-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy patherrorlist.xml
529 lines (529 loc) · 97.7 KB
/
errorlist.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
<?xml version="1.0" encoding="UTF-8"?>
<results version="2">
<cppcheck version="2.14.1"/>
<errors> <error id="purgedConfiguration" severity="information" msg="The configuration '' was not checked because its code equals another one." verbose="The configuration '' was not checked because its code equals another one."/>
<error id="toomanyconfigs" severity="information" msg="Too many #ifdef configurations - cppcheck only checks 12 configurations. Use --force to check all configurations. For more details, use --enable=information." verbose="The checking of the file will be interrupted because there are too many #ifdef configurations. Checking of all #ifdef configurations can be forced by --force command line option or from GUI preferences. However that may increase the checking time. For more details, use --enable=information." cwe="398"/>
<error id="AssignmentAddressToInteger" severity="portability" msg="Assigning a pointer to an integer is not portable." verbose="Assigning a pointer to an integer (int/long/etc) is not portable across different platforms and compilers. For example in 32-bit Windows and linux they are same width, but in 64-bit Windows and linux they are of different width. In worst case you end up assigning 64-bit address to 32-bit integer. The safe way is to store addresses only in pointer types (or typedefs like uintptr_t)." cwe="758"/>
<error id="AssignmentIntegerToAddress" severity="portability" msg="Assigning an integer to a pointer is not portable." verbose="Assigning an integer (int/long/etc) to a pointer is not portable across different platforms and compilers. For example in 32-bit Windows and linux they are same width, but in 64-bit Windows and linux they are of different width. In worst case you end up assigning 64-bit integer to 32-bit pointer. The safe way is to store addresses only in pointer types (or typedefs like uintptr_t)." cwe="758"/>
<error id="CastIntegerToAddressAtReturn" severity="portability" msg="Returning an integer in a function with pointer return type is not portable." verbose="Returning an integer (int/long/etc) in a function with pointer return type is not portable across different platforms and compilers. For example in 32-bit Windows and Linux they are same width, but in 64-bit Windows and Linux they are of different width. In worst case you end up casting 64-bit integer down to 32-bit pointer. The safe way is to always return a pointer." cwe="758"/>
<error id="CastAddressToIntegerAtReturn" severity="portability" msg="Returning an address value in a function with integer return type is not portable." verbose="Returning an address value in a function with integer (int/long/etc) return type is not portable across different platforms and compilers. For example in 32-bit Windows and Linux they are same width, but in 64-bit Windows and Linux they are of different width. In worst case you end up casting 64-bit address down to 32-bit integer. The safe way is to always return an integer." cwe="758"/>
<error id="assertWithSideEffect" severity="warning" msg="Assert statement calls a function which may have desired side effects: 'function'." verbose="Non-pure function: 'function' is called inside assert statement. Assert statements are removed from release builds so the code inside assert statement is not executed. If the code is needed also in release builds, this is a bug." cwe="398">
<symbol>function</symbol>
</error>
<error id="assignmentInAssert" severity="warning" msg="Assert statement modifies 'var'." verbose="Variable 'var' is modified inside assert statement. Assert statements are removed from release builds so the code inside assert statement is not executed. If the code is needed also in release builds, this is a bug." cwe="398">
<symbol>var</symbol>
</error>
<error id="autoVariables" severity="error" msg="Address of local auto-variable assigned to a function parameter." verbose="Dangerous assignment - the function parameter is assigned the address of a local auto-variable. Local auto-variables are reserved from the stack which is freed when the function ends. So the pointer to a local variable is invalid after the function ends." cwe="562"/>
<error id="returnReference" severity="error" msg="Reference to local variable returned." verbose="Reference to local variable returned." cwe="562"/>
<error id="danglingReference" severity="error" msg="Non-local reference variable 'x' to local variable 'y'" verbose="Non-local reference variable 'x' to local variable 'y'" cwe="562"/>
<error id="returnTempReference" severity="error" msg="Reference to temporary returned." verbose="Reference to temporary returned." cwe="562"/>
<error id="danglingTempReference" severity="error" msg="Using reference to dangling temporary." verbose="Using reference to dangling temporary." cwe="562"/>
<error id="autovarInvalidDeallocation" severity="error" msg="Deallocation of an auto-variable results in undefined behaviour." verbose="The deallocation of an auto-variable results in undefined behaviour. You should only free memory that has been allocated dynamically." cwe="590"/>
<error id="uselessAssignmentArg" severity="style" msg="Assignment of function parameter has no effect outside the function." verbose="Assignment of function parameter has no effect outside the function." cwe="398"/>
<error id="uselessAssignmentPtrArg" severity="warning" msg="Assignment of function parameter has no effect outside the function. Did you forget dereferencing it?" verbose="Assignment of function parameter has no effect outside the function. Did you forget dereferencing it?" cwe="398"/>
<error id="returnDanglingLifetime" severity="error" msg="Returning object that will be invalid when returning." verbose="Returning object that will be invalid when returning." cwe="562"/>
<error id="invalidLifetime" severity="error" msg="Using object that is out of scope." verbose="Using object that is out of scope." cwe="562"/>
<error id="danglingLifetime" severity="error" msg="Non-local variable 'x' will use object." verbose="Non-local variable 'x' will use object." cwe="562"/>
<error id="danglingTemporaryLifetime" severity="error" msg="Using object that is a temporary." verbose="Using object that is a temporary." cwe="562"/>
<error id="assignBoolToPointer" severity="error" msg="Boolean value assigned to pointer." verbose="Boolean value assigned to pointer." cwe="587"/>
<error id="assignBoolToFloat" severity="style" msg="Boolean value assigned to floating point variable." verbose="Boolean value assigned to floating point variable." cwe="704"/>
