2.6.3: set version

Example:
{
    "addons":["cert"]
}

With that cppcheck.cfg file cppcheck will always run the "cert" addon. Explicit options such as --addon=cert will not be needed.

.github/workflows/CI-windows.yml

@@ -34,6 +34,7 @@ jobs:
         uses: microsoft/setup-msbuild@v1.0.2
 
       - name: Install PCRE
+        if: false
         run: |
           call "C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Auxiliary\Build\vcvarsall.bat" ${{ matrix.arch }} || exit /b !errorlevel!
           curl -fsSL https://ftp.pcre.org/pub/pcre/pcre-%PCRE_VERSION%.zip -o pcre-%PCRE_VERSION%.zip || exit /b !errorlevel!

.github/workflows/release-windows.yml

@@ -29,6 +29,7 @@ jobs:
         uses: microsoft/setup-msbuild@v1.0.2
 
       - name: Install PCRE
+        if: false
         run: |
           curl -fsSL https://ftp.pcre.org/pub/pcre/pcre-8.44.zip -o pcre-8.44.zip
           7z x pcre-8.44.zip
@@ -79,13 +80,29 @@ jobs:
           del Build\gui\cppcheck-gui.pdb
 
       - name: Build CLI x64 release configuration using MSBuild
-        run: msbuild -m cppcheck.sln /t:cli /p:Configuration=Release-PCRE /p:Platform=x64
+        run: msbuild -m cppcheck.sln /t:cli /p:Configuration=Release /p:Platform=x64
+
+      - name: Collect files
+        run: |
+          move Build\gui win_installer\files
+          mkdir win_installer\files\addons
+          copy addons\*.* win_installer\files\addons
+          mkdir win_installer\files\cfg
+          copy cfg\*.cfg win_installer\files\cfg
+          mkdir win_installer\files\platforms
+          copy platforms\*.xml win_installer\files\platforms
+          copy bin\cppcheck.exe win_installer\files
+          copy bin\cppcheck-core.dll win_installer\files
+          copy externals\z3\bin\libz3.dll win_installer\files
+          mkdir win_installer\files\help
+          xcopy /s gui\help win_installer\files\help
+          del win_installer\files\translations\*.qm
+          move gui\*.qm win_installer\files\translations
+
 
       - name: Build Installer
         run: |
           call "C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Auxiliary\Build\vcvars64.bat"
-          mkdir bin
-          xcopy /S Build\gui bin
           cd win_installer
           REM Read ProductVersion
           for /f "tokens=4 delims= " %%a in ('find "ProductVersion" productInfo.wxi') do set PRODUCTVER=%%a
@@ -102,4 +119,4 @@ jobs:
       - uses: actions/upload-artifact@v2
         with:
           name: deploy
-          path: Build\gui
+          path: win_installer\files

Makefile

@@ -99,7 +99,7 @@ ifeq (clang++, $(findstring clang++,$(CXX)))
     CPPCHK_GLIBCXX_DEBUG=
 endif
 ifndef CXXFLAGS
-    CXXFLAGS=-pedantic -Wall -Wextra -Wcast-qual -Wno-deprecated-declarations -Wfloat-equal -Wmissing-declarations -Wmissing-format-attribute -Wno-long-long -Wpacked -Wredundant-decls -Wundef -Wno-shadow -Wno-missing-field-initializers -Wno-missing-braces -Wno-sign-compare -Wno-multichar $(CPPCHK_GLIBCXX_DEBUG) -g
+    CXXFLAGS=-std=c++0x -O2 -DNDEBUG -Wall -Wno-sign-compare
 endif
 
 # Increase stack size for Cygwin builds to avoid segmentation fault in limited recursive tests.
@@ -316,7 +316,7 @@ dmake:	tools/dmake.o cli/filelister.o $(libcppdir)/pathmatch.o $(libcppdir)/path
 	$(CXX) $(CXXFLAGS) -o $@ $^ $(LDFLAGS)
 
 run-dmake: dmake
-	./dmake
+	./dmake --release
 
 generate_cfg_tests: tools/generate_cfg_tests.o $(EXTOBJ)
 	g++ -isystem externals/tinyxml2 -o generate_cfg_tests tools/generate_cfg_tests.o $(EXTOBJ)

