cppcheck Tool for static C/C++ code analysis
描述
Cppcheck is a command-line tool that tries to detect bugs that your C/C++ compiler doesn't see. It is versatile, and can check non-standard code including
various compiler extensions, inline assembly code, etc. Its internal preprocessor can handle includes, macros, and several preprocessor commands. While
Cppcheck is highly configurable, you can start using it just by giving it a path to the source code.
用法
虚拟机里面安装命令:yum install cppcheck,使用方法:cppcheck --enable=all [files or paths],重点看error打印
提示
风格:
ubus.c:214]: (style) The scope of the variable 'ret' can be reduced.
ubus.c:219]: (style) Variable 'ret' is assigned a value that is never used.
gnss_hal.c:230]: (style) Variable 'bpos' is assigned a value that is never used.
ret变量没有使用
错误:
ubus.c:264]: (error) Common realloc mistake: 'main_object_methods' nulled but not freed upon failure
指针没有判断NULL,且没有地方进行free
service_ubus.c:185]: (error) Buffer is accessed out of bounds: data
buffer明显越界
upgrade_handler.c:106]: (error) Null pointer dereference: path
有访问空指针的风险
timing_pal.c:1480]: (error) Division by zero.
有除0的风险