2019-06-02 11:28:50 +02:00
---
title: Cppcheck manual
2020-06-14 07:16:14 +02:00
subtitle: Version 2.1.99
2019-06-02 11:28:50 +02:00
author: Cppcheck team
lang: en
documentclass: report
---
2019-03-02 10:08:09 +01:00
2019-06-02 11:28:50 +02:00
# Introduction
2019-03-02 10:08:09 +01:00
2020-04-20 10:40:39 +02:00
Cppcheck is an analysis tool for C/C++ code. It provides unique code analysis to detect bugs and focuses on detecting undefined behaviour and dangerous coding constructs. The goal is to detect only real errors in the code (i.e. have very few false positives). Cppcheck is designed to be able to analyze your C/C++ code even if it has non-standard syntax (common in embedded projects).
2019-03-02 10:08:09 +01:00
Supported code and platforms:
2019-04-03 20:05:04 +02:00
- You can check non-standard code that contains various compiler extensions, inline assembly code, etc.
- Cppcheck should be compilable by any C++ compiler that handles the latest C++ standard.
- Cppcheck should work on any platform that has sufficient CPU and memory.
2019-03-02 10:08:09 +01:00
Please understand that there are limits of Cppcheck. Cppcheck is rarely wrong about reported errors. But there are
many bugs that it doesn't detect.
You will find more bugs in your software by testing your software carefully, than by using Cppcheck. You will find
more bugs in your software by instrumenting your software, than by using Cppcheck. But Cppcheck can still detect some
2019-03-02 14:33:14 +01:00
of the bugs that you miss when testing and instrumenting your software.
2019-06-02 11:28:50 +02:00
# Getting started
2019-03-02 14:33:14 +01:00
2019-06-02 11:28:50 +02:00
## GUI
2019-03-02 14:33:14 +01:00
It is not required but creating a new project file is a good first step. There are a few options you can tweak to get
good results.
2019-03-03 17:31:02 +01:00
In the project settings dialog, the first option you see is "Import project". It is recommended that you use this
feature if you can. Cppcheck can import:
2019-04-03 20:05:04 +02:00
- Visual studio solution / project
- Compile database (can be generated from cmake/qbs/etc build files)
- Borland C++ Builder 6
2019-03-02 14:33:14 +01:00
When you have filled out the project settings and click on OK; the Cppcheck analysis will start.
2019-06-02 11:28:50 +02:00
## Command line
2019-03-02 14:33:14 +01:00
2019-06-02 11:28:50 +02:00
### First test
2019-03-02 14:33:14 +01:00
2019-03-04 20:33:13 +01:00
Here is a simple code
2019-03-02 14:33:14 +01:00
2019-03-04 20:33:13 +01:00
int main()
{
char a[10];
a[10] = 0;
return 0;
}
If you save that into file1.c and execute:
cppcheck file1.c
The output from cppcheck will then be:
Checking file1.c...
[file1.c:4]: (error) Array 'a[10]' index 10 out of bounds
2019-06-02 11:28:50 +02:00
### Checking all files in a folder
2019-03-04 20:33:13 +01:00
Normally a program has many source files. And you want to check them all. Cppcheck can check all source files in a directory:
cppcheck path
If "path" is a folder then cppcheck will recursively check all source files in this folder.
Checking path/file1.cpp...
1/2 files checked 50% done
Checking path/file2.cpp...
2/2 files checked 100% done
2019-06-02 11:28:50 +02:00
### Check files manually or use project file
2019-03-04 20:33:13 +01:00
With Cppcheck you can check files manually, by specifying files/paths to check and settings. Or you can use a project file (cmake/visual studio/etc).
2019-03-04 20:44:57 +01:00
We don't know which approach (project file or manual configuration) will give you the best results. It is recommended that you try both. It is possible that you will get different results so that to find most bugs you need to use both approaches.
2019-03-04 20:33:13 +01:00
Later chapters will describe this in more detail.
2020-01-10 08:57:37 +01:00
### Check files matching a given file filter
With `--file-filter=<str>` you can set a file filter and only those files matching the filter will be checked.
For example: if you want to check only those files and folders starting from a subfolder src/ that start with "test" you have to type:
cppcheck src/ --file-filter=src/test*
Cppcheck first collects all files in src/ and will apply the filter after that. So the filter must start with the given start folder.
2019-06-02 11:28:50 +02:00
### Excluding a file or folder from checking
2019-03-04 20:33:13 +01:00
To exclude a file or folder, there are two options. The first option is to only provide the paths and files you want to check.
cppcheck src/a src/b
All files under src/a and src/b are then checked.
The second option is to use -i, with it you specify files/paths to ignore. With this command no files in src/c are checked:
cppcheck -isrc/c src
2019-12-14 13:04:21 +01:00
This option is only valid when supplying an input directory. To ignore multiple directories supply the -i multiple times. The following command ignores both the src/b and src/c directories.
2019-03-04 20:33:13 +01:00
cppcheck -isrc/b -isrc/c
2020-09-04 18:30:29 +02:00
### Clang parser (experimental)
2020-05-08 20:52:42 +02:00
2020-09-04 18:30:29 +02:00
By default Cppcheck uses an internal C/C++ parser. However there is an experimental option to use the Clang parser instead.