<error id="comparisonOfFuncReturningBoolError" severity="style" msg="Comparison of a function returning boolean value using relational (<, >, <= or >=) operator." verbose="The return type of function 'func_name' is 'bool' and result is of type 'bool'. Comparing 'bool' value using relational (<, >, <= or >=) operator could cause unexpected results." cwe="398"/>
<error id="comparisonOfTwoFuncsReturningBoolError" severity="style" msg="Comparison of two functions returning boolean value using relational (<, >, <= or >=) operator." verbose="The return type of function 'func_name1' and function 'func_name2' is 'bool' and result is of type 'bool'. Comparing 'bool' value using relational (<, >, <= or >=) operator could cause unexpected results." cwe="398"/>
<error id="comparisonOfBoolWithBoolError" severity="style" msg="Comparison of a variable having boolean value using relational (<, >, <= or >=) operator." verbose="The variable 'var_name' is of type 'bool' and comparing 'bool' value using relational (<, >, <= or >=) operator could cause unexpected results." cwe="398"/>
<error id="incrementboolean" severity="style" msg="Incrementing a variable of type 'bool' with postfix operator++ is deprecated by the C++ Standard. You should assign it the value 'true' instead." verbose="The operand of a postfix increment operator may be of type bool but it is deprecated by C++ Standard (Annex D-1) and the operand is always set to true. You should assign it the value 'true' instead." cwe="398"/>
<error id="bitwiseOnBoolean" severity="style" msg="Boolean expression 'expression' is used in bitwise operation. Did you mean '&&'?" verbose="Boolean expression 'expression' is used in bitwise operation. Did you mean '&&'?" cwe="398" inconclusive="true"/>
<error id="compareBoolExpressionWithInt" severity="warning" msg="Comparison of a boolean expression with an integer other than 0 or 1." verbose="Comparison of a boolean expression with an integer other than 0 or 1." cwe="398"/>
<error id="pointerArithBool" severity="error" msg="Converting pointer arithmetic result to bool. The bool is always true unless there is undefined behaviour." verbose="Converting pointer arithmetic result to bool. The boolean result is always true unless there is pointer arithmetic overflow, and overflow is undefined behaviour. Probably a dereference is forgotten." cwe="571"/>
<error id="comparisonOfBoolWithInvalidComparator" severity="warning" msg="Comparison of a boolean value using relational operator (<, >, <= or >=)." verbose="The result of the expression 'expression' is of type 'bool'. Comparing 'bool' value using relational (<, >, <= or >=) operator could cause unexpected results."/>
<error id="returnNonBoolInBooleanFunction" severity="style" msg="Non-boolean value returned from function returning bool" verbose="Non-boolean value returned from function returning bool"/>
<error id="boostForeachError" severity="error" msg="BOOST_FOREACH caches the end() iterator. It's undefined behavior if you modify the container inside." verbose="BOOST_FOREACH caches the end() iterator. It's undefined behavior if you modify the container inside." cwe="664"/>
<error id="arrayIndexOutOfBounds" severity="error" msg="Array 'arr[16]' accessed at index 16, which is out of bounds." verbose="Array 'arr[16]' accessed at index 16, which is out of bounds." cwe="788"/>
<error id="arrayIndexOutOfBoundsCond" severity="warning" msg="Array 'arr[16]' accessed at index 16, which is out of bounds." verbose="Array 'arr[16]' accessed at index 16, which is out of bounds." cwe="788"/>
<error id="pointerOutOfBounds" severity="portability" msg="Pointer arithmetic overflow." verbose="Pointer arithmetic overflow." cwe="758"/>
<error id="pointerOutOfBoundsCond" severity="portability" msg="Pointer arithmetic overflow." verbose="Pointer arithmetic overflow." cwe="758"/>
<error id="negativeIndex" severity="error" msg="Negative array index" verbose="Negative array index" cwe="786"/>
<error id="arrayIndexThenCheck" severity="style" msg="Array index 'i' is used before limits check." verbose="Defensive programming: The variable 'i' is used as an array index before it is checked that is within limits. This can mean that the array might be accessed out of bounds. Reorder conditions such as '(a[i] && i < 10)' to '(i < 10 && a[i])'. That way the array will not be accessed if the index is out of limits." cwe="398">
<symbol>i</symbol>
</error>
<error id="bufferAccessOutOfBounds" severity="error" msg="Buffer is accessed out of bounds: buf" verbose="Buffer is accessed out of bounds: buf" cwe="788"/>
<error id="objectIndex" severity="error" msg="The address of variable '' is accessed at non-zero index." verbose="The address of variable '' is accessed at non-zero index." cwe="758"/>
<error id="argumentSize" severity="warning" msg="Buffer 'buffer' is too small, the function 'function' expects a bigger buffer in 2nd argument" verbose="Buffer 'buffer' is too small, the function 'function' expects a bigger buffer in 2nd argument" cwe="398">
<symbol>function</symbol>
</error>
<error id="negativeMemoryAllocationSize" severity="error" msg="Memory allocation size is negative." verbose="Memory allocation size is negative." cwe="131"/>
<error id="negativeArraySize" severity="error" msg="Declaration of array '' with negative size is undefined behaviour" verbose="Declaration of array '' with negative size is undefined behaviour" cwe="758"/>
<error id="invalidFunctionArg" severity="error" msg="Invalid func_name() argument nr 1. The value is 0 or 1 (boolean) but the valid values are '1:4'." verbose="Invalid func_name() argument nr 1. The value is 0 or 1 (boolean) but the valid values are '1:4'." cwe="628">
<symbol>func_name</symbol>
</error>
<error id="invalidFunctionArgBool" severity="error" msg="Invalid func_name() argument nr 1. A non-boolean value is required." verbose="Invalid func_name() argument nr 1. A non-boolean value is required." cwe="628">
<symbol>func_name</symbol>
</error>
<error id="invalidFunctionArgStr" severity="error" msg="Invalid func_name() argument nr 1. A nul-terminated string is required." verbose="Invalid func_name() argument nr 1. A nul-terminated string is required." cwe="628">
<symbol>func_name</symbol>
</error>
<error id="ignoredReturnValue" severity="warning" msg="Return value of function malloc() is not used." verbose="Return value of function malloc() is not used." cwe="252">
<symbol>malloc</symbol>
</error>
<error id="wrongmathcall" severity="warning" msg="Passing value '#' to #() leads to implementation-defined result." verbose="Passing value '#' to #() leads to implementation-defined result." cwe="758"/>
