add CERT STR05-C check (#1899)

* add CERT STR05-C check

* update check

addons/cert.py

@@ -234,6 +234,21 @@ def msc30(data):
         if simpleMatch(token, "rand ( )") and isStandardFunction(token):
             reportError(token, 'style', 'Do not use the rand() function for generating pseudorandom numbers', 'MSC30-c')
 
+
+# STR05-C
+# Use pointers to const when referring to string literals
+def str05(data):
+    for token in data.tokenlist:
+        if token.isString:
+            parent = token.astParent
+            if parent is None:
+                continue
+            parentOp1 = parent.astOperand1
+            if parent.isAssignmentOp and parentOp1.valueType:
+                if (parentOp1.valueType.type in ('char', 'wchar_t')) and parentOp1.valueType.pointer and not parentOp1.valueType.constness:
+                    reportError(parentOp1, 'style', 'Use pointers to const when referring to string literals', 'STR05-C')
+                
+
 for arg in sys.argv[1:]:
     if arg == '-verify':
         VERIFY = True
@@ -259,6 +274,7 @@ for arg in sys.argv[1:]:
         exp42(cfg)
         exp46(cfg)
         int31(cfg, data.platform)
+        str05(cfg)
         msc30(cfg)
 
     if VERIFY:

addons/test/cert-test.c

@@ -1,5 +1,7 @@
 // To test:
 // ~/cppcheck/cppcheck --dump cert-test.c && python ../cert.py -verify cert-test.c.dump
+#include <time.h>
+#include <stdlib.h>
 
 struct S {
     short a;
@@ -61,3 +63,10 @@ void msc30()
     int rand = 5;
     int a = rand;
 }
+
+void str05()
+{
+    char *str1 = "abc";         //cert-STR05-C
+    wchar_t *str2  = L"hello";  //cert-STR05-C
+}
+