2020-05-08 20:52:42 +02:00
Install `clang` . Then use Cppcheck option `--clang` .
Technically, Cppcheck will execute `clang` with its `-ast-dump` option. The Clang output is then imported and converted into our normal Cppcheck format. And then normal Cppcheck analysis is performed on that.
2019-06-02 11:28:50 +02:00
## Severities
2019-03-04 20:33:13 +01:00
The possible severities for messages are:
2019-03-02 14:33:14 +01:00
2019-03-04 20:33:13 +01:00
**error**
2019-03-02 14:33:14 +01:00
2020-07-23 16:09:24 +02:00
when code is executed there is some bad behavior (undefined behavior, leak)
2019-03-04 20:33:13 +01:00
**warning**
2020-07-23 16:09:24 +02:00
when code is executed there might be undefined behavior
2019-03-04 20:33:13 +01:00
**style**
2020-07-23 16:09:24 +02:00
stylistic issues (unused functions, redundant code, constness, operator precedence, possible mistakes, and such)
2019-03-04 20:33:13 +01:00
**performance**
Suggestions for making the code faster. These suggestions are only based on common knowledge. It is not certain you'll get any measurable difference in speed by fixing these messages.
**portability**
2020-07-23 16:09:24 +02:00
portability warnings. Implementation defined behavior. 64-bit portability. Some undefined behavior that probably works "as you want". etc.
2019-03-04 20:33:13 +01:00
**information**
2020-07-23 16:09:24 +02:00
Configuration problems. If you get such output then your code is ok but your cppcheck configuration could be improved.
2019-03-04 20:33:13 +01:00
2020-06-24 20:47:12 +02:00
## Possible speedup analysis of template code
Cppcheck instantiates the templates in your code.
If your templates are recursive this can lead to slow analysis that uses a lot
of memory. Cppcheck will write information messages when there are potential
2020-06-26 12:39:55 +02:00
problems.
2020-06-24 20:47:12 +02:00
Example code:
template < int i >
void a()
{
a< i + 1 > ();
}
void foo()
{
a< 0 > ();
}
2020-06-26 12:39:55 +02:00
Cppcheck output:
2020-06-26 12:59:40 +02:00
test.cpp:4:5: information: TemplateSimplifier: max template recursion (100) reached for template 'a< 101 > '. You might want to limit Cppcheck recursion. [templateRecursion]
2020-06-26 12:39:55 +02:00
a< i + 1 > ();
^
2020-06-26 12:59:40 +02:00
As you can see Cppcheck has instantiated `a<i+1>` until `a<101>` was reached
and then it bails out.
2020-06-27 10:34:02 +02:00
To limit template recursion you can;
2020-07-15 21:49:25 +02:00
- add template specialisation
- configure cppcheck (in the GUI project file dialog)
2020-06-27 10:34:02 +02:00
Example code with template specialisation:
2020-06-24 20:47:12 +02:00
2020-06-26 12:39:55 +02:00
template < int i >
void a()
{
a< i + 1 > ();
}
void foo()
{
a< 0 > ();
}
#ifdef __cppcheck__
2020-06-24 20:47:12 +02:00
template< > void a< 3 > () {}
2020-06-26 12:39:55 +02:00
#endif
You can pass `-D__cppcheck__` when checking this code.
2020-06-24 20:47:12 +02:00
2019-06-02 11:28:50 +02:00
# Importing project
2019-03-03 17:31:02 +01:00
You can import some project files and build configurations into Cppcheck.
2019-06-02 11:28:50 +02:00
## Cppcheck GUI project
2019-03-03 17:31:02 +01:00
You can import and use Cppcheck GUI project files in the command line tool:
cppcheck --project=foobar.cppcheck
2019-06-16 12:37:18 +02:00
The Cppcheck GUI has a few options that are not available in the command line directly. To use these options you can import a GUI project file. We want to keep the command line tool usage simple and limit the options by intention.
2019-12-14 13:04:21 +01:00
To ignore certain folders in the project you can use `-i` . This will skip analysis of source files in the `foo` folder.
cppcheck --project=foobar.cppcheck -ifoo
2019-06-02 11:28:50 +02:00
## CMake
2019-03-03 17:31:02 +01:00
Generate a compile database:
cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=ON .
The file `compile_commands.json` is created in the current folder. Now run Cppcheck like this:
cppcheck --project=compile_commands.json
2019-12-14 13:04:21 +01:00
To ignore certain folders you can use `-i` . This will skip analysis of source files in the `foo` folder.
cppcheck --project=compile_commands.json -ifoo
2019-06-02 11:28:50 +02:00
## Visual Studio
2019-03-03 17:31:02 +01:00
You can run Cppcheck on individual project files (\*.vcxproj) or on a whole solution (\*.sln)
Running Cppcheck on an entire Visual Studio solution:
cppcheck --project=foobar.sln
Running Cppcheck on a Visual Studio project:
cppcheck --project=foobar.vcxproj
2020-04-19 18:19:28 +02:00
Both options will analyze all available configurations in the project(s).