<error id="unpreciseMathCall" severity="style" msg="Expression '1 - erf(x)' can be replaced by 'erfc(x)' to avoid loss of precision." verbose="Expression '1 - erf(x)' can be replaced by 'erfc(x)' to avoid loss of precision." cwe="758"/>
<error id="memsetZeroBytes" severity="warning" msg="memset() called to fill 0 bytes." verbose="memset() called to fill 0 bytes. The second and third arguments might be inverted. The function memset ( void * ptr, int value, size_t num ) sets the first num bytes of the block of memory pointed by ptr to the specified value." cwe="687"/>
<error id="memsetFloat" severity="portability" msg="The 2nd memset() argument 'varname' is a float, its representation is implementation defined." verbose="The 2nd memset() argument 'varname' is a float, its representation is implementation defined. memset() is used to set each byte of a block of memory to a specific value and the actual representation of a floating-point value is implementation defined." cwe="688"/>
<error id="memsetValueOutOfRange" severity="warning" msg="The 2nd memset() argument 'varname' doesn't fit into an 'unsigned char'." verbose="The 2nd memset() argument 'varname' doesn't fit into an 'unsigned char'. The 2nd parameter is passed as an 'int', but the function fills the block of memory using the 'unsigned char' conversion of this value." cwe="686"/>
<error id="missingReturn" severity="error" msg="Found an exit path from function with non-void return type that has missing return statement" verbose="Found an exit path from function with non-void return type that has missing return statement" cwe="758"/>
<error id="returnStdMoveLocal" severity="performance" msg="Using std::move for returning object by-value from function will affect copy elision optimization. More: https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Rf-return-move-local" verbose="Using std::move for returning object by-value from function will affect copy elision optimization. More: https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Rf-return-move-local"/>
<error id="useStandardLibrary" severity="style" msg="Consider using memcpy instead of loop." verbose="Consider using memcpy instead of loop."/>
<error id="noConstructor" severity="style" msg="The class 'classname' does not declare a constructor although it has private member variables which likely require initialization." verbose="The class 'classname' does not declare a constructor although it has private member variables which likely require initialization. Member variables of native types, pointers, or references are left uninitialized when the class is instantiated. That may cause bugs or undefined behavior." cwe="398">
<symbol>classname</symbol>
</error>
<error id="noExplicitConstructor" severity="style" msg="Class 'classname' has a constructor with 1 argument that is not explicit." verbose="Class 'classname' has a constructor with 1 argument that is not explicit. Such, so called "Converting constructors", should in general be explicit for type safety reasons as that prevents unintended implicit conversions." cwe="398">
<symbol>classname</symbol>
</error>
<error id="copyCtorPointerCopying" severity="warning" msg="Value of pointer 'var', which points to allocated memory, is copied in copy constructor instead of allocating new memory." verbose="Value of pointer 'var', which points to allocated memory, is copied in copy constructor instead of allocating new memory." cwe="398">
<symbol>var</symbol>
</error>
<error id="noCopyConstructor" severity="warning" msg="Class 'class' does not have a copy constructor which is recommended since it has dynamic memory/resource allocation(s)." verbose="Class 'class' does not have a copy constructor which is recommended since it has dynamic memory/resource allocation(s)." cwe="398">
<symbol>class</symbol>
</error>
<error id="noOperatorEq" severity="warning" msg="Class 'class' does not have a operator= which is recommended since it has dynamic memory/resource allocation(s)." verbose="Class 'class' does not have a operator= which is recommended since it has dynamic memory/resource allocation(s)." cwe="398">
<symbol>class</symbol>
</error>
<error id="noDestructor" severity="warning" msg="Class 'class' does not have a destructor which is recommended since it has dynamic memory/resource allocation(s)." verbose="Class 'class' does not have a destructor which is recommended since it has dynamic memory/resource allocation(s)." cwe="398">
<symbol>class</symbol>
</error>
<error id="uninitMemberVar" severity="warning" msg="Member variable 'classname::varname' is not initialized in the constructor." verbose="Member variable 'classname::varname' is not initialized in the constructor. Member variables of native types, pointers, or references are left uninitialized when the class is instantiated. That may cause bugs or undefined behavior." cwe="398">
<symbol>classname::varname</symbol>
</error>
<error id="uninitMemberVarPrivate" severity="warning" msg="Member variable 'classname::varnamepriv' is not initialized in the constructor." verbose="Member variable 'classname::varnamepriv' is not initialized in the constructor. Member variables of native types, pointers, or references are left uninitialized when the class is instantiated. That may cause bugs or undefined behavior." cwe="398">
<symbol>classname::varnamepriv</symbol>
</error>
<error id="uninitDerivedMemberVar" severity="warning" msg="Member variable 'classname::varname' is not initialized in the constructor. Maybe it should be initialized directly in the class classname?" verbose="Member variable 'classname::varname' is not initialized in the constructor. Maybe it should be initialized directly in the class classname? Member variables of native types, pointers, or references are left uninitialized when the class is instantiated. That may cause bugs or undefined behavior." cwe="398">
<symbol>classname::varname</symbol>
</error>
<error id="uninitDerivedMemberVarPrivate" severity="warning" msg="Member variable 'classname::varnamepriv' is not initialized in the constructor. Maybe it should be initialized directly in the class classname?" verbose="Member variable 'classname::varnamepriv' is not initialized in the constructor. Maybe it should be initialized directly in the class classname? Member variables of native types, pointers, or references are left uninitialized when the class is instantiated. That may cause bugs or undefined behavior." cwe="398">
<symbol>classname::varnamepriv</symbol>
</error>
<error id="missingMemberCopy" severity="warning" msg="Member variable 'classname::varnamepriv' is not assigned in the move constructor. Should it be moved?" verbose="Member variable 'classname::varnamepriv' is not assigned in the move constructor. Should it be moved?" cwe="398" inconclusive="true">
