Cppcheck v2.12.1 released, a static analysis tool for C/C++ code
Cppcheck is a static analysis tool for C/C++ code. It provides a unique code analysis to detect bugs and focuses on detecting undefined behavior and dangerous coding constructs. The goal is to detect only real errors in the code (i.e. have very few false positives).
Unique code analysis that detects various kinds of bugs in your code.
Both command line interface and graphical user interface are available.
Cppcheck has a strong focus on detecting undefined behaviour.
- Dead pointers
- Division by zero
- Integer Overflows
- Invalid bit shift operands
- Invalid conversions
- Invalid usage of STL
- Memory management
- Null pointer dereferences
- Out of bounds checking
- Uninitialized variables
- Writing const data
The most common types of security vulnerabilities in 2017 (CVE count) was:
|Category||Amount||Detected by Cppcheck|
|Buffer Errors||2530||A few|
|Improper Access Control||1366||A few (unintended backdoors)|
|Information Leak||1426||A few (unintended backdoors)|
|Permissions, Privileges, and Access Control||1196||A few (unintended backdoors)|
CVEs that was found using Cppcheck:
- CVE-2017-1000249: file : stack-based buffer overflow
This was found by Thomas Jarosch using Cppcheck. The cause is a mistake in a condition.
- CVE-2013-6462: 23-year-old stack overflow in X.org that was found with Cppcheck.
This has been described in a few articles (link).
- CVE-2012-1147: readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.
- uselessOverride finds overriding functions that either duplicate code from or delegate back to the base class implementation
- knownPointerToBool finds pointer to bool conversions that are always true or false
- truncLongCastAssignment and truncLongCastReturn check additional types, including float/double/long double
- duplInheritedMember also reports duplicated member functions
- constParameter*/constVariable* checks find more instances of pointers/references that can be const, e.g. when calling library functions
- Show in statistics which checkers have been activated in latest analysis
- Make it more visible if there has been critical errors that caused checkers to be skipped
- Write how many checkers was activated after a run
- Added –checkers-report that can be used to generate a report in a file that shows what checkers was activated and disabled
- The qmake build system has been deprecated and will be removed in a future version.
- Command-line option ‘–template ‘ is deprecated and will be removed in 2.13 – please use ‘–template=’ instead.
- Command-line option ‘–template-location ‘ is deprecated and will be removed in 2.13 – please use ‘–template-location=’ instead.Other:
- “USE_QT6=On” will no longer fallback to Qt5 when Qt6 is not found.
- When the execution of an addon fails with an exitcode it will now result in an ‘internalError’ instead of being silently ignored.
- “Win32” configurations have been removed from the bundled Visual Studio solution and projects. You might still be able to build 32-bit binaries using CMake but that is untested and unmaintained.