Limiting on a single configuration:
cppcheck --project=foobar.sln "--project-configuration=Release|Win32"
2019-06-16 12:37:18 +02:00
In the `Cppcheck GUI` you have the choice to only analyze a single debug configuration. If you want to use this choice on the command line then create a `Cppcheck GUI` project with this activated and then import the GUI project file on the command line.
2019-12-14 13:04:21 +01:00
To ignore certain folders in the project you can use `-i` . This will skip analysis of source files in the `foo` folder.
cppcheck --project=foobar.vcxproj -ifoo
2019-06-02 11:28:50 +02:00
## C++ Builder 6
2019-03-03 17:31:02 +01:00
Running Cppcheck on a C++ Builder 6 project:
cppcheck --project=foobar.bpr
2019-12-14 13:04:21 +01:00
To ignore certain folders in the project you can use `-i` . This will skip analysis of source files in the `foo` folder.
cppcheck --project=foobar.bpr -ifoo
2019-06-02 11:28:50 +02:00
## Other
2019-03-03 17:31:02 +01:00
If you can generate a compile database then it's possible to import that in Cppcheck.
In Linux you can use for instance the `bear` (build ear) utility to generate a compile database from arbitrary build tools:
bear make
2019-06-02 11:28:50 +02:00
# Preprocessor Settings
2019-03-03 17:31:02 +01:00
If you use `--project` then Cppcheck will use the preprocessor settings from the imported project. Otherwise you'll probably want to configure the include paths, defines, etc.
2020-06-14 17:40:34 +02:00
## Defined and not defined
2019-03-03 17:31:02 +01:00
Here is a file that has 2 preprocessor configurations (with A defined and without A defined):
#ifdef A
x = y;
#else
x = z;
#endif
2019-04-03 20:05:04 +02:00
By default Cppcheck will check all preprocessor configurations (except those that have #error in them). So the above code will by default be analyzed both with `A` defined and without `A` defined.
2019-03-03 17:31:02 +01:00
2020-06-14 17:40:34 +02:00
You can use `-D` and/or `-U` to change this. When you use `-D` , cppcheck will by default only check the given configuration and nothing else. This is how compilers work. But you can use `--force` or `--max-configs` to override the number of configurations.
2019-03-03 17:31:02 +01:00
Check all configurations:
cppcheck file.c
Only check the configuration A:
cppcheck -DA file.c
Check all configurations when macro A is defined
cppcheck -DA --force file.c
Another useful flag might be `-U` . It tells Cppcheck that a macro is not defined. Example usage:
cppcheck -UX file.c
2019-06-02 11:28:50 +02:00
## Include paths
2019-03-03 17:31:02 +01:00
To add an include path, use `-I` , followed by the path.
Cppcheck's preprocessor basically handles includes like any other preprocessor. However, while other preprocessors stop working when they encounter a missing header, cppcheck will just print an information message and continues parsing the code.
The purpose of this behaviour is that cppcheck is meant to work without necessarily seeing the entire code. Actually, it is recommended to not give all include paths. While it is useful for cppcheck to see the declaration of a class when checking the implementation of its members, passing standard library headers is highly discouraged because it will result in worse results and longer checking time. For such cases, .cfg files (see below) are the better way to provide information about the implementation of functions and types to cppcheck.
2020-06-14 17:40:34 +02:00
# Platform
You should use a platform configuration that match your target.
By default Cppcheck uses native platform configuration that works well if your code is compiled and executed locally.
Cppcheck has builtin configurations for Unix and Windows targets. You can easily use these with the `--platform` command line flag.
You can also create your own custom platform configuration in a XML file. Here is an example:
<?xml version="1"?>
< platform >
< char_bit > 8< / char_bit >
< default-sign > signed< / default-sign >
< sizeof >
< short > 2< / short >
< int > 4< / int >
< long > 4< / long >
< long-long > 8< / long-long >
< float > 4< / float >
< double > 8< / double >
< long-double > 12< / long-double >
< pointer > 4< / pointer >
< size_t > 4< / size_t >
< wchar_t > 2< / wchar_t >
< / sizeof >
< / platform >
# C/C++ Standard
2020-06-22 20:10:03 +02:00
Use `--std` on the command line to specify a C/C++ standard.
2020-06-14 17:40:34 +02:00
Cppcheck assumes that the code is compatible with the latest C/C++ standard but you can override this.
The available options are:
2020-07-15 21:49:25 +02:00
- c89: C code is C89 compatible
- c99: C code is C99 compatible
- c11: C code is C11 compatible (default)
- c++03: C++ code is C++03 compatible
- c++11: C++ code is C++11 compatible
- c++14: C++ code is C++14 compatible
- c++17: C++ code is C++17 compatible
- c++20: C++ code is C++20 compatible (default)
2020-06-14 17:40:34 +02:00
2019-06-02 11:28:50 +02:00
# Suppressions
2019-03-03 17:31:02 +01:00
If you want to filter out certain errors you can suppress these.
2019-04-03 20:05:04 +02:00
Please note that if you see a false positive then we (the Cppcheck team) want that you report it so we can fix it.