<symbol>classname::varnamepriv</symbol>
</error>
<error id="operatorEqVarError" severity="warning" msg="Member variable 'classname::' is not assigned a value in 'classname::operator='." verbose="Member variable 'classname::' is not assigned a value in 'classname::operator='." cwe="398">
<symbol>classname::</symbol>
</error>
<error id="unusedPrivateFunction" severity="style" msg="Unused private function: 'classname::funcname'" verbose="Unused private function: 'classname::funcname'" cwe="398">
<symbol>classname::funcname</symbol>
</error>
<error id="memsetClass" severity="error" msg="Using 'memfunc' on class that contains a classname." verbose="Using 'memfunc' on class that contains a classname is unsafe, because constructor, destructor and copy operator calls are omitted. These are necessary for this non-POD type to ensure that a valid object is created." cwe="762">
<symbol>memfunc</symbol>
<symbol>classname</symbol>
</error>
<error id="memsetClassReference" severity="error" msg="Using 'memfunc' on class that contains a reference." verbose="Using 'memfunc' on class that contains a reference." cwe="665">
<symbol>memfunc</symbol>
</error>
<error id="memsetClassFloat" severity="portability" msg="Using memset() on class which contains a floating point number." verbose="Using memset() on class which contains a floating point number. This is not portable because memset() sets each byte of a block of memory to a specific value and the actual representation of a floating-point value is implementation defined. Note: In case of an IEEE754-1985 compatible implementation setting all bits to zero results in the value 0.0." cwe="758"/>
<error id="mallocOnClassWarning" severity="warning" msg="Memory for class instance allocated with malloc(), but class provides constructors." verbose="Memory for class instance allocated with malloc(), but class provides constructors. This is unsafe, since no constructor is called and class members remain uninitialized. Consider using 'new' instead." cwe="762">
<symbol>malloc</symbol>
</error>
<error id="mallocOnClassError" severity="error" msg="Memory for class instance allocated with malloc(), but class contains a std::string." verbose="Memory for class instance allocated with malloc(), but class a std::string. This is unsafe, since no constructor is called and class members remain uninitialized. Consider using 'new' instead." cwe="665">
<symbol>malloc</symbol>
<symbol>std::string</symbol>
</error>
<error id="virtualDestructor" severity="error" msg="Class 'Base' which is inherited by class 'Derived' does not have a virtual destructor." verbose="Class 'Base' which is inherited by class 'Derived' does not have a virtual destructor. If you destroy instances of the derived class by deleting a pointer that points to the base class, only the destructor of the base class is executed. Thus, dynamic memory that is managed by the derived class could leak. This can be avoided by adding a virtual destructor to the base class." cwe="404">
<symbol>Base</symbol>
<symbol>Derived</symbol>
</error>
<error id="thisSubtraction" severity="warning" msg="Suspicious pointer subtraction. Did you intend to write '->'?" verbose="Suspicious pointer subtraction. Did you intend to write '->'?" cwe="398"/>
<error id="operatorEqRetRefThis" severity="style" msg="'operator=' should return reference to 'this' instance." verbose="'operator=' should return reference to 'this' instance." cwe="398"/>
<error id="operatorEqMissingReturnStatement" severity="error" msg="No 'return' statement in non-void function causes undefined behavior." verbose="No 'return' statement in non-void function causes undefined behavior." cwe="398"/>
<error id="operatorEqShouldBeLeftUnimplemented" severity="style" msg="'operator=' should either return reference to 'this' instance or be declared private and left unimplemented." verbose="'operator=' should either return reference to 'this' instance or be declared private and left unimplemented." cwe="398"/>
<error id="operatorEqToSelf" severity="warning" msg="'operator=' should check for assignment to self to avoid problems with dynamic memory." verbose="'operator=' should check for assignment to self to ensure that each block of dynamically allocated memory is owned and managed by only one instance of the class." cwe="398"/>
<error id="functionConst" severity="style" msg="Technically the member function 'class::function' can be const." verbose="The member function 'class::function' can be made a const function. Making this function 'const' should not cause compiler errors. Even though the function can be made const function technically it may not make sense conceptually. Think about your design and the task of the function first - is it a function that must not change object internal state?" cwe="398" inconclusive="true">
<symbol>class::function</symbol>
</error>
<error id="functionStatic" severity="performance" msg="Technically the member function 'class::function' can be static (but you may consider moving to unnamed namespace)." verbose="The member function 'class::function' can be made a static function. Making a function static can bring a performance benefit since no 'this' instance is passed to the function. This change should not cause compiler errors but it does not necessarily make sense conceptually. Think about your design and the task of the function first - is it a function that must not access members of class instances? And maybe it is more appropriate to move this function to an unnamed namespace." cwe="398" inconclusive="true">
<symbol>class::function</symbol>
</error>
<error id="initializerList" severity="style" msg="Member variable 'class::variable' is in the wrong place in the initializer list." verbose="Member variable 'class::variable' is in the wrong place in the initializer list. Members are initialized in the order they are declared, not in the order they are in the initializer list. Keeping the initializer list in the same order that the members were declared prevents order dependent initialization errors." cwe="398" inconclusive="true">
<symbol>class::variable</symbol>
</error>
<error id="useInitializationList" severity="performance" msg="Variable 'variable' is assigned in constructor body. Consider performing initialization in initialization list." verbose="When an object of a class is created, the constructors of all member variables are called consecutively in the order the variables are declared, even if you don't explicitly write them to the initialization list. You could avoid assigning 'variable' a value by passing the value to the constructor in the initialization list." cwe="398">
<symbol>variable</symbol>
</error>