addons/cppcheckdata.py

@@ -608,13 +608,13 @@ class Variable:
         self.access = element.get('access')
         self.scopeId = element.get('scope')
         self.scope = None
-        self.isArgument = element.get('isArgument') == 'true'
+        self.isArgument = (self.access and self.access == 'Argument')
         self.isArray = element.get('isArray') == 'true'
         self.isClass = element.get('isClass') == 'true'
         self.isConst = element.get('isConst') == 'true'
-        self.isGlobal = element.get('access') == 'Global'
+        self.isGlobal = (self.access and self.access == 'Global')
         self.isExtern = element.get('isExtern') == 'true'
-        self.isLocal = element.get('isLocal') == 'true'
+        self.isLocal = (self.access and self.access == 'Local')
         self.isPointer = element.get('isPointer') == 'true'
         self.isReference = element.get('isReference') == 'true'
         self.isStatic = element.get('isStatic') == 'true'

cli/cmdlineparser.cpp

@@ -121,6 +121,8 @@ bool CmdLineParser::parseFromArgs(int argc, const char* const argv[])
 
     mSettings->exename = argv[0];
 
+    mSettings->loadCppcheckCfg(Path::getPathFromFilename(argv[0]) + "cppcheck.cfg");
+
     for (int i = 1; i < argc; i++) {
         if (argv[i][0] == '-') {
             // User define

cli/main.cpp

@@ -20,7 +20,7 @@
 /**
  *
  * @mainpage Cppcheck
- * @version 2.5
+ * @version 2.6
  *
  * @section overview_sec Overview
  * Cppcheck is a simple tool for static analysis of C/C++ code.

cmake/versions.cmake

@@ -1,5 +1,5 @@
 # Version for libraries CPP
-SET(VERSION "2.5.99")
+SET(VERSION "2.6.3")
 STRING(REGEX MATCHALL "[0-9]" VERSION_PARTS "${VERSION}")
 LIST(GET VERSION_PARTS 0 VERSION_MAJOR)
 LIST(GET VERSION_PARTS 1 VERSION_MINOR)

gui/mainwindow.cpp

@@ -508,6 +508,10 @@ void MainWindow::doAnalyzeFiles(const QStringList &files, const bool checkLibrar
     checkSettings.checkLibrary = checkLibrary;
     checkSettings.checkConfiguration = checkConfiguration;
 
+    const QString applicationFilePath = QCoreApplication::applicationFilePath();
+    const QString appPath = QFileInfo(applicationFilePath).canonicalPath();
+    checkSettings.loadCppcheckCfg(appPath.toStdString() + "/cppcheck.cfg");
+
     if (mProjectFile)
         qDebug() << "Checking project file" << mProjectFile->getFilename();
 
@@ -850,6 +854,9 @@ Settings MainWindow::getCppcheckSettings()
 
     Settings result;
 
+    const QString applicationFilePath = QCoreApplication::applicationFilePath();
+    result.exename = applicationFilePath.toStdString();
+
     const bool std = tryLoadLibrary(&result.library, "std.cfg");
     bool posix = true;
     if (result.posix())

gui/threadhandler.cpp

@@ -92,8 +92,15 @@ void ThreadHandler::check(const Settings &settings)
         mRunningThreadCount = mResults.getFileCount();
     }
 
+    QStringList addonsAndTools = mAddonsAndTools;
+    for (const std::string& addon: settings.addons) {
+        QString s = QString::fromStdString(addon);
+        if (!addonsAndTools.contains(s))
+            addonsAndTools << s;
+    }
+
     for (int i = 0; i < mRunningThreadCount; i++) {
-        mThreads[i]->setAddonsAndTools(mAddonsAndTools);
+        mThreads[i]->setAddonsAndTools(addonsAndTools);
         mThreads[i]->setSuppressions(mSuppressions);
         mThreads[i]->setClangIncludePaths(mClangIncludePaths);
         mThreads[i]->setDataDir(mDataDir);

lib/cppcheck.cpp

@@ -68,9 +68,10 @@ static const CWE CWE398(398U);  // Indicator of Poor Code Quality
 namespace {
     struct AddonInfo {
         std::string name;
-        std::string scriptFile;
-        std::string args;
-        std::string python;
+        std::string scriptFile; // addon script
+        std::string executable; // addon executable
+        std::string args;       // special extra arguments
+        std::string python;     // script interpreter
         bool ctu = false;
         std::string runScript{};
 