2019-03-03 17:31:02 +01:00
2019-06-02 11:28:50 +02:00
## Plain text suppressions
2019-03-03 17:31:02 +01:00
You can suppress certain types of errors. The format for such a suppression is one of:
[error id]:[filename]:[line]
[error id]:[filename2]
[error id]
The `error id` is the id that you want to suppress. The easiest way to get it is to use the --template=gcc command line flag. The id is shown in brackets.
2019-11-17 17:18:31 +01:00
The filename may include the wildcard characters \* or ?, which match any sequence of characters or any single character respectively. It is recommended that you use "/" as path separator on all operating systems. The filename must match the filename in the reported warning exactly. For instance, if the warning contains a relative path then the suppression must match that relative path.
2019-03-03 17:31:02 +01:00
2019-06-02 11:28:50 +02:00
## Command line suppression
2019-03-03 17:31:02 +01:00
The `--suppress=` command line option is used to specify suppressions on the command line. Example:
cppcheck --suppress=memleak:src/file1.cpp src/
2019-06-02 11:28:50 +02:00
## Suppressions in a file
2019-03-03 17:31:02 +01:00
You can create a suppressions file. Example:
// suppress memleak and exceptNew errors in the file src/file1.cpp
memleak:src/file1.cpp
exceptNew:src/file1.cpp
2019-04-03 20:05:04 +02:00
2020-08-20 21:49:07 +02:00
uninitvar // suppress all uninitvar errors in all files
2019-03-03 17:31:02 +01:00
Note that you may add empty lines and comments in the suppressions file.
2020-08-20 21:49:07 +02:00
Comments must start with `#` or `//` and be at the start of the line, or after the suppression line.
2019-03-03 17:31:02 +01:00
You can use the suppressions file like this:
cppcheck --suppressions-list=suppressions.txt src/
2019-06-02 11:28:50 +02:00
## XML suppressions
2019-03-03 17:31:02 +01:00
You can specify suppressions in a XML file. Example file:
<?xml version="1.0"?>
< suppressions >
< suppress >
< id > uninitvar< / id >
< fileName > src/file1.c< / fileName >
< lineNumber > 10< / lineNumber >
< symbolName > var< / symbolName >
< / suppress >
< / suppressions >
2019-04-08 16:03:43 +02:00
The XML format is extensible and may be extended with further attributes in the future.
2019-03-03 17:31:02 +01:00
You can use the suppressions file like this:
cppcheck --suppress-xml=suppressions.xml src/
2019-06-02 11:28:50 +02:00
## Inline suppressions
2019-03-03 17:31:02 +01:00
Suppressions can also be added directly in the code by adding comments that contain special keywords. Before adding such comments, consider that the code readability is sacrificed a little.
This code will normally generate an error message:
void f() {
char arr[5];
arr[10] = 0;
}
The output is:
cppcheck test.c
[test.c:3]: (error) Array 'arr[5]' index 10 out of bounds
2020-02-25 19:59:21 +01:00
To activate inline suppressions:
cppcheck --inline-suppr test.c
### Format
You can suppress a warning `aaaa` with:
// cppcheck-suppress aaaa
Suppressing multiple ids in one comment by using []:
// cppcheck-suppress [aaaa, bbbb]
### Comment before code or on same line
The comment can be put before the code or at the same line as the code;
Before the code:
2019-03-03 17:31:02 +01:00
void f() {
char arr[5];
2019-04-03 20:05:04 +02:00
2019-03-03 17:31:02 +01:00
// cppcheck-suppress arrayIndexOutOfBounds
arr[10] = 0;
}
2020-02-25 19:59:21 +01:00
Or at the same line as the code:
2019-03-03 17:31:02 +01:00
2020-02-25 19:59:21 +01:00
void f() {
char arr[5];
arr[10] = 0; // cppcheck-suppress arrayIndexOutOfBounds
}
### Multiple suppressions
For a line of code there might be several warnings you want to suppress.
There are several options;
Using 2 suppression comments before code:
void f() {
char arr[5];
// cppcheck-suppress arrayIndexOutOfBounds
// cppcheck-suppress zerodiv
arr[10] = arr[10] / 0;
}
Using 1 suppression comment before the code:
void f() {
char arr[5];
// cppcheck-suppress[arrayIndexOutOfBounds,zerodiv]
arr[10] = arr[10] / 0;
}
Suppression comment on the same line as the code:
void f() {
char arr[5];
arr[10] = arr[10] / 0; // cppcheck-suppress[arrayIndexOutOfBounds,zerodiv]
}
### Symbol name
2019-03-03 17:31:02 +01:00
You can specify that the inline suppression only applies to a specific symbol:
2020-02-25 19:59:21 +01:00
// cppcheck-suppress aaaa symbolName=arr
Or
// cppcheck-suppress[aaaa symbolName=arr, bbbb]
### Comment about suppression
2019-03-03 17:31:02 +01:00
2020-02-25 19:59:21 +01:00
You can write comments about a suppression like so:
2019-03-03 17:31:02 +01:00
2020-02-25 19:59:21 +01:00
// cppcheck-suppress[warningid] some comment
// cppcheck-suppress warningid ; some comment
// cppcheck-suppress warningid // some comment
2019-03-03 17:31:02 +01:00
2019-06-02 11:28:50 +02:00
# XML output
2019-03-03 17:31:02 +01:00
Cppcheck can generate output in XML format. Use `--xml` to enable this format.
