210 likes | 718 Views
Cppcheck. Ana- T eodora P etrea , Irina Grosu. Introduction Cppcheck. C/C++ First released on March 10 th 2009 by Daniel Marjamaki Works by dividing the code into tokens to which applies patterns Users can add more patterns by using a template
E N D
Cppcheck Ana-TeodoraPetrea, Irina Grosu
Introduction Cppcheck • C/C++ • First released on March 10th2009 by Daniel Marjamaki • Works by dividing the code into tokens to which applies patterns • Users can add more patterns by using a template • Used for projects like: Linux Kernel, VLC Player, Git, 7-zip • Has a console and a GUI version • Can be integrated as a plugin for Eclipse, gedit, Hudson
Cppcheck features • Out of bounds checking • Check the code for each class • Checking exception safety • Memory leaks checking • Warn if obsolete functions are used • Check for invalid usage of STL • Check for uninitialized variables and unused functions
1.Buffer overflow – error and corrected versions void BufferOverflow1() { charbuf[8]; strcpy(buf, "Buffer Overflow"); } void BufferOverflow1Correct() { charbuf[8]; char *str = "Buffer Overflow"; if(strlen(str) < sizeof(buf)) { strcpy(buf, str); } }
2.Memory leak – error and corrected versions void MemoryLeak1(unsignedintn) { int *a = newint[5]; a[0] = 4; if(a[0] != n){ return; //Cppcheck result: Memory leak, memory allocated for a is not deleted} delete []a; } void MemoryLeak1Correct(unsignedintn) { int *a = newint[5]; a[0] = 4; if(a[0] != n) { delete []a; return; } delete []a; }
3.Dangling pointer – error and corrected versions void DanglingPointer1() { int *x = newint[5]; //… delete []x; int y = x[2]; //Cppcheck result: references x after deallocation } void DanglingPointer1Correct() { int *x = newint[5]; //… delete []x; x = NULL; if(x != NULL) { int y = x[2]; } }
4.Missmatching allocation/deallocation – error and corrected versions void MismatchingAllocationDeallocation1() { int *a = newint[5]; delete a; // Cppcheck result: delete a - mismatching allocation and dealocation } void MismatchingAllocationDeallocation1Correct() { int *a = newint[5]; delete []a; a = NULL; }
5.Uninitialized variable – error and corrected versions void UninitiliazedVariable1() { int a[5], x; cout << a[x]; // Cppcheck result: Variable 'x' is not assigned a value. } void UninitiliazedVariable1Correct() { int a[5]; int x = 3; //... if(x < sizeof(a)) { cout << a[x]; } }
6. Deallocation of auto variable – not identified by Cppcheck void DeallocationAutoValue1() { int a[5]; //... delete []a; // Cppcheckresult:Thedeallocation of an auto-variable results in // undefined behaviour }
Other C/C++ Analysis Tools with other functionality than Cppcheck • PC-lint • Detection of type mismatches and suspicious casts • MISRA C/C++ rule validation • Analysis of thread behavior • Vera++ • Write your own rules in more detail that with Cppcheck • Rough C and C++ Code Counter • C++ and Java • Generates reports on metrics of the code • HTML pages output for easy navigation • CppNcss • Provides various metrics • Aimed at evaluating maintainability