<error id="selfInitialization" severity="error" msg="Member variable 'var' is initialized by itself." verbose="Member variable 'var' is initialized by itself." cwe="665">
<symbol>var</symbol>
</error>
<error id="duplInheritedMember" severity="warning" msg="The class 'class' defines member variable with name 'variable' also defined in its parent class 'class'." verbose="The class 'class' defines member variable with name 'variable' also defined in its parent class 'class'." cwe="398">
<symbol>class</symbol>
<symbol>variable</symbol>
<symbol>class</symbol>
</error>
<error id="copyCtorAndEqOperator" severity="warning" msg="The class 'class' has 'operator=' but lack of 'copy constructor'." verbose="The class 'class' has 'operator=' but lack of 'copy constructor'.">
<symbol>class</symbol>
</error>
<error id="missingOverride" severity="style" msg="The function '' overrides a function in a base class but is not marked with a 'override' specifier." verbose="The function '' overrides a function in a base class but is not marked with a 'override' specifier.">
<symbol></symbol>
</error>
<error id="uselessOverride" severity="style" msg="The function '' overrides a function in a base class but just delegates back to the base class." verbose="The function '' overrides a function in a base class but just delegates back to the base class.">
<symbol></symbol>
</error>
<error id="returnByReference" severity="performance" msg="Function 'func()' should return member 'var' by const reference." verbose="Function 'func()' should return member 'var' by const reference."/>
<error id="pureVirtualCall" severity="warning" msg="Call of pure virtual function 'f' in constructor." verbose="Call of pure virtual function 'f' in constructor. The call will fail during runtime.">
<symbol>f</symbol>
</error>
<error id="virtualCallInConstructor" severity="style" msg="Virtual function 'f' is called from constructor '' at line 1. Dynamic binding is not used." verbose="Virtual function 'f' is called from constructor '' at line 1. Dynamic binding is not used."/>
<error id="thisUseAfterFree" severity="warning" msg="Using member 'x' when 'this' might be invalid" verbose="Using member 'x' when 'this' might be invalid">
<symbol>ptr</symbol>
</error>
<error id="unsafeClassRefMember" severity="warning" msg="Unsafe class: The const reference member 'UnsafeClass::var' is initialized by a const reference constructor argument. You need to be careful about lifetime issues." verbose="Unsafe class checking: The const reference member 'UnsafeClass::var' is initialized by a const reference constructor argument. You need to be careful about lifetime issues. If you pass a local variable or temporary value in this constructor argument, be extra careful. If the argument is always some global object that is never destroyed then this is safe usage. However it would be defensive to make the member 'UnsafeClass::var' a non-reference variable or a smart pointer.">
<symbol>UnsafeClass::var</symbol>
</error>
<error id="assignIfError" severity="style" msg="Mismatching assignment and comparison, comparison '' is always false." verbose="Mismatching assignment and comparison, comparison '' is always false." cwe="398"/>
<error id="badBitmaskCheck" severity="warning" msg="Result of operator '|' is always true if one operand is non-zero. Did you intend to use '&'?" verbose="Result of operator '|' is always true if one operand is non-zero. Did you intend to use '&'?" cwe="571"/>
<error id="comparisonError" severity="style" msg="Expression '(X & 0x6) == 0x1' is always false." verbose="The expression '(X & 0x6) == 0x1' is always false. Check carefully constants and operators used, these errors might be hard to spot sometimes. In case of complex expression it might help to split it to separate expressions." cwe="398"/>
<error id="duplicateCondition" severity="style" msg="The if condition is the same as the previous if condition" verbose="The if condition is the same as the previous if condition" cwe="398"/>
<error id="multiCondition" severity="style" msg="Expression is always false because 'else if' condition matches previous condition at line 1." verbose="Expression is always false because 'else if' condition matches previous condition at line 1." cwe="398"/>
<error id="mismatchingBitAnd" severity="style" msg="Mismatching bitmasks. Result is always 0 (X = Y & 0xf0; Z = X & 0x1; => Z=0)." verbose="Mismatching bitmasks. Result is always 0 (X = Y & 0xf0; Z = X & 0x1; => Z=0)." cwe="398"/>
<error id="oppositeInnerCondition" severity="warning" msg="Opposite inner 'if' condition leads to a dead code block." verbose="Opposite inner 'if' condition leads to a dead code block (outer condition is 'x' and inner condition is '!x')." cwe="398"/>
<error id="identicalInnerCondition" severity="warning" msg="Identical inner 'if' condition is always true." verbose="Identical inner 'if' condition is always true (outer condition is 'x' and inner condition is 'x')." cwe="398"/>
<error id="identicalConditionAfterEarlyExit" severity="warning" msg="Identical condition 'x', second condition is always false" verbose="Identical condition 'x', second condition is always false" cwe="398"/>
<error id="incorrectLogicOperator" severity="warning" msg="Logical disjunction always evaluates to true: foo > 3 && foo < 4." verbose="Logical disjunction always evaluates to true: foo > 3 && foo < 4. Are these conditions necessary? Did you intend to use && instead? Are the numbers correct? Are you comparing the correct variables?" cwe="571"/>
<error id="redundantCondition" severity="style" msg="Redundant condition: If x > 11 the condition x > 10 is always true." verbose="Redundant condition: If x > 11 the condition x > 10 is always true." cwe="398"/>
<error id="moduloAlwaysTrueFalse" severity="warning" msg="Comparison of modulo result is predetermined, because it is always less than 1." verbose="Comparison of modulo result is predetermined, because it is always less than 1." cwe="398"/>
<error id="clarifyCondition" severity="style" msg="Suspicious condition (assignment + comparison); Clarify expression with parentheses." verbose="Suspicious condition (assignment + comparison); Clarify expression with parentheses." cwe="398"/>
<error id="knownConditionTrueFalse" severity="style" msg="Condition 'x' is always false" verbose="Condition 'x' is always false" cwe="570"/>
<error id="invalidTestForOverflow" severity="warning" msg="Invalid test for overflow 'x + c < x'; signed integer overflow is undefined behavior. Some mainstream compilers remove such overflow tests when optimising the code and assume it's always false." verbose="Invalid test for overflow 'x + c < x'; signed integer overflow is undefined behavior. Some mainstream compilers remove such overflow tests when optimising the code and assume it's always false." cwe="391"/>