A sample command to check a file and output errors in the XML format:
cppcheck --xml file1.cpp
Here is a sample report:
<?xml version="1.0" encoding="UTF-8"?>
< results version = "2" >
2019-09-20 16:46:57 +02:00
< cppcheck version = "1.66" / >
2019-03-03 17:31:02 +01:00
< errors >
< error id = "someError" severity = "error" msg = "short error text"
verbose="long error text" inconclusive="true" cwe="312">
< location file0 = "file.c" file = "file.h" line = "1" / >
< / error >
< / errors >
< / results >
2019-06-02 11:28:50 +02:00
## The `<error>` element
2019-03-03 17:31:02 +01:00
Each error is reported in a `<error>` element. Attributes:
**id**
id of error. These are always valid symbolnames.
**severity**
error/warning/style/performance/portability/information
**msg**
the error message in short format
**verbose**
the error message in long format
**inconclusive**
this attribute is only used when the error message is inconclusive
**cwe**
CWE ID for the problem. This attribute is only used when the CWE ID for the message is known.
2019-06-02 11:28:50 +02:00
## The `<location>` element
2019-03-03 17:31:02 +01:00
All locations related to an error are listed with `<location>` elements. The primary location is listed first.
Attributes:
**file**
filename. both relative and absolute paths are possible.
**file0**
name of the source file (optional)
**line**
line number
**info**
short information for each location (optional)
2019-06-02 11:28:50 +02:00
# Reformatting the text output
2019-03-03 17:31:02 +01:00
If you want to reformat the output so it looks different you can use templates.
2019-06-02 11:28:50 +02:00
## Predefined output formats
2019-03-03 17:31:02 +01:00
To get Visual Studio compatible output you can use --template=vs:
cppcheck --template=vs samples/arrayIndexOutOfBounds/bad.c
This output will look like this:
Checking samples/arrayIndexOutOfBounds/bad.c ...
samples/arrayIndexOutOfBounds/bad.c(6): error: Array 'a[2]' accessed at index 2, which is out of bounds.
To get gcc compatible output you can use --template=gcc:
cppcheck --template=gcc samples/arrayIndexOutOfBounds/bad.c
The output will look like this:
Checking samples/arrayIndexOutOfBounds/bad.c ...
samples/arrayIndexOutOfBounds/bad.c:6:6: warning: Array 'a[2]' accessed at index 2, which is out of bounds. [arrayIndexOutOfBounds]
a[2] = 0;
^
2019-06-02 11:28:50 +02:00
## User defined output format (single line)
2019-03-03 17:31:02 +01:00
You can write your own pattern. For instance, to get warning messages that are formatted like old gcc such format can be used:
cppcheck --template="{file}:{line}: {severity}: {message}" samples/arrayIndexOutOfBounds/bad.c
The output will look like this:
Checking samples/arrayIndexOutOfBounds/bad.c ...
samples/arrayIndexOutOfBounds/bad.c:6: error: Array 'a[2]' accessed at index 2, which is out of bounds.
A comma separated format:
cppcheck --template="{file},{line},{severity},{id},{message}" samples/arrayIndexOutOfBounds/bad.c
The output will look like this:
Checking samples/arrayIndexOutOfBounds/bad.c ...
samples/arrayIndexOutOfBounds/bad.c,6,error,arrayIndexOutOfBounds,Array 'a[2]' accessed at index 2, which is out of bounds.
2019-06-02 11:28:50 +02:00
## User defined output format (multi line)
2019-03-03 17:31:02 +01:00
Many warnings have multiple locations. Example code:
void f(int *p)
{
*p = 3; // line 3
}
2019-04-03 20:05:04 +02:00
2019-03-03 17:31:02 +01:00
int main()
{
int *p = 0; // line 8
f(p); // line 9
return 0;
2019-04-01 13:30:24 +02:00
}
2019-03-03 17:31:02 +01:00
There is a possible null pointer dereference at line 3. Cppcheck can show how it came to that conclusion by showing extra location information. You need to use both --template and --template-location at the command line.
Example command:
cppcheck --template="{file}:{line}: {severity}: {message}\n{code}" --template-location="{file}:{line}: note: {info}\n{code}" multiline.c
The output from Cppcheck is:
Checking multiline.c ...
multiline.c:3: warning: Possible null pointer dereference: p
*p = 3;
^
multiline.c:8: note: Assignment 'p=0', assigned value is 0
int *p = 0;
^
multiline.c:9: note: Calling function 'f', 1st argument 'p' value is 0
f(p);
^
multiline.c:3: note: Null pointer dereference
*p = 3;
^
The first line in the warning is formatted by the --template format.
The other lines in the warning are formatted by the --template-location format.