@@ -111,7 +112,7 @@ namespace {
             if (obj.count("ctu")) {
                 // ctu is specified in the config file
                 if (!obj["ctu"].is<bool>())
-                    return "Loading " + fileName + " failed. ctu must be array.";
+                    return "Loading " + fileName + " failed. ctu must be boolean.";
                 ctu = obj["ctu"].get<bool>();
             } else {
                 ctu = false;
@@ -127,6 +128,13 @@ namespace {
                 python = "";
             }
 
+            if (obj.count("executable")) {
+                if (!obj["executable"].is<std::string>())
+                    return "Loading " + fileName + " failed. executable must be a string.";
+                executable = getFullPath(obj["executable"].get<std::string>(), fileName);
+                return "";
+            }
+
             return getAddonInfo(obj["script"].get<std::string>(), exename);
         }
 
@@ -273,7 +281,9 @@ static std::string executeAddon(const AddonInfo &addonInfo,
 
     std::string pythonExe;
 
-    if (!addonInfo.python.empty())
+    if (!addonInfo.executable.empty())
+        pythonExe = addonInfo.executable;
+    else if (!addonInfo.python.empty())
         pythonExe = cmdFileName(addonInfo.python);
     else if (!defaultPythonExe.empty())
         pythonExe = cmdFileName(defaultPythonExe);
@@ -294,9 +304,13 @@ static std::string executeAddon(const AddonInfo &addonInfo,
             throw InternalError(nullptr, "Failed to auto detect python");
     }
 
+    std::string args;
+    if (addonInfo.executable.empty())
+        args = cmdFileName(addonInfo.runScript) + " " + cmdFileName(addonInfo.scriptFile);
+    args += std::string(args.empty() ? "" : " ") + "--cli" + addonInfo.args;
+
     const std::string fileArg = (endsWith(file, FILELIST, sizeof(FILELIST)-1) ? " --file-list " : " ") + cmdFileName(file);
-    const std::string args =
-        cmdFileName(addonInfo.runScript) + " " + cmdFileName(addonInfo.scriptFile) + " --cli" + addonInfo.args + fileArg;
+    args += fileArg;
 
     std::string result;
     if (!executeCommand(pythonExe, split(args), redirect, &result))
@@ -1347,13 +1361,23 @@ void CppCheck::executeAddons(const std::vector<std::string>& files)
 
             picojson::object obj = res.get<picojson::object>();
 
-            const std::string fileName = obj["file"].get<std::string>();
-            const int64_t lineNumber = obj["linenr"].get<int64_t>();
-            const int64_t column = obj["column"].get<int64_t>();
-
             ErrorMessage errmsg;
 
-            errmsg.callStack.emplace_back(ErrorMessage::FileLocation(fileName, lineNumber, column));
+            if (obj.count("file") > 0) {
+                const std::string fileName = obj["file"].get<std::string>();
+                const int64_t lineNumber = obj["linenr"].get<int64_t>();
+                const int64_t column = obj["column"].get<int64_t>();
+                errmsg.callStack.emplace_back(ErrorMessage::FileLocation(fileName, lineNumber, column));
+            } else if (obj.count("loc") > 0) {
+                for (const picojson::value &locvalue: obj["loc"].get<picojson::array>()) {
+                    picojson::object loc = locvalue.get<picojson::object>();
+                    const std::string fileName = loc["file"].get<std::string>();
+                    const int64_t lineNumber = loc["linenr"].get<int64_t>();
+                    const int64_t column = loc["column"].get<int64_t>();
+                    const std::string info = loc["info"].get<std::string>();
+                    errmsg.callStack.emplace_back(ErrorMessage::FileLocation(fileName, info, lineNumber, column));
+                }
+            }
 
             errmsg.id = obj["addon"].get<std::string>() + "-" + obj["errorId"].get<std::string>();
             const std::string text = obj["message"].get<std::string>();
@@ -1362,11 +1386,14 @@ void CppCheck::executeAddons(const std::vector<std::string>& files)
             errmsg.severity = Severity::fromString(severity);
             if (errmsg.severity == Severity::SeverityType::none)
                 continue;
-            errmsg.file0 = fileName;
+            errmsg.file0 = ((files.size() == 1) ? files[0] : "");
 
             reportErr(errmsg);
         }
     }
+
+    if (!fileList.empty())
+        std::remove(fileList.c_str());
 }
 
 void CppCheck::executeAddonsWholeProgram(const std::map<std::string, std::size_t> &files)
@@ -1381,6 +1408,10 @@ void CppCheck::executeAddonsWholeProgram(const std::map<std::string, std::size_t
     }
 
     executeAddons(ctuInfoFiles);
+
+    for (const std::string &f: ctuInfoFiles) {
+        std::remove(f.c_str());
+    }
 }
 
