introduction
You can prevent dotTEST from reporting specific static analysis findings by defining suppressions. Suppressions are useful when you generally follow a rule, but decide to ignore specific occurrences of the reported finding. If you do not want to receive findings for any violations of a specific rule, disable the rule in the test configuration.
Defining Suppressions in Source Code
Suppression schemes can be defined in the source code with the syntax specified below.
Line Suppression
Line suppression allows for suppressing violations in a single line. The suppression comment must be specified at the end of the line of code where the violation occurs, using the following syntax:
// parasoft-suppress <rule-id>|<rule-category>|ALL "<suppression comment>"
Examples:
int proc1(bool a, bool b, int i) { if (a | b) // parasoft-suppress CS "suppress all rules in category CS" if (b = a) // parasoft-suppress CS.PB "suppress rule CS.PB" { string emptyString1 = ""; // parasoft-suppress CS-1 "suppress all rules in category CS with severity level 1" } else { string emptyString2 = ""; // parasoft-suppress CS.BRM.ES BD.PB.VOVR CWE.563.VOVR "suppress multiple rules" } return i++; // parasoft-suppress ALL "suppress all rules" }
Block Suppression
Block suppression allows for suppressing violations in a block of code. The suppression begin/end comments must be specified before/after the block of code where the violations occur, using the following syntax:
// parasoft-begin-suppress <rule-id>|<rule-category>|ALL "<suppression comment>" ... code block ... // parasoft-end-suppress <rule-id>|<rule-category>|ALL "<suppression comment>"
Examples:
int proc2(bool a, bool b, int i) { // parasoft-begin-suppress CS "begin suppress all rules in category CS" if (a | b) if(b = a) // parasoft-end-suppress CS "end suppress all rules in category CS" { string emptyString = ""; } return i++; } int proc3(bool a, bool b, int i) { if (a | b) // parasoft-begin-suppress CS.PB "begin suppress rule CS.PB" if(b = a) // parasoft-end-suppress CS.PB "end suppress rule CS.PB" { string emptyString = ""; } return i++; } int proc4(bool a, bool b, int i) { // parasoft-begin-suppress CS-1 "begin suppress all rules in category CS with severity level 1" if (a | b) if(b = a) { string emptyString = ""; } return i++; // parasoft-end-suppress CS-1 "end suppress all rules in category CS with severity level 1" } // parasoft-begin-suppress ALL "begin suppress all rules" int proc5(bool a, bool b, int i) { if (a | b) if(b = a) { string emptyString = ""; } return i++; } // parasoft-end-suppress ALL "end suppress all rules"
To suppress multiple rules in a file, include the following at the beginning/end of the file:
// parasoft-begin-suppress CS.BRM.ES BD.PB.VOVR CWE.563.VOVR "begin suppress multiple rules" ..... // parasoft-end-suppress CS.BRM.ES BD.PB.VOVR CWE.563.VOVR "end suppress multiple rules"
Defining Suppressions in Suppression Files
You can suppress the reporting of selected findings by creating parasoft.suppress files that specify the attributes of findings you want to suppress. A suppression file should be located in the same directory as the source file that contains the findings.
We recommend that suppression files be checked in your source control system. This allows you to share information about suppressions with other team members and easily review the suppressions on a branch in your SCM repository before merging the code into the main stream of development, such as "master", "trunk", etc.
Use the following format to add suppression entries to parasoft.suppress files:
suppression-begin file: Account.cs (required) line: 12 (optional) rule-id: CODSTA-123 (optional) message: Exact violation message (optional) reason: Approved (optional) author: devel (optional) date: 2020-09-21 (optional) suppression-end
Example:
At a minimum, you must specify the source file where the problem was detected. This will suppress all findings reported for the specified file. In the following example, all findings detected in the Account file will be suppressed:
suppression-begin file: Account.cs suppression-end
Other attributes are optional and help you fine-tune the suppression. In the following example, all findings that the PB.TYPO.TLS rule detected in the Account file are suppressed, regardless on which code line they occur:
suppression-begin file: Account.cs rule-id: PB.TYPO.TLS suppression-end
Notes on Attributes
- It is a good practice to specify the reason for suppression.
- The
line
attribute should be used with caution as it may invalidate the suppression if the code is moved to another line when the source file is modified.