2019-06-02 11:28:50 +02:00
### Format specifiers for --template
2019-03-03 17:31:02 +01:00
The available specifiers for --template are:
**{file}**
File name
**{line}**
Line number
**{column}**
Column number
**{callstack}**
Write all locations. Each location is written in [{file}:{line}] format and the locations are separated by ->. For instance it might look like: [multiline.c:8] -> [multiline.c:9] -> [multiline.c:3]
**{inconclusive:text}**
If warning is inconclusive then the given text is written. The given text can be any arbitrary text that does not contain }. Example: {inconclusive:inconclusive,}
**{severity}**
error/warning/style/performance/portability/information
**{message}**
The warning message
**{id}**
Warning id
**{code}**
The real code.
2019-06-02 11:28:50 +02:00
**\\t**
2019-03-03 17:31:02 +01:00
Tab
2019-06-02 11:28:50 +02:00
**\\n**
2019-03-03 17:31:02 +01:00
Newline
2019-06-02 11:28:50 +02:00
**\\r**
2019-03-03 17:31:02 +01:00
Carriage return
2019-06-02 11:28:50 +02:00
### Format specifiers for --template-location
2019-03-03 17:31:02 +01:00
The available specifiers for `--template-location` are:
**{file}**
File name
**{line}**
Line number
**{column}**
Column number
**{info}**
Information message about current location
**{code}**
The real code.
2019-06-02 11:28:50 +02:00
**\\t**
2019-03-03 17:31:02 +01:00
Tab
2019-06-02 11:28:50 +02:00
**\\n**
2019-03-03 17:31:02 +01:00
Newline
2019-06-02 11:28:50 +02:00
**\\r**
2019-03-03 17:31:02 +01:00
Carriage return
2019-06-02 11:28:50 +02:00
# Addons
2019-03-03 17:31:02 +01:00
2019-11-15 20:14:30 +01:00
Addons are scripts that analyses Cppcheck dump files to check compatibility with secure coding standards and to locate various issues.
2019-03-03 17:31:02 +01:00
2019-11-15 20:14:30 +01:00
Cppcheck is distributed with a few addons which are listed below.
## Supported addons
### cert.py
2019-03-03 17:31:02 +01:00
2020-06-15 20:04:43 +02:00
[cert.py ](https://github.com/danmar/cppcheck/blob/main/addons/cert.py ) checks for compliance with the safe programming standard [SEI CERT ](http://www.cert.org/secure-coding/ ).
2019-03-03 17:31:02 +01:00
2019-11-15 20:14:30 +01:00
### misra.py
2019-03-03 17:31:02 +01:00
2020-06-15 20:04:43 +02:00
[misra.py ](https://github.com/danmar/cppcheck/blob/main/addons/misra.py ) is used to verify compliance with MISRA C 2012 - a proprietary set of guidelines to avoid such questionable code, developed for embedded systems.
2019-04-08 21:31:38 +02:00
2020-06-15 20:04:43 +02:00
Since this standard is proprietary, cppcheck does not display error text by specifying only the number of violated rules (for example, [c2012-21.3]). If you want to display full texts for violated rules, you will need to create a text file containing MISRA rules, which you will have to pass when calling the script with `--rule-texts` key. Some examples of rule texts files available in [tests directory ](https://github.com/danmar/cppcheck/blob/main/addons/test/misra/ ).
2019-04-08 21:31:38 +02:00
2019-11-15 20:14:30 +01:00
You can also suppress some unwanted rules using `--suppress-rules` option. Suppressed rules should be set as comma-separated listed, for example: `--suppress-rules 21.1,18.7` . The full list of supported rules is available on [Cppcheck ](http://cppcheck.sourceforge.net/misra.php ) home page.
2019-04-08 21:31:38 +02:00
2019-11-15 20:14:30 +01:00
### y2038.py
2019-04-08 21:31:38 +02:00
2020-06-15 20:04:43 +02:00
[y2038.py ](https://github.com/danmar/cppcheck/blob/main/addons/y2038.py ) checks Linux system for [year 2038 problem ](https://en.wikipedia.org/wiki/Year_2038_problem ) safety. This required [modified environment ](https://github.com/3adev/y2038 ). See complete description [here ](https://github.com/danmar/cppcheck/blob/main/addons/doc/y2038.txt ).
2019-04-08 21:31:38 +02:00
2019-11-15 20:14:30 +01:00
### threadsafety.py
2020-06-15 20:04:43 +02:00
[threadsafety.py ](https://github.com/danmar/cppcheck/blob/main/addons/threadsafety.py ) analyse Cppcheck dump files to locate thread safety issues like static local objects used by multiple threads.
2019-11-15 20:14:30 +01:00
## Running Addons
Addons could be run through Cppcheck command line utility as follows:
cppcheck --addon=misra.py somefile.c
2019-11-19 20:02:24 +01:00
This will launch all Cppcheck checks and additionally calls specific checks provided by selected addon.
