We're using Coverity to analyze our C# code for defects.
We have some unit-tests that explicitly verify that null-parameters are handled correctly.
These are listed as defects by Coverity. If this was Microsofts own code analysis we could tag our method that does the null-passing with [SuppressMessage(...)], is something similar available for Coverity?
We'd rather not try to muddify the code enough to confuse Coverity.
Here's an example piece of code that gives this defect:
[Test]
public void SomeRandomTest()
{
var obj = new SomeRandomObject();
Assert.Throws<ArgumentNullException>(() => obj.Method(null));
}
...
public class SomeRandomObject
{
public void Method(object value)
{
if (value == null) throw new ArgumentNullException(nameof(value));
...
}
}
The explicit error is shown as
Explicit null dereferenced (FORWARD_NULL)
var_deref_model: Passing null to Method, which throws an exception after checking for null.
Taking an example from this site, you can suppress these messages with a comment above the reported error line, but in your case you would use the var_deref_model tag. For example:
// coverity[var_deref_model]