 Settings &CppCheck::settings()

lib/settings.cpp

@@ -17,9 +17,15 @@
  */
 
 #include "settings.h"
+#include "path.h"
 #include "summaries.h"
 #include "valueflow.h"
 
+#include <fstream>
+
+#define PICOJSON_USE_INT64
+#include <picojson.h>
+
 std::atomic<bool> Settings::mTerminated;
 
 const char Settings::SafeChecks::XmlRootName[] = "safe-checks";
@@ -70,6 +76,31 @@ Settings::Settings()
     certainty.setEnabled(Certainty::normal, true);
 }
 
+void Settings::loadCppcheckCfg(const std::string &filename)
+{
+    std::ifstream fin(filename);
+    if (!fin.is_open())
+        return;
+    picojson::value json;
+    fin >> json;
+    if (!picojson::get_last_error().empty())
+        return;
+    picojson::object obj = json.get<picojson::object>();
+    if (obj.count("addons") && obj["addons"].is<picojson::array>()) {
+        for (const picojson::value &v : obj["addons"].get<picojson::array>()) {
+            const std::string &s = v.get<std::string>();
+            if (!Path::isAbsolute(s))
+                addons.push_back(Path::getPathFromFilename(filename) + s);
+            else
+                addons.push_back(s);
+        }
+    }
+    if (obj.count("suppressions") && obj["suppressions"].is<picojson::array>()) {
+        for (const picojson::value &v : obj["suppressions"].get<picojson::array>())
+            nomsg.addSuppressionLine(v.get<std::string>());
+    }
+}
+
 std::string Settings::addEnabled(const std::string &str)
 {
     // Enable parameters may be comma separated...

lib/settings.h

@@ -95,6 +95,8 @@ private:
 public:
     Settings();
 
+    void loadCppcheckCfg(const std::string &filename);
+
     /** @brief addons, either filename of python/json file or json data */
     std::list<std::string> addons;
 

lib/symboldatabase.cpp

@@ -3792,15 +3792,14 @@ void SymbolDatabase::printXml(std::ostream &out) const
         out << " scope=\""          << var->scope() << '\"';
         if (var->valueType())
             out << " constness=\""      << var->valueType()->constness << '\"';
-        out << " isArgument=\""     << var->isArgument() << '\"';
         out << " isArray=\""        << var->isArray() << '\"';
         out << " isClass=\""        << var->isClass() << '\"';
         out << " isConst=\""        << var->isConst() << '\"';
         out << " isExtern=\""       << var->isExtern() << '\"';
-        out << " isLocal=\""        << var->isLocal() << '\"';
         out << " isPointer=\""      << var->isPointer() << '\"';
         out << " isReference=\""    << var->isReference() << '\"';
         out << " isStatic=\""       << var->isStatic() << '\"';
+        out << " isVolatile=\""     << var->isVolatile() << '\"';
         out << "/>" << std::endl;
     }
     out << "  </variables>" << std::endl;

lib/version.h

@@ -2,14 +2,14 @@
 // After a release the DEVMINOR is incremented. MAJOR=x MINOR=y, DEVMINOR=y+1
 
 #define CPPCHECK_MAJOR 2
-#define CPPCHECK_MINOR 5
+#define CPPCHECK_MINOR 6
 #define CPPCHECK_DEVMINOR 6
 
 #define STRINGIFY(x) STRING(x)
 #define STRING(VER) #VER
 #if CPPCHECK_MINOR == CPPCHECK_DEVMINOR
-#define CPPCHECK_VERSION_STRING STRINGIFY(CPPCHECK_MAJOR) "." STRINGIFY(CPPCHECK_DEVMINOR)
-#define CPPCHECK_VERSION CPPCHECK_MAJOR,CPPCHECK_MINOR,0,0
+#define CPPCHECK_VERSION_STRING STRINGIFY(CPPCHECK_MAJOR) "." STRINGIFY(CPPCHECK_DEVMINOR) ".3"
+#define CPPCHECK_VERSION CPPCHECK_MAJOR,CPPCHECK_MINOR,1,0
 #else
 #define CPPCHECK_VERSION_STRING STRINGIFY(CPPCHECK_MAJOR) "." STRINGIFY(CPPCHECK_DEVMINOR) " dev"
 #define CPPCHECK_VERSION CPPCHECK_MAJOR,CPPCHECK_MINOR,99,0