<error id="pointerAdditionResultNotNull" severity="warning" msg="Comparison is wrong. Result of 'ptr+1' can't be 0 unless there is pointer overflow, and pointer overflow is undefined behaviour." verbose="Comparison is wrong. Result of 'ptr+1' can't be 0 unless there is pointer overflow, and pointer overflow is undefined behaviour."/>
<error id="duplicateConditionalAssign" severity="style" msg="Duplicate expression for the condition and assignment." verbose="Duplicate expression for the condition and assignment." cwe="398"/>
<error id="assignmentInCondition" severity="style" msg="Suspicious assignment in condition. Condition 'x=y' is always true." verbose="Suspicious assignment in condition. Condition 'x=y' is always true." cwe="571"/>
<error id="compareValueOutOfTypeRangeError" severity="style" msg="Comparing expression of type 'unsigned char' against value 256. Condition is always true." verbose="Comparing expression of type 'unsigned char' against value 256. Condition is always true." cwe="398"/>
<error id="exceptThrowInDestructor" severity="warning" msg="Class Class is not safe, destructor throws exception" verbose="The class Class is not safe because its destructor throws an exception. If Class is used and an exception is thrown that is caught in an outer scope the program will terminate." cwe="398"/>
<error id="exceptDeallocThrow" severity="warning" msg="Exception thrown in invalid state, 'p' points at deallocated memory." verbose="Exception thrown in invalid state, 'p' points at deallocated memory." cwe="398"/>
<error id="exceptRethrowCopy" severity="style" msg="Throwing a copy of the caught exception instead of rethrowing the original exception." verbose="Rethrowing an exception with 'throw varname;' creates an unnecessary copy of 'varname'. To rethrow the caught exception without unnecessary copying or slicing, use a bare 'throw;'." cwe="398"/>
<error id="catchExceptionByValue" severity="style" msg="Exception should be caught by reference." verbose="The exception is caught by value. It could be caught as a (const) reference which is usually recommended in C++." cwe="398"/>
<error id="throwInNoexceptFunction" severity="error" msg="Exception thrown in function declared not to throw exceptions." verbose="Exception thrown in function declared not to throw exceptions." cwe="398"/>
<error id="unhandledExceptionSpecification" severity="style" msg="Unhandled exception specification when calling function foo()." verbose="Unhandled exception specification when calling function foo(). Either use a try/catch around the function call, or add a exception specification for funcname() also." cwe="703" inconclusive="true"/>
<error id="rethrowNoCurrentException" severity="error" msg="Rethrowing current exception with 'throw;', it seems there is no current exception to rethrow. If there is no current exception this calls std::terminate(). More: https://isocpp.org/wiki/faq/exceptions#throw-without-an-object" verbose="Rethrowing current exception with 'throw;', it seems there is no current exception to rethrow. If there is no current exception this calls std::terminate(). More: https://isocpp.org/wiki/faq/exceptions#throw-without-an-object" cwe="480"/>
<error id="coutCerrMisusage" severity="error" msg="Invalid usage of output stream: '<< std::cout'." verbose="Invalid usage of output stream: '<< std::cout'." cwe="398"/>
<error id="fflushOnInputStream" severity="portability" msg="fflush() called on input stream 'stdin' may result in undefined behaviour on non-linux systems." verbose="fflush() called on input stream 'stdin' may result in undefined behaviour on non-linux systems." cwe="398"/>
<error id="IOWithoutPositioning" severity="error" msg="Read and write operations without a call to a positioning function (fseek, fsetpos or rewind) or fflush in between result in undefined behaviour." verbose="Read and write operations without a call to a positioning function (fseek, fsetpos or rewind) or fflush in between result in undefined behaviour." cwe="664"/>
<error id="readWriteOnlyFile" severity="error" msg="Read operation on a file that was opened only for writing." verbose="Read operation on a file that was opened only for writing." cwe="664"/>
<error id="writeReadOnlyFile" severity="error" msg="Write operation on a file that was opened only for reading." verbose="Write operation on a file that was opened only for reading." cwe="664"/>
<error id="useClosedFile" severity="error" msg="Used file that is not opened." verbose="Used file that is not opened." cwe="910"/>
<error id="seekOnAppendedFile" severity="warning" msg="Repositioning operation performed on a file opened in append mode has no effect." verbose="Repositioning operation performed on a file opened in append mode has no effect." cwe="398"/>
<error id="incompatibleFileOpen" severity="warning" msg="The file 'tmp' is opened for read and write access at the same time on different streams" verbose="The file 'tmp' is opened for read and write access at the same time on different streams" cwe="664"/>
<error id="invalidscanf" severity="warning" msg="scanf() without field width limits can crash with huge input data." verbose="scanf() without field width limits can crash with huge input data. Add a field width specifier to fix this problem.\012\012Sample program that can crash:\012\012#include <stdio.h>\012int main()\012{\012 char c[5];\012 scanf("%s", c);\012 return 0;\012}\012\012Typing in 5 or more characters may make the program crash. The correct usage here is 'scanf("%4s", c);', as the maximum field width does not include the terminating null byte.\012Source: http://linux.die.net/man/3/scanf\012Source: http://www.opensource.apple.com/source/xnu/xnu-1456.1.26/libkern/stdio/scanf.c" cwe="119"/>
<error id="wrongPrintfScanfArgNum" severity="error" msg="printf format string requires 3 parameters but only 2 are given." verbose="printf format string requires 3 parameters but only 2 are given." cwe="685"/>
<error id="invalidScanfArgType_s" severity="warning" msg="%s in format string (no. 1) requires a 'char *' but the argument type is Unknown." verbose="%s in format string (no. 1) requires a 'char *' but the argument type is Unknown." cwe="686"/>
<error id="invalidScanfArgType_int" severity="warning" msg="%d in format string (no. 1) requires 'int *' but the argument type is Unknown." verbose="%d in format string (no. 1) requires 'int *' but the argument type is Unknown." cwe="686"/>
<error id="invalidScanfArgType_float" severity="warning" msg="%f in format string (no. 1) requires 'float *' but the argument type is Unknown." verbose="%f in format string (no. 1) requires 'float *' but the argument type is Unknown." cwe="686"/>
