Cppcheck 1.54 C/C++静态代码分析工具

el/2024/2/25 23:50:35
1.使用Visual C++的话,应使用警告等级4
2.使用GCC的话,参看 Warning options - using GCC
官方地址: http://cppcheck.sourceforge.net/
当前版本:1.54 for windows

工具栏第一个按钮  可以添加检测的目录,但是这里 不支持中文路径。测试官方的例子,新建一个文件file1.c,内容如下:
int main() 
     char a[ 10];
    a[ 10= 0;
     return  0;


cppcheck.exe  --enable =all "E:\项目\测试"
在Visual Studio下使用的话,步骤如下:
1.在Visual Studio菜单栏"工具"→"外部工具",点击"添加",内容如下:
命令:D :\Program Files\Cppcheck\cppcheck.exe
参数: --enable =all -- template =vs $(SolutionDir)
勾选 "使用输出窗口"


cppcheck [OPTIONS] [files or paths]
If a directory is given instead of a filename, *.cpp, *.cxx, *.cc, *.c++, *.c, *.tpp, and *.txx files are checked recursively from the given directory.
--append=<file>This allows you to provide information about functions by providing an implementation for them.
--check-configCheck cppcheck configuration. The normal code analysis is disabled by this flag.
-D<ID> By default Cppcheck checks all configurations. Use -D to limit the checking to a particular configuration.
Example: '-DDEBUG=1 -D__cplusplus'.
-U<ID>By default Cppcheck checks all configurations. Use -U to explicitly hide certain #ifdef <ID> code paths from checking.
Example: '-UDEBUG'
--enable=<id>Enable additional checks. The available ids are:
* all
  Enable all checks
* style
  Enable all coding style checks. All messages with the severities 'style', 'performance' and 'portability' are enabled.
* performance
  Enable performance messages
* portability
  Enable portability messages
* information
  Enable information messages
* unusedFunction
  Check for unused functions
* missingInclude
  Warn if there are missing includes. For detailed information, use '--check-config'.
Several ids can be given if you separate them with commas. See also --std
--error-exitcode=<n>If errors are found, integer [n] is returned instead of the default '0'. '1' is returned if arguments are not valid or if no input files are provided. Note that your operating system can modify this value, e.g. '256' can become '0'.
--errorlist Print a list of all the error messages in XML format.
--exitcode-suppressions=<file>Used when certain messages should be displayed but should not cause a non-zero exitcode.
--file-list=<file>Specify the files to check in a text file. Add one filename per line. When file is '-,' the file list will be read from standard input.
-f, --forceForce checking of all configurations in files. If used together with '--max-ifdefs=', the last option is the one that is effective.
-h, --helpPrint this help.
-I <dir>  Give path to search for include files. Give several -I parameters to give several paths. First given path is searched for contained header files first. If paths are relative to source files, this is not needed.
--includes-file=<file>Specify directory paths to search for included header files in a text file. Add one include path per line. First given path is searched for contained header files first. If paths are relative to source files, this is not needed.
-i <dir or file> Give a source file or source file directory to exclude from the check. This applies only to source files so header files included by source files are not matched. Directory name is matched to all parts of the path.
--inline-supprEnable inline suppressions. Use them by placing one or more comments, like: '// cppcheck-suppress warningId' on the lines before the warning to suppress.
-j <jobs> Start [jobs] threads to do the checking simultaneously.
--max-configs=<limit>Maximum number of configurations to check in a file before skipping it. Default is '12'. If used together with '--force', the last option is the one that is effective.
--platform=<type>Specifies platform specific types and sizes. The available platforms are:
* unix32
32 bit unix variant
* unix64
64 bit unix variant
* win32A
32 bit Windows ASCII character encoding
* win32W
32 bit Windows UNICODE character encoding
* win64
64 bit Windows
-q, --quietOnly print error messages.
-rp, --relative-paths
-rp=<paths>, --relative-paths=<paths>
Use relative paths in output. When given, <paths> are used as base. You can separate multiple paths by ';'. Otherwise path where source files are searched is used. We use string comparison to create relative paths, so using e.g. ~ for home folder does not work. It is currently only possible to apply the base paths to files that are on a lower level in the directory tree.
--report-progress Report progress messages while checking a file.
--rule=<rule>Match regular expression.
--rule-file=<file>Use given rule file. For more information, see: https://sourceforge.net/projects/cppcheck/files/Articles/
-s, --styleDeprecated, please use '--enable=style' instead
--std=<id>Enable some standard related checks.
The available options are:
* posix
Checks related to POSIX-specific functionality
* c99
C99 standard related checks
* c++11
C++11 standard related checks
Example to enable more than one checks:
'cppcheck --std=c99 --std=posix file.cpp'
--suppress=<spec> Suppress warnings that match <spec>. The format of <spec> is:
[error id]:[filename]:[line]
The [filename] and [line] are optional. If [error id] is a wildcard '*', all error ids match.
--suppressions-list=<file>Suppress warnings listed in the file. Each suppression is in the same format as <spec> above.
--template='<text>'Format the error messages. E.g.
'{file}:{line},{severity},{id},{message}' or '{file}({line}):({severity}) {message}'
Pre-defined templates: gcc, vs, edit.
-v, --verboseOutput more detailed error information.
--versionPrint out version number.
--xml  Write results in xml format to error stream (stderr).
--xml-version=<version>Select the XML file version. Currently versions 1 and 2 are available. The default version is 1.