man/manual.md

@@ -1,6 +1,6 @@
 ---
 title: Cppcheck manual
-subtitle: Version 2.5
+subtitle: Version 2.6
 author: Cppcheck team
 lang: en
 documentclass: report

man/reference-cfg-format.md

@@ -1,6 +1,6 @@
 ---
 title: Cppcheck .cfg format
-subtitle: Version 2.5
+subtitle: Version 2.6
 author: Cppcheck team
 lang: en
 documentclass: report

releasenotes.txt

@@ -0,0 +1,16 @@
+Color output for diagnostics are added for unix-based platforms.
+
+Added symbolic analysis for ValueFlow. A simple delta is used to compute the difference between two unknown variable. 
+
+Rules using the "define" tokenlist can also match #include as well.
+
+Library `<function>` tags can now use `<container>` tag, so free functions that accept containers such as `std::size`, `std::empty`, `std::begin`, `std::end`, etc. can specify the `yields` or `action` for the container.
+
+Library `<smart-pointer>` tag can specify a `<unique>` tag for smart pointers that have unique ownership. Cppcheck now warns about dangling references to smart pointers with unique ownership.
+
+Misra C 2012 compliance has been "completed"
+
+All misra C 2012 rules have been implemented except 1.1 , 1.2 and 17.3. Including the rules in amendment 1 and amendment 2.
+The rules 1.1 and 1.2 must be checked with a compiler.
+The rule 17.3 can be checked by a compiler, for instance GCC.
+

requirements.txt

@@ -1 +1 @@
-pcre,https://ftp.pcre.org/pub/pcre/pcre-8.43.tar.gz -H sha256:0b8e7465dc5e98c757cc3650a20a7843ee4c3edf50aaf60bb33fd879690d2c73
+pcre,pfultz2/pcre@8.45 -H sha256:d6f7182602a775a7d500a0cedca6449af0400c6493951513046d17615ed0bf11

win_installer/config.wxi

@@ -1,14 +1,14 @@
 <?xml version="1.0" encoding="utf-8"?>
 <Include>
-  <?define CliBuildDir = "..\bin" ?>
-  <?define GuiBuildDir = "..\bin" ?>
-  <?define GuiHelpDir = "..\gui\help" ?>
-  <?define TranslationsDir = "..\gui" ?>
-  <?define CfgsDir = "..\cfg" ?>
-  <?define PtfsDir = "..\platforms" ?>
-  <?define AddonsDir = "..\addons" ?>
-  <?define QtDllDir = "..\bin" ?>
-  <?define Z3DllDir = "..\externals\z3\bin" ?>
+  <?define CliBuildDir = "files" ?>
+  <?define GuiBuildDir = "files" ?>
+  <?define GuiHelpDir = "files\help" ?>
+  <?define TranslationsDir = "files\translations" ?>
+  <?define CfgsDir = "files\cfg" ?>
+  <?define PtfsDir = "files\platforms" ?>
+  <?define AddonsDir = "files\addons" ?>
+  <?define QtDllDir = "files" ?>
+  <?define Z3DllDir = "files" ?>
 
   <?if $(var.Platform) = x64 ?>
     <?define CrtMergeModule = "$(env.VCToolsRedistDir)\MergeModules\Microsoft_VC142_CRT_x64.msm" ?>

win_installer/cppcheck.wixproj

@@ -40,6 +40,6 @@
   </Target>
 
   <Target Name="Validate">
-    <Exec Command="..\bin\cppcheck --rule=. --version" />
+    <Exec Command="..\bin\cppcheck --version" />
   </Target>
 </Project>

win_installer/productInfo.wxi

@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="utf-8"?>
 <Include>
-  <?define ProductName = "Cppcheck $(var.Platform) 2.5 dev" ?>
+  <?define ProductName = "Cppcheck $(var.Platform) 2.6.3" ?>
   <?define ProductNameShort = "Cppcheck" ?>
-  <?define ProductVersion = "2.5.99" ?>
+  <?define ProductVersion = "2.6.3" ?>
 
   <?define ProductManufacturer = "The Cppcheck team" ?>
   <?define ProductDescription = "Cppcheck is a tool for static analysis of C/C++ code" ?>