cppcheck java_Cppcheck 1.54 C/C++静态代码分析工具

64-bit portability

Check if there is 64-bit portability issues:

assign address to/from int/long

Auto Variables

A pointer to a variable is only valid as long as the variable is in scope. Check:

returning a pointer to auto or temporary variable

assigning address of an variable to an effective parameter of a function

returning reference to local/temporary variable

returning address of function parameter

Boost usage

Check for invalid usage of Boost:

container modification during BOOST_FOREACH

Bounds checking

out of bounds checking

Class

Check the code for each class.

Missing constructors

Are all variables initialized by the constructors?

Warn if memset, memcpy etc are used on a class

If it's a base class, check that the destructor is virtual

Are there unused private functions

'operator=' should return reference to self

'operator=' should check for assignment to self

Constness for member functions

Exception Safety

Checking exception safety

Throwing exceptions in destructors

Throwing exception during invalid state

Throwing a copy of a caught exception instead of rethrowing the original exception

exception caught by value instead of by reference

Match assignments and conditions

Match assignments and conditions:

Mismatching assignment and comparison => comparison is always true/false

Mismatching lhs and rhs in comparison => comparison is always true/false

Detect matching 'if' and 'else if' conditions

Memory leaks (address not taken)

Not taking the address to allocated memory

Memory leaks (class variables)

If the constructor allocate memory then the destructor must deallocate it.

Memory leaks (function variables)

Is there any allocated memory when a function goes out of scope

Memory leaks (struct members)

Don't forget to deallocate struct members

Non reentrant functions

Warn if any of these non reentrant functions are used:

crypt

ctermid

ecvt

fcvt

fgetgrent

fgetpwent

fgetspent

gcvt

getgrent

getgrgid

getgrnam

gethostbyaddr

gethostbyname

gethostbyname2

gethostent

getlogin

getnetbyaddr

getnetbyname

getnetgrent

getprotobyname

getpwent

getpwnam

getpwuid

getrpcbyname

getrpcbynumber

getrpcent

getservbyname

getservbyport

getservent

getspent

getspnam

gmtime

localtime

readdir

strtok

tempnam

ttyname

Null pointer

Null pointers

null pointer dereferencing

Obsolete functions

Warn if any of these obsolete functions are used:

asctime

asctime_r

bcmp

bcopy

bsd_signal

bzero

ctime

ctime_r

ecvt

fcvt

ftime

gcvt

getcontext

gethostbyaddr

gethostbyname

getwd

index

makecontext

pthread_attr_getstackaddr

pthread_attr_setstackaddr

rand_r

rindex

scalbln

swapcontext

tmpnam

tmpnam_r

ualarm

usleep

utime

vfork

wcswcs

Other

Other checks

Assigning bool value to pointer (converting bool value to address)

division with zero

using fflush() on an input stream

scoped object destroyed immediately after construction

assignment in an assert statement

sizeof for array given as function argument

sizeof for numeric given as function argument

using sizeof(pointer) instead of the size of pointed data

incorrect length arguments for 'substr' and 'strncmp'

invalid usage of output stream. For example: std::cout << std::cout;'

wrong number of arguments given to 'printf' or 'scanf;'

double free() or double closedir()

C-style pointer cast in cpp file

casting between incompatible pointer types

redundant if

bad usage of the function 'strtol'

Dangerous usage of 'scanf'

passing parameter by value

variable scope can be limited

condition that is always true/false

unusal pointer arithmetic. For example: "abc" + 'd'

redundant assignment in a switch statement

redundant strcpy in a switch statement

look for 'sizeof sizeof ..'

look for calculations inside sizeof()

assignment of a variable to itself

mutual exclusion over || always evaluating to true

Clarify calculation with parentheses

using increment on boolean

comparison of a boolean with a non-zero integer

comparison of a boolean expression with an integer other than 0 or 1

suspicious condition (assignment+comparison)

suspicious condition (runtime comparison of string literals)

suspicious condition (string literals as boolean)

duplicate break statement

unreachable code

testing if unsigned variable is negative

testing is unsigned variable is positive

using bool in bitwise expression

Suspicious use of ; at the end of 'if/for/while' statement.

incorrect usage of functions from ctype library.

optimisation: detect post increment/decrement

STL usage

Check for invalid usage of STL:

out of bounds errors

misuse of iterators when iterating through a container

mismatching containers in calls

dereferencing an erased iterator

for vectors: using iterator/pointer after push_back has been used

optimisation: use empty() instead of size() to guarantee fast code

suspicious condition when using find

redundant condition

common mistakes when using string::c_str()

using auto pointer (auto_ptr)

useless calls of string functions

Uninitialized variables

Uninitialized variables

using uninitialized variables and data

Unused functions

Check for functions that are never called

UnusedVar

UnusedVar checks

unused variable

allocated but unused variable

unred variable

unassigned variable

unused struct member

Using postfix operators

Warn if using postfix operators ++ or -- rather than prefix operator