src/file_ddf.c: add Frama-C annotations

1 files changed, 9 insertions, 21 deletions

diff --git a/src/file_ddf.c b/src/file_ddf.c
index 4a99d11e..7ec5d898 100644
--- a/src/file_ddf.c
+++ b/src/file_ddf.c
@@ -35,7 +35,7 @@
 #include "filegen.h"
 #include "common.h"
 
-/*@ requires \valid(file_stat); */
+/*@ requires valid_register_header_check(file_stat); */
 static void register_header_check_ddf(file_stat_t *file_stat);
 
 const file_hint_t file_hint_ddf= {
@@ -85,9 +85,9 @@ struct MasterHeader
   @ requires \valid_read(buffer+(0..sizeof(struct MasterHeader)-1));
   @ requires \valid(file_recovery_new);
   @ requires separation: \separated(&file_hint_ddf, buffer+(..), file_recovery_new);
-  @ assigns  *file_recovery_new;
   @ ensures  \result == 1;
-  @ ensures  valid_file_recovery(file_recovery_new);
+  @ ensures  valid_header_check_result(\result, file_recovery_new);
+  @ assigns  *file_recovery_new;
   @*/
 static int header_check_aux(const unsigned char *buffer, file_recovery_t *file_recovery_new)
 {
@@ -103,14 +103,10 @@ static int header_check_aux(const unsigned char *buffer, file_recovery_t *file_r
 
 /*@
   @ requires buffer_size >= sizeof(struct MasterHeader);
-  @ requires \valid_read(buffer+(0..buffer_size-1));
-  @ requires valid_file_recovery(file_recovery);
-  @ requires \valid(file_recovery_new);
-  @ requires file_recovery_new->blocksize > 0;
   @ requires separation: \separated(&file_hint_ddf, buffer+(..), file_recovery, file_recovery_new);
+  @ requires valid_header_check_param(buffer, buffer_size, safe_header_only, file_recovery, file_recovery_new);
+  @ ensures  valid_header_check_result(\result, file_recovery_new);
   @ assigns  *file_recovery_new;
-  @ ensures \result == 0 || \result == 1;
-  @ ensures  \result!=0 ==> valid_file_recovery(file_recovery_new);
   @*/
 static int header_check_ddf3(const unsigned char *buffer, const unsigned int buffer_size, const unsigned int safe_header_only, const file_recovery_t *file_recovery, file_recovery_t *file_recovery_new)
 {
@@ -124,14 +120,10 @@ static int header_check_ddf3(const unsigned char *buffer, const unsigned int buf
 
 /*@
   @ requires buffer_size >= sizeof(struct MasterHeader);
-  @ requires \valid_read(buffer+(0..buffer_size-1));
-  @ requires valid_file_recovery(file_recovery);
-  @ requires \valid(file_recovery_new);
-  @ requires file_recovery_new->blocksize > 0;
   @ requires separation: \separated(&file_hint_ddf, buffer+(..), file_recovery, file_recovery_new);
+  @ requires valid_header_check_param(buffer, buffer_size, safe_header_only, file_recovery, file_recovery_new);
+  @ ensures  valid_header_check_result(\result, file_recovery_new);
   @ assigns  *file_recovery_new;
-  @ ensures \result == 0 || \result == 1;
-  @ ensures  \result!=0 ==> valid_file_recovery(file_recovery_new);
   @*/
 static int header_check_ddf4(const unsigned char *buffer, const unsigned int buffer_size, const unsigned int safe_header_only, const file_recovery_t *file_recovery, file_recovery_t *file_recovery_new)
 {
@@ -145,14 +137,10 @@ static int header_check_ddf4(const unsigned char *buffer, const unsigned int buf
 
 /*@
   @ requires buffer_size >= sizeof(struct MasterHeader);
-  @ requires \valid_read(buffer+(0..buffer_size-1));
-  @ requires valid_file_recovery(file_recovery);
-  @ requires \valid(file_recovery_new);
-  @ requires file_recovery_new->blocksize > 0;
   @ requires separation: \separated(&file_hint_ddf, buffer+(..), file_recovery, file_recovery_new);
+  @ requires valid_header_check_param(buffer, buffer_size, safe_header_only, file_recovery, file_recovery_new);
+  @ ensures  valid_header_check_result(\result, file_recovery_new);
   @ assigns  *file_recovery_new;
-  @ ensures \result == 0 || \result == 1;
-  @ ensures  \result!=0 ==> valid_file_recovery(file_recovery_new);
   @*/
 static int header_check_ddf5(const unsigned char *buffer, const unsigned int buffer_size, const unsigned int safe_header_only, const file_recovery_t *file_recovery, file_recovery_t *file_recovery_new)
 {