<error id="invalidPrintfArgType_s" severity="warning" msg="%s in format string (no. 1) requires 'char *' but the argument type is Unknown." verbose="%s in format string (no. 1) requires 'char *' but the argument type is Unknown." cwe="686"/>
<error id="invalidPrintfArgType_n" severity="warning" msg="%n in format string (no. 1) requires 'int *' but the argument type is Unknown." verbose="%n in format string (no. 1) requires 'int *' but the argument type is Unknown." cwe="686"/>
<error id="invalidPrintfArgType_p" severity="warning" msg="%p in format string (no. 1) requires an address but the argument type is Unknown." verbose="%p in format string (no. 1) requires an address but the argument type is Unknown." cwe="686"/>
<error id="invalidPrintfArgType_uint" severity="warning" msg="%u in format string (no. 1) requires 'unsigned int' but the argument type is Unknown." verbose="%u in format string (no. 1) requires 'unsigned int' but the argument type is Unknown." cwe="686"/>
<error id="invalidPrintfArgType_sint" severity="warning" msg="%i in format string (no. 1) requires 'int' but the argument type is Unknown." verbose="%i in format string (no. 1) requires 'int' but the argument type is Unknown." cwe="686"/>
<error id="invalidPrintfArgType_float" severity="warning" msg="%f in format string (no. 1) requires 'double' but the argument type is Unknown." verbose="%f in format string (no. 1) requires 'double' but the argument type is Unknown." cwe="686"/>
<error id="invalidLengthModifierError" severity="warning" msg="'I' in format string (no. 1) is a length modifier and cannot be used without a conversion specifier." verbose="'I' in format string (no. 1) is a length modifier and cannot be used without a conversion specifier." cwe="704"/>
<error id="invalidScanfFormatWidth" severity="error" msg="Width 5 given in format string (no. 10) is larger than destination buffer '[0]', use %-1s to prevent overflowing it." verbose="Width 5 given in format string (no. 10) is larger than destination buffer '[0]', use %-1s to prevent overflowing it." cwe="687"/>
<error id="invalidScanfFormatWidth_smaller" severity="warning" msg="Width -1 given in format string (no. 99) is smaller than destination buffer '[0]'." verbose="Width -1 given in format string (no. 99) is smaller than destination buffer '[0]'." inconclusive="true"/>
<error id="wrongPrintfScanfParameterPositionError" severity="warning" msg="printf: referencing parameter 2 while 1 arguments given" verbose="printf: referencing parameter 2 while 1 arguments given" cwe="685"/>
<error id="deallocret" severity="error" msg="Returning/dereferencing 'p' after it is deallocated / released" verbose="Returning/dereferencing 'p' after it is deallocated / released" cwe="672">
<symbol>p</symbol>
</error>
<error id="doubleFree" severity="error" msg="Memory pointed to by 'varname' is freed twice." verbose="Memory pointed to by 'varname' is freed twice." cwe="415">
<symbol>varname</symbol>
</error>
<error id="leakNoVarFunctionCall" severity="error" msg="Allocation with funcName, funcName doesn't release it." verbose="Allocation with funcName, funcName doesn't release it." cwe="772"/>
<error id="leakReturnValNotUsed" severity="error" msg="Return value of allocation function 'funcName' is not stored." verbose="Return value of allocation function 'funcName' is not stored." cwe="771">
<symbol>funcName</symbol>
</error>
<error id="leakUnsafeArgAlloc" severity="warning" msg="Unsafe allocation. If funcName() throws, memory could be leaked. Use make_shared<int>() instead." verbose="Unsafe allocation. If funcName() throws, memory could be leaked. Use make_shared<int>() instead." cwe="401" inconclusive="true">
<symbol>funcName</symbol>
</error>
<error id="publicAllocationError" severity="warning" msg="Possible leak in public function. The pointer 'varname' is not deallocated before it is allocated." verbose="Possible leak in public function. The pointer 'varname' is not deallocated before it is allocated." cwe="398">
<symbol>varname</symbol>
</error>
<error id="unsafeClassCanLeak" severity="style" msg="Class 'class' is unsafe, 'class::varname' can leak by wrong usage." verbose="The class 'class' is unsafe, wrong usage can cause memory/resource leaks for 'class::varname'. This can for instance be fixed by adding proper cleanup in the destructor." cwe="398">
<symbol>class</symbol>
<symbol>class::varname</symbol>
</error>
<error id="memleak" severity="error" msg="Memory leak: varname" verbose="Memory leak: varname" cwe="401">
<symbol>varname</symbol>
</error>
<error id="resourceLeak" severity="error" msg="Resource leak: varname" verbose="Resource leak: varname" cwe="775">
<symbol>varname</symbol>
</error>
<error id="deallocuse" severity="error" msg="Dereferencing 'varname' after it is deallocated / released" verbose="Dereferencing 'varname' after it is deallocated / released" cwe="416">
<symbol>varname</symbol>
</error>
<error id="mismatchAllocDealloc" severity="error" msg="Mismatching allocation and deallocation: varname" verbose="Mismatching allocation and deallocation: varname" cwe="762">
<symbol>varname</symbol>
</error>
<error id="memleakOnRealloc" severity="error" msg="Common realloc mistake: 'varname' nulled but not freed upon failure" verbose="Common realloc mistake: 'varname' nulled but not freed upon failure" cwe="401">
<symbol>varname</symbol>
</error>
<error id="nullPointer" severity="error" msg="Null pointer dereference" verbose="Null pointer dereference" cwe="476"/>
<error id="nullPointerDefaultArg" severity="warning" msg="Possible null pointer dereference if the default parameter value is used: pointer" verbose="Possible null pointer dereference if the default parameter value is used: pointer" cwe="476">
<symbol>pointer</symbol>
</error>
<error id="nullPointerRedundantCheck" severity="warning" msg="Either the condition is redundant or there is possible null pointer dereference: pointer." verbose="Either the condition is redundant or there is possible null pointer dereference: pointer." cwe="476">
<symbol>pointer</symbol>
</error>
<error id="nullPointerArithmetic" severity="error" msg="Pointer arithmetic with NULL pointer." verbose="Pointer arithmetic with NULL pointer." cwe="682"/>
<error id="nullPointerArithmeticRedundantCheck" severity="warning" msg="Either the condition is redundant or there is pointer arithmetic with NULL pointer." verbose="Either the condition is redundant or there is pointer arithmetic with NULL pointer." cwe="682"/>
<error id="zerodiv" severity="error" msg="Division by zero." verbose="Division by zero." cwe="369"/>