Example usage:
# Recursively check the current folder. Print the progress on the screen and write errors to a file:
cppcheck . 2> err.txt
# Recursively check ../myproject/ and don't print progress:
cppcheck --quiet ../myproject/
# Check only files one.cpp and two.cpp and give all information there is:
cppcheck -v -s one.cpp two.cpp
# Check f.cpp and search include files from inc1/ and inc2/:
    cppcheck -I inc1/ -I inc2/ f.cpp


64-bit portability

Check if there is 64-bit portability issues:

  • assign address to/from int/long

Auto Variables

A pointer to a variable is only valid as long as the variable is in scope. Check:

  • returning a pointer to auto or temporary variable
  • assigning address of an variable to an effective parameter of a function
  • returning reference to local/temporary variable
  • returning address of function parameter

Boost usage

Check for invalid usage of Boost:

  • container modification during BOOST_FOREACH

Bounds checking

out of bounds checking


Check the code for each class.

  • Missing constructors
  • Are all variables initialized by the constructors?
  • Warn if memset, memcpy etc are used on a class
  • If it's a base class, check that the destructor is virtual
  • Are there unused private functions
  • 'operator=' should return reference to self
  • 'operator=' should check for assignment to self
  • Constness for member functions

Exception Safety

Checking exception safety

  • Throwing exceptions in destructors
  • Throwing exception during invalid state
  • Throwing a copy of a caught exception instead of rethrowing the original exception
  • exception caught by value instead of by reference

Match assignments and conditions

Match assignments and conditions:

  • Mismatching assignment and comparison => comparison is always true/false
  • Mismatching lhs and rhs in comparison => comparison is always true/false
  • Detect matching 'if' and 'else if' conditions

Memory leaks (address not taken)

Not taking the address to allocated memory

Memory leaks (class variables)

If the constructor allocate memory then the destructor must deallocate it.

Memory leaks (function variables)

Is there any allocated memory when a function goes out of scope

Memory leaks (struct members)

Don't forget to deallocate struct members

Non reentrant functions

Warn if any of these non reentrant functions are used:

  • crypt
  • ctermid
  • ecvt
  • fcvt
  • fgetgrent
  • fgetpwent
  • fgetspent
  • gcvt
  • getgrent
  • getgrgid
  • getgrnam
  • gethostbyaddr
  • gethostbyname
  • gethostbyname2
  • gethostent
  • getlogin
  • getnetbyaddr
  • getnetbyname
  • getnetgrent
  • getprotobyname
  • getpwent
  • getpwnam
  • getpwuid
  • getrpcbyname
  • getrpcbynumber
  • getrpcent
  • getservbyname
  • getservbyport
  • getservent
  • getspent
  • getspnam
  • gmtime
  • localtime
  • readdir
  • strtok
  • tempnam
  • ttyname

Null pointer

Null pointers

  • null pointer dereferencing

Obsolete functions

Warn if any of these obsolete functions are used:

  • asctime
  • asctime_r
  • bcmp
  • bcopy
  • bsd_signal
  • bzero
  • ctime
  • ctime_r
  • ecvt
  • fcvt
  • ftime
  • gcvt
  • getcontext
  • gethostbyaddr
  • gethostbyname
  • getwd
  • index
  • makecontext
  • pthread_attr_getstackaddr
  • pthread_attr_setstackaddr
  • rand_r
  • rindex
  • scalbln
  • swapcontext
  • tmpnam
  • tmpnam_r
  • ualarm
  • usleep
  • utime
  • vfork
  • wcswcs


