Skip to content

Releases: danmar/cppcheck

Cppcheck-1.90

21 Dec 12:44
@danmar danmar
1.90
077e652
Compare
Choose a tag to compare
Cppcheck-1.90

New check:

  • alias to vector element invalid after vector is changed

Improved checking:

  • improved value flow analysis for struct members
  • improved value flow analysis for pointer alias

CERT:

  • Added ENV33-C: Do not call system()

MISRA:

  • Added rule 2.7
  • Added rule 3.2
  • Added rule 4.2
  • Added rule 14.2
  • Added rule 21.1
  • Added rule 21.12
Assets 3
Loading

Cppcheck-1.89

01 Sep 13:18
@danmar danmar
1.89
355d2cc
Compare
Choose a tag to compare
Cppcheck-1.89

Command line:

  • The default warning message format was changed. The new format is similar to GCC. If you want to get warnings in the old format, add --template=cppcheck1 to the command line.

Compiling:

  • From now on, use FILESDIR instead of CFGDIR to specify the path for Cppcheck data files. The readme.txt describes the available flags.

Improved checking:

  • improved value flow analysis for pointer aliases
  • improved checking for uninitialized variables/structs
  • better checking of smart pointers
  • better checking of global variables
  • Added Cppcheck annotations cppcheck_low(VALUE) and cppcheck_high(VALUE)
  • shadow variables; warn when argument is shadowed
  • warn if local reference variable can be const

CERT:

  • Added API01-C: Avoid laying out strings in memory directly before sensitive data
  • Added MSC24-C: Do not use deprecated or obsolescent functions
  • Added STR11-C: Do not specify the bound of a character array initialized with a string literal

MISRA:

  • Added rule 17.2
  • Added rule 18.4
  • Added rule 18.7

GUI:

  • Minor tweaks
Assets 4
Loading

Cppcheck-1.88

29 Jun 08:38
@danmar danmar
1.88
4b67780
Compare
Choose a tag to compare
Cppcheck-1.88

New checks:

  • Comparing pointers that point to different objects
  • Address of local variable 'x' is accessed at non-zero index
  • STL usage: unnecessary search before insertion
  • Duplicate expression for condition and assignment: if (x==3) x=3;

Added --library configuration files for:

  • cppunit
  • libcerror
  • nspr
  • opengl
  • sqlite3

Better handling of C++14 and C++17

Command line:

  • New command line option --addon used to run addons directly from Cppcheck.
  • Some advanced options are only available in GUI:
    • remove unused declarations in header files to speedup analysis
    • remove unused templates to speedup analysis
    • when checking visual studio project, only check 1 configuration
    • max whole-program-analysis call stack depth
      To get these features in command line tool, create a GUI project file and import that on command line using --project.

GUI:

  • started implementing theme support

Makefile:
Please use MATCHCOMPILER=yes instead of SRCDIR=build when compiling to enable the match compiler.

Cert:

  • add check exp15-c
  • add check str03-c
  • add check str05-c
  • add check str07-c

Misra:

  • Add check 17.7
  • Add check 20.7
  • Add check 20.10
Assets 4
Loading

Cppcheck-1.87

09 Feb 11:54
@danmar danmar
1.87
f45cecc
Compare
Choose a tag to compare
Cppcheck-1.87

Command line interface:

  • --project can now import Cppcheck GUI projects.

New checks:

  • Condition is always true when array address is compared with 0.
  • function argument expression calculation has known result (#8830)

Improvements:

  • Better lifetime checking (using pointer/reference that points at deleted object)
  • Improved whole program analysis
  • Better handling of language extension var@address.
  • Many improvements in parser to handle templates, type aliases, etc better

Configuration:

  • new configuration for boost
  • much better wxwidgets configuration

Addons:

  • New addon for checking naming conventions. Naming conventions are configured in json file.

Performance:
According to daca@home Cppcheck-1.87 is in average 10% faster than Cppcheck-1.86.

Assets 4
Loading

Cppcheck-1.86

08 Dec 10:18
@danmar danmar
1.86
5b897a7
Compare
Choose a tag to compare
Cppcheck-1.86

General:

  • Many fixes in the template simplifier
  • Several fixes in the abstract syntax tree.