2019-11-15 20:14:30 +01:00
Some addons need extra arguments. You can configure how you want to execute an addon in a json file. For example put this in misra.json:
2019-04-08 21:31:38 +02:00
{
2019-06-15 16:40:01 +02:00
"script": "misra.py",
2019-11-15 20:14:30 +01:00
"args": [
"--rule-texts=misra.txt",
"--suppress-rules 17.3,21.12"
]
2019-04-08 21:31:38 +02:00
}
2019-06-15 16:40:01 +02:00
And then the configuration can be executed on the cppcheck command line:
2019-04-08 21:31:38 +02:00
2019-06-15 16:40:01 +02:00
cppcheck --addon=misra.json somefile.c
2019-04-08 21:31:38 +02:00
2019-11-15 20:14:30 +01:00
By default Cppcheck would search addon at standard path which was specified in installation process. You also can set this path directly, for example:
cppcheck --addon=/opt/cppcheck/configurations/my_misra.json somefile.c
2019-04-08 21:31:38 +02:00
2019-11-15 20:14:30 +01:00
This allows you create and manage multiple configuration files for different projects.
2019-03-03 17:31:02 +01:00
2019-06-02 11:28:50 +02:00
# Library configuration
2019-03-03 17:31:02 +01:00
When external libraries are used, such as WinAPI, POSIX, gtk, Qt, etc, Cppcheck doesn't know how the external functions behave. Cppcheck then fails to detect various problems such as leaks, buffer overflows, possible null pointer dereferences, etc. But this can be fixed with configuration files.
Cppcheck already contains configurations for several libraries. They can be loaded as described below. Note that the configuration for the standard libraries of C and C++, std.cfg, is always loaded by cppcheck. If you create or update a configuration file for a popular library, we would appreciate if you upload it to us.
2019-06-02 11:28:50 +02:00
## Using your own custom .cfg file
2019-03-03 17:31:02 +01:00
2019-03-04 16:11:42 +01:00
You can create and use your own .cfg files for your projects. Use `--check-library` and `--enable=information` to get hints about what you should configure.
2019-06-16 10:08:37 +02:00
You can use the `Library Editor` in the `Cppcheck GUI` to edit configuration files. It is available in the `View` menu.
2019-03-04 16:11:42 +01:00
2019-06-16 10:08:37 +02:00
The .cfg file format is documented in the `Reference: Cppcheck .cfg format` (http://cppcheck.sf.net/reference-cfg-format.pdf) document.
2019-05-02 11:04:23 +02:00
2019-06-02 11:28:50 +02:00
# HTML Report
2019-03-04 20:33:13 +01:00
2019-04-03 20:05:04 +02:00
You can convert the XML output from cppcheck into a HTML report. You'll need Python and the pygments module (< http: / / pygments . org / ) > for this to work. In the Cppcheck source tree there is a folder htmlreport that contains a script that transforms a Cppcheck XML file into HTML output.
2019-03-04 20:33:13 +01:00
This command generates the help screen:
htmlreport/cppcheck-htmlreport -h
The output screen says:
Usage: cppcheck-htmlreport [options]
Options:
-h, --help show this help message and exit
--file=FILE The cppcheck xml output file to read defects from.
Default is reading from stdin.
--report-dir=REPORT_DIR
The directory where the html report content is written.
--source-dir=SOURCE_DIR
Base directory where source code files can be found.
An example usage:
./cppcheck gui/test.cpp --xml 2> err.xml
htmlreport/cppcheck-htmlreport --file=err.xml --report-dir=test1 --source-dir=.
2019-12-23 16:34:50 +01:00
2020-04-20 10:40:39 +02:00
# Bug hunting
2019-12-23 16:34:50 +01:00
2020-05-08 22:47:27 +02:00
If you want to detect most bugs and can accept false alarms then Cppcheck has analysis for that.
2019-12-31 14:03:12 +01:00
2020-05-08 22:47:27 +02:00
This analysis is "soundy"; it should diagnose most bugs reported in CVEs and from dynamic analysis.
You have to expect false alarms. However Cppcheck tries to limit false alarms. The purpose of the data flow analysis is to limit false alarms.
2020-05-03 17:42:43 +02:00
2020-04-29 22:27:34 +02:00
Some possible use cases;
2020-07-15 21:49:25 +02:00
- you are writing new code and want to ensure it is safe.
- you are reviewing code and want to get hints about possible UB.
- you need extra help troubleshooting a weird bug.
- you want to check if a release candidate is safe.
2019-12-23 16:34:50 +01:00
2020-04-29 22:27:34 +02:00
The intention is that this will be used primarily in the GUI.
2020-04-20 10:40:39 +02:00
2020-04-29 22:27:34 +02:00
## Activate this analysis
2020-04-20 10:40:39 +02:00
2020-08-25 18:10:03 +02:00
On the command line you can use `--bug-hunting` . In the GUI goto the project
dialog. In the `Analysis` tab there is a check box for `Bug hunting` .
2020-04-20 10:40:39 +02:00
2020-08-25 18:10:03 +02:00
## Contracts
2020-04-20 10:40:39 +02:00
2020-08-25 18:10:03 +02:00
To handle false alarms and improve the analysis you are encouraged to use
contracts.
2020-04-20 10:40:39 +02:00
2020-08-25 18:10:03 +02:00
To provide contracts, you can either annotate your code or configure the
contracts in the GUI.