Other checks

  • Assigning bool value to pointer (converting bool value to address)
  • bad usage of the function 'sprintf' (overlapping data)
  • division with zero
  • using fflush() on an input stream
  • scoped object destroyed immediately after construction
  • assignment in an assert statement
  • sizeof for array given as function argument
  • sizeof for numeric given as function argument
  • using sizeof(pointer) instead of the size of pointed data
  • incorrect length arguments for 'substr' and 'strncmp'
  • invalid usage of output stream. For example: std::cout << std::cout;'
  • wrong number of arguments given to 'printf' or 'scanf;'
  • double free() or double closedir()
  • C-style pointer cast in cpp file
  • casting between incompatible pointer types
  • redundant if
  • bad usage of the function 'strtol'
  • unsigned division
  • Dangerous usage of 'scanf'
  • passing parameter by value
  • Incomplete statement
  • check how signed char variables are used
  • variable scope can be limited
  • condition that is always true/false
  • unusal pointer arithmetic. For example: "abc" + 'd'
  • redundant assignment in a switch statement
  • redundant strcpy in a switch statement
  • look for 'sizeof sizeof ..'
  • look for calculations inside sizeof()
  • assignment of a variable to itself
  • mutual exclusion over || always evaluating to true
  • Clarify calculation with parentheses
  • using increment on boolean
  • comparison of a boolean with a non-zero integer
  • comparison of a boolean expression with an integer other than 0 or 1
  • suspicious condition (assignment+comparison)
  • suspicious condition (runtime comparison of string literals)
  • suspicious condition (string literals as boolean)
  • duplicate break statement
  • unreachable code
  • testing if unsigned variable is negative
  • testing is unsigned variable is positive
  • using bool in bitwise expression
  • Suspicious use of ; at the end of 'if/for/while' statement.
  • incorrect usage of functions from ctype library.
  • optimisation: detect post increment/decrement

STL usage

Check for invalid usage of STL:

  • out of bounds errors
  • misuse of iterators when iterating through a container
  • mismatching containers in calls
  • dereferencing an erased iterator
  • for vectors: using iterator/pointer after push_back has been used
  • optimisation: use empty() instead of size() to guarantee fast code
  • suspicious condition when using find
  • redundant condition
  • common mistakes when using string::c_str()
  • using auto pointer (auto_ptr)
  • useless calls of string functions

Uninitialized variables

Uninitialized variables

  • using uninitialized variables and data

Unused functions

Check for functions that are never called


UnusedVar checks

  • unused variable
  • allocated but unused variable
  • unred variable
  • unassigned variable
  • unused struct member

Using postfix operators

Warn if using postfix operators ++ or -- rather than prefix operator




下面是Linux MTD中&#xff0c;获取nand flash型号,各个参数&#xff0c;以及硬件特性的函数&#xff0c;其实也就是 nand_get_flash_type&#xff0c;下面对其详细解析&#xff1a; 【看此文之前&#xff0c;一些有必要先解释的术语】 1. Program(编程)&#xff1a;此处…


遇到一笔试题没看懂 修改下面代码&#xff0c;使其正常运行 void getmemory(char *p) {p (char *)malloc(100);strcpy(p, "hello,world"); }int main(void) {char *str NULL;getmemory(str);printf("%s\n", str);free(str);return 0; } 这里bug分析有下…

Constructors and Destructors in C++

原文地址&#xff1a;http://www.cprogramming.com/tutorial/constructor_destructor_ordering.html Constructors and Destructors in C By Andrei Milea Constructor and Destructor Order The process of creating and deleting objects in C is not a trivial task. Ever…

Detail about How VPTR and Virtual table works

原文地址&#xff1a;http://cboard.cprogramming.com/cplusplus-programming/100179-detail-about-how-vptr-virtual-table-works.html Assumption: machine is 32-bit . Here I am going to explain How Virtual table, Virtual pointer for Virtual functions are internall…

解决:No configuration found for the specified action

原文地址:http://javasunnyboy.iteye.com/blog/254753 今天首次使用Struts2&#xff0c;配置一切正常&#xff0c;使用常用tag也正常&#xff0c;但是在使用<s:form>标记时&#xff0c;发现控制台总是输出警告信息&#xff0c; 警告信息内容如下&#xff1a; 警告: N…




原文地址&#xff1a;http://riddickbryant.iteye.com/blog/557373 通常struts2加载struts2常量的顺序如下: 1. struts-default.xml&#xff1a;该文件保存在struts2-core-2.0.6.jar文件中。 2. struts-plugin.xml&#xff1a;该文件保存在struts2-Xxx-2.0.6.jar等Struts2插件J…


从Spring手册中摘录的一段&#xff0c;有关依赖注入的例子 The following example uses XML-based configuration metadata for setter-based DI. A small part of a Spring XML configuration file specifies some bean definitions: <bean id"exampleBean" clas…


原文地址&#xff1a;http://coolshell.cn/articles/2451.html 打开Twitter的注册页面&#xff0c;https://twitter.com/signup&#xff0c;查看一下源码&#xff0c;你会看到一个很长的禁用口令列表&#xff08;见本文最下面&#xff09;&#xff0c;其中的某些口令的确很雷人…

使用库org.json 和 Gson 解析 JSON格式字符串

org.json库为JSON创始人编写的解析JSON的java库&#xff0c;Gson为Google为我们提供的解析JSON格式数据的库。有关库内容的的下载参见&#xff1a;http://www.json.org 以下是两个简单的测试程序 使用Gson库&#xff1a; public class User {String username;String password;p…