Checking improvements:

  • New check: passing address of char to function that expects a strz
  • New check: shadow variables
  • Improved lifetime checking
  • Improved STL iterators checking
  • Improved data flow analysis

New libraries:

  • zlib
  • googletest

Addons:

  • misra.py: Fixes for suppressions and exclusions
  • namingng.py: New addon to check naming conventions. Rules are specified in json file.
Assets 4
Loading

Cppcheck-1.85

14 Oct 17:34
@danmar danmar
1.85
e22243a
Compare
Choose a tag to compare
Cppcheck-1.85

General:

  • We are modernizing the Cppcheck code. Support for MSVC 2010 and GCC 4.4 is dropped. You now need a compiler that is at least as good as MSVC 2013 or GCC 4.6.
  • According to "daca@home" (http://cppcheck.osuosl.org:8000)
    • There are fewer crashes.
    • Cppcheck-1.85 is ~25% slower than Cppcheck-1.84

Checking improvements:

  • New check: Suggest STL algorithms instead of hard-coded for loops
  • New check: Warn about ineffective algorithms (same iterator passed)
  • New check: Mismatching iterators used together in operators
  • Container (STL/Qt/WxWidgets/etc) access out of bounds
  • Improved the checkers that warns about same/opposite expressions, track variable values better.
    • logical conjunctions
    • identical/opposite inner expressions
    • same expressions around operator
    • etc
  • Variable scope: warn about references also

Graphical user interface:

  • You can specify undefines in the project file dialog
  • Fixed configuration of suppressions
  • Windows: Fixed issue of wrong/no theme being applied to UI elements

Misra:

  • support per file excludes from cppcheck
  • support per file suppressions from cppcheck
  • summary will now summarize results for all files again
  • a few false positives were fixed
Assets 4
Loading

Cppcheck-1.84

12 Jun 10:54
@danmar danmar
1.84
7d112aa
Compare
Choose a tag to compare
Cppcheck-1.84

New checks:

  • Same rhs expression used in consecutive assignments
  • Added more misra checkers
  • Function overrides base class function but is not marked with the override keyword

Improved checks:

  • Identical inner condition
  • Opposite expressions
  • Call to virtual function in constructor or destructor
  • Variable not initialized by private constructor
  • A class that has dynamic allocation needs copy constructor, assignment operator and destructor

Misc:

  • Various performance optimisations
  • Better support for C++17
  • --template=gcc format has been updated to match gcc output better.
  • We added a --template-location that can be used to format multiline messages.
  • Update --template so the piece of code with the warning can be shown
  • Symbol-based suppressions
  • XML based suppressions format

Addons:

  • cert.py: Attempting to cast away const
  • misc.py: String concatenation in array initialization
  • misc.py: Passing struct to ellipsis function
  • misc.py: Function overrides base class function but is not marked with the virtual keyword

Compiling: We dropped support for some old compilers. From now on you need gcc 4.6 or later / visual studio 2013 or later / other compiler with c++11 support.

Assets 4
Loading

1.83

02 Apr 08:25
@danmar danmar
1.83
af88d7c
Compare
Choose a tag to compare
1.83

Command line:

  • fixes in parser
  • Improved loading of platform files.

GUI:

  • few minor improvements in user interface
  • Code preview
  • Added MISRA addon integration
  • Platform can be selected in project settings
  • Fixed issue when loading xml results file

Addons:

  • We are now officially releasing our MISRA addon. So far it supports MISRA C 2012.
Assets 4
Loading

1.82

14 Jan 21:37
@danmar danmar
1.82
23b253e
Compare
Choose a tag to compare
1.82

Bug fixes:

  • Better handling of namespaces
  • Fixed false positives
  • Fixed parsing of compile databases
  • Fixed parsing of visual studio projects

Enhancements

  • New check; Detect mistakes when there are multiple strcmp() in condition
    Example:

    if (strcmp(password,"A")==0 || strcmp(password,"B")==0 || strcmp(password,"C"))

    There is a missing '==0', and therefore this condition is always true except when password is "C".

  • New check; pointer calculation result can't be NULL unless there is overflow
    Example:

    someType **list_p = ...;
if ((list_p + 1) == NULL)

    The result for '(list_p + 1)' can't be NULL unless there is overflow (UB).

  • New check; public interface of classes should be safe - detect possible division by zero
    Example:

    class Fred {
public:
void setValue(int mul, int div) {
  value = mul / div; // <- unsafe
}
...

    This check does not consider how Fred::setValue() is really called.
    If you agree that the public interface of classes should always be safe; it should be allowed to call all public methods with arbitrary arguments, then this checker will be useful.

  • Fixed a few false negatives

  • More information in the cfg files

Assets 4
Loading

1.81

07 Oct 21:31
@danmar danmar
1.81
a79b912
Compare
Choose a tag to compare
1.81

CPPCHECK:

  • New warning: Check if condition after an early return is overlapping and therefore always false.
  • Improved knowledge about C/C++ standard, windows, posix, wxwidgets, gnu
  • Better handling of Visual Studio projects

GUI:

  • Compile: Qt5 is now needed to build the GUI
  • Compile: New qmake flag HAVE_QCHART
  • Project: You can now run cppcheck-addons
  • Project: We have integrated clang-tidy
  • Results view: Reload last results (if cppcheck build dir is used) when GUI is started
  • Results view: Tag the warnings with custom keywords (bug/todo/not important/etc..)
  • Results view: Shows when warning first appeared (since date)
  • Results view: Suppress warnings through right-click menu
  • Statistics: Added charts (shown if Qt charts module is enabled during build)
Assets 7
Loading