2020-04-20 10:40:39 +02:00
2020-08-25 18:10:03 +02:00
There exists various annotations for C and C++ code. gcc has attributes, there
are SAL annotations, and then there are standard C++ annotations. It is our
goal to handle various types of annotations, if you can reuse those annotations
in Cppcheck analysis that will be an extra benefit.
### Function contracts
Here is an example code:
int foo(int x)
{
return 100 / x;
}
The bug hunting analysis will warn about a division by zero. Right now, it
can't be proven that x can't be 0 here. A function contract can be used to
tell Cppcheck what input "foo(x)" expects.
#### Annotation
You can use "C++ function contracts" syntax both in C and C++.
For C++ code you can write:
int foo(int x)
[[expects: x > 0]]
{
return 100 / x; // No division by zero
}
void bar()
{
foo(-10); // Warning: Contract is violated!
}
For C code you can write (works in C++ too):
#ifdef __cppcheck__
#define Expects(EXPR) [[expects: EXPR]]
#else
#define Expects(EXPR)
#endif
int foo(int x)
Expects(x > 0)
{
return 100 / x;
}
void bar()
{
foo(-10); // Warning: Contract is violated!
}
#### Configuration in gui
You can configure contracts in the GUI.
2020-04-20 10:40:39 +02:00
2020-04-29 22:27:34 +02:00
Example code:
2020-04-20 10:40:39 +02:00
2020-04-29 22:27:34 +02:00
int foo(int x)
2020-04-20 10:40:39 +02:00
{
return 100 / x;
}
2020-08-25 18:10:03 +02:00
If you run bug hunting analysis on this code then because Cppcheck can't prove
that x can't be 0 you will get a warning about division by zero.
Either:
2020-08-25 18:16:14 +02:00
2020-08-25 18:13:18 +02:00
- Right click on that warning and select "Edit contract..".
- Open the "Functions" tab at the bottom and lookup the "foo(x)" function. Then
2020-08-25 18:10:03 +02:00
double click on that.
A dialog box is shown where you can configure the contract for function "foo(x)".
A textbox allows you to edit the "Expects" expression.
Enter the expression "x > 0" in the dialog box and click OK.
Now if you run analysis the division by zero warning will be gone. As for
annotations, if the contract is violated somewhere then you will get a warning.
### Variable contracts
Here is an example code:
int x;
int foo()
{
return 100 / x;
}
The bug hunting analysis will warn about a division by zero. It can't be proven
that x can't be 0.
2020-08-28 19:42:52 +02:00
A variable contract specify the allowed values for a variable. Cppcheck use variable
contracts both when a variable is read and written:
- When a variable is read, Cppcheck will assume that the contract is met. This
means you can avoid false positives for impossible variable values.
- When a variable is written, Cppcheck will ensure that its contract is not
violated. If it can't be determined that the contract is met you will get a
warning.
2020-04-20 10:40:39 +02:00
2020-08-25 18:10:03 +02:00
#### Annotation
2020-04-20 10:40:39 +02:00
2020-08-25 18:10:03 +02:00
You can use Cppcheck attributes `__cppcheck_low__(value)` and
`__cppcheck_high__(value)` to configure min and max values for variables
and types.
2020-04-20 10:40:39 +02:00
2020-08-25 18:10:03 +02:00
Example code:
2020-04-29 22:27:34 +02:00
2020-08-25 18:10:03 +02:00
__cppcheck_low__ (1) int x;
2020-04-20 10:40:39 +02:00
2020-08-25 18:10:03 +02:00
int foo()
2020-04-20 10:40:39 +02:00
{
2020-08-25 18:10:03 +02:00
return 100 / x; // No division by zero
2020-04-20 10:40:39 +02:00
}
2020-08-25 18:10:03 +02:00
Tip: You can create an integer type with a limited value range. For instance
here is an unsigned integer type that can only have the values 0-100:
typedef __cppcheck_high__ (100) unsigned int percent_t;
percent_t x;
x = 110; // < - Cppcheck will warn about this assignment
2020-04-29 22:27:34 +02:00
2020-08-25 18:10:03 +02:00
#### GUI
2020-04-29 22:27:34 +02:00
2020-08-25 18:10:03 +02:00
To configure variable contracts in the GUI, open the "Variables" tab at the
bottom.
2020-04-29 22:27:34 +02:00
2020-08-25 18:10:03 +02:00
Lookup the variable you want to configure and double click on that.
2020-04-29 22:27:34 +02:00
2020-08-25 18:10:03 +02:00
A dialog box is shown for the variable, where you can configure the min and
max values.
2020-07-15 21:49:25 +02:00
2020-04-29 22:27:34 +02:00
## Incomplete analysis
2020-06-15 20:09:03 +02:00
The data flow analysis can analyze simple functions completely but complex functions are not analyzed completely (yet). The data flow analysis will be continuously improved in the future but it will never be perfect.
2020-04-29 22:27:34 +02:00
It is likely that you will get false alarms caused by incomplete data flow analysis. Unfortunately it is unlikely that such false alarms can be fixed by contracts.
2020-04-20 10:40:39 +02:00