cppcheck/addons
José Martins b1e92fc399
Misra false positive fixes for rules 8.7 and 5.9 (#3844)
* Fix misra 8.7 false positives on single function usage

When there is a single usage of a function, we should first check if the
file it is used in, is the same one it was defined in. When this is not the
case, there is no violatior to be reported.

* Fix misra rule 5.9 false positives for exception

The exception for rule 5.9 described in the guidelines allows for
multiple definitions of internal linkage obejcts when these regard a
static inlined function defined in the same header file.

* Fix neglecting of inline keyword flag upon simplifications

When the inline keyword is being "simplified" and the inline flag is
degated to the next token. However, this information might be lost if the next
token itself is simplified/deleted in a futher pass. Therefore, we must
propagated the flag to all the next named tokens, so we can make sure the
function name token itself is tagged with this property.

* add tests for misra addon rules 8.7 and 5.9
2022-02-27 19:17:48 +01:00
..
doc Addons: Add README (#2047) 2019-07-28 07:51:03 +02:00
test Misra false positive fixes for rules 8.7 and 5.9 (#3844) 2022-02-27 19:17:48 +01:00
README.md Fix misra parameter typo (#3166) 2021-03-08 16:01:55 +01:00
ROS_naming.json Feature/ros naming check (#1511) 2019-01-09 18:16:51 +01:00
__init__.py misra.py: Fix up and improve load rules parser. (#1895) 2019-06-17 21:17:29 +02:00
cert.py addons: interface with premiumaddon if it exists 2022-02-24 16:08:59 +01:00
cppcheck.py Typos found by running "codespell" (#3463) 2021-09-20 19:51:38 +02:00
cppcheckdata.doxyfile
cppcheckdata.py addons: interface with premiumaddon if it exists 2022-02-24 16:08:59 +01:00
findcasts.py Dont require __main__ for an addon (#3363) 2021-08-12 20:17:51 +02:00
misc.py Addons: Reuse cppcheckdata.simpleMatch 2020-11-11 14:24:55 +01:00
misra.py Misra false positive fixes for rules 8.7 and 5.9 (#3844) 2022-02-27 19:17:48 +01:00
misra_9.py Fix issue in misra 9 x (#3409) 2021-08-21 22:01:24 +02:00
naming.json Feature/ros naming check (#1511) 2019-01-09 18:16:51 +01:00
naming.py Fixed #9830 (Addons should return 0 when success) 2020-08-29 07:44:32 +02:00
namingng.py Fixed #9830 (Addons should return 0 when success) 2020-08-29 07:44:32 +02:00
runaddon.py Dont require __main__ for an addon (#3363) 2021-08-12 20:17:51 +02:00
threadsafety.py threadsafety shall not warn about const vars (in C++11) (#2847) 2020-10-23 11:58:25 +02:00
y2038.py addons: Fix arguments parser when running pytest (#3327) 2021-07-06 22:13:04 +02:00

README.md

Cppcheck addons

Addons are scripts that analyses Cppcheck dump files to check compatibility with secure coding standards and to locate various issues.

Supported addons

  • cert.py Checks for compliance with the safe programming standard CERT.
  • misra.py Used to verify compliance with MISRA C 2012 - a proprietary set of guidelines to avoid such questionable code, developed for embedded systems. Since this standard is proprietary, cppcheck does not display error text by specifying only the number of violated rules (for example, [c2012-21.3]). If you want to display full texts for violated rules, you will need to create a text file containing MISRA rules, which you will have to pass when calling the script with --rule-texts key. Some examples of rule texts files available in tests directory.
  • y2038.py Checks Linux system for year 2038 problem safety. This required modified environment. See complete description here.
  • threadsafety.py Analyse Cppcheck dump files to locate threadsafety issues like static local objects used by multiple threads.

Usage

Command line interface

cppcheck --addon=cert --addon=y2038 src/test.c

It is also possible to call scripts as follows:

cppcheck --dump --quiet src/test.c
python cert.py src/test.c.dump
python misra.py --rule-texts=~/misra_rules.txt src/test.c.dump

This allows you to add additional parameters when calling the script (for example, --rule-texts for misra.py). The full list of available parameters can be found by calling any script with the --help flag.

GUI

When using the graphical interface cppcheck-gui, the selection and configuration of addons is carried out on the tab Addons and tools in the project settings (Edit Project File):

Screenshot