<error id="zerodivcond" severity="warning" msg="Either the condition is redundant or there is division by zero." verbose="Either the condition is redundant or there is division by zero." cwe="369"/>
<error id="unusedScopedObject" severity="style" msg="Instance of 'varname' object is destroyed immediately." verbose="Instance of 'varname' object is destroyed immediately." cwe="563">
<symbol>varname</symbol>
</error>
<error id="invalidPointerCast" severity="portability" msg="Casting between float * and double * which have an incompatible binary data representation." verbose="Casting between float * and double * which have an incompatible binary data representation." cwe="704"/>
<error id="shiftNegativeLHS" severity="portability" msg="Shifting a negative value is technically undefined behaviour" verbose="Shifting a negative value is technically undefined behaviour" cwe="758"/>
<error id="shiftNegative" severity="error" msg="Shifting by a negative value is undefined behaviour" verbose="Shifting by a negative value is undefined behaviour" cwe="758"/>
<error id="raceAfterInterlockedDecrement" severity="error" msg="Race condition: non-interlocked access after InterlockedDecrement(). Use InterlockedDecrement() return value instead." verbose="Race condition: non-interlocked access after InterlockedDecrement(). Use InterlockedDecrement() return value instead." cwe="362"/>
<error id="invalidFree" severity="error" msg="Mismatching address is freed. The address you get from malloc() must be freed without offset." verbose="Mismatching address is freed. The address you get from malloc() must be freed without offset."/>
<error id="overlappingWriteUnion" severity="error" msg="Overlapping read/write of union is undefined behavior" verbose="Overlapping read/write of union is undefined behavior"/>
<error id="overlappingWriteFunction" severity="error" msg="Overlapping read/write in () is undefined behavior" verbose="Overlapping read/write in () is undefined behavior"/>
<error id="redundantCopyLocalConst" severity="performance" msg="Use const reference for 'varname' to avoid unnecessary data copying." verbose="The const variable 'varname' is assigned a copy of the data. You can avoid the unnecessary data copying by converting 'varname' to const reference." cwe="398" inconclusive="true">
<symbol>varname</symbol>
</error>
<error id="redundantCopy" severity="performance" msg="Buffer 'var' is being written before its old content has been used." verbose="Buffer 'var' is being written before its old content has been used." cwe="563">
<symbol>var</symbol>
</error>
<error id="comparisonFunctionIsAlwaysTrueOrFalse" severity="warning" msg="Comparison of two identical variables with isless(varName,varName) always evaluates to false." verbose="The function isless is designed to compare two variables. Calling this function with one variable (varName) for both parameters leads to a statement which is always false." cwe="570">
<symbol>isless</symbol>
</error>
<error id="checkCastIntToCharAndBack" severity="warning" msg="Storing func_name() return value in char variable and then comparing with EOF." verbose="When saving func_name() return value in char variable there is loss of precision. When func_name() returns EOF this value is truncated. Comparing the char variable with EOF can have unexpected results. For instance a loop "while (EOF != (c = func_name());" loops forever on some compilers/platforms and on other compilers/platforms it will stop when the file contains a matching character." cwe="197">
<symbol>func_name</symbol>
</error>
<error id="cstyleCast" severity="style" msg="C-style pointer casting" verbose="C-style pointer casting detected. C++ offers four different kinds of casts as replacements: static_cast, const_cast, dynamic_cast and reinterpret_cast. A C-style cast could evaluate to any of those automatically, thus it is considered safer if the programmer explicitly states which kind of cast is expected." cwe="398"/>
<error id="passedByValue" severity="performance" msg="Function parameter '' should be passed by const reference." verbose="Parameter '' is passed by value. It could be passed as a const reference which is usually faster and recommended in C++." cwe="398">
<symbol></symbol>
</error>
<error id="constParameter" severity="style" msg="Parameter 'x' can be declared with const" verbose="Parameter 'x' can be declared with const"/>
<error id="constVariable" severity="style" msg="Variable 'x' can be declared with const" verbose="Variable 'x' can be declared with const"/>
<error id="constParameterReference" severity="style" msg="Parameter 'x' can be declared with const" verbose="Parameter 'x' can be declared with const"/>
<error id="constVariableReference" severity="style" msg="Variable 'x' can be declared with const" verbose="Variable 'x' can be declared with const"/>
<error id="constParameterPointer" severity="style" msg="Parameter 'x' can be declared with const" verbose="Parameter 'x' can be declared with const"/>
<error id="constVariablePointer" severity="style" msg="Variable 'x' can be declared with const" verbose="Variable 'x' can be declared with const"/>
<error id="constParameterCallback" severity="style" msg="Parameter 'x' can be declared with const, however it seems that 'f' is a callback function." verbose="Parameter 'x' can be declared with const, however it seems that 'f' is a callback function."/>
<error id="constStatement" severity="warning" msg="Redundant code: Found a statement that begins with type constant." verbose="Redundant code: Found a statement that begins with type constant." cwe="398"/>
<error id="signedCharArrayIndex" severity="warning" msg="Signed 'char' type used as array index." verbose="Signed 'char' type used as array index. If the value can be greater than 127 there will be a buffer underflow because of sign extension." cwe="128"/>
<error id="unknownSignCharArrayIndex" severity="portability" msg="'char' type used as array index." verbose="'char' type used as array index. Values greater than 127 will be treated depending on whether 'char' is signed or unsigned on target platform." cwe="758"/>
<error id="charBitOp" severity="warning" msg="When using 'char' variables in bit operations, sign extension can generate unexpected results." verbose="When using 'char' variables in bit operations, sign extension can generate unexpected results. For example:\012 char c = 0x80;\012 int i = 0 | c;\012 if (i & 0x8000)\012 printf("not expected");\012The "not expected" will be printed on the screen." cwe="398"/>
<error id="variableScope" severity="style" msg="The scope of the variable 'varname' can be reduced." verbose="The scope of the variable 'varname' can be reduced. Warning: Be careful when fixing this message, especially when there are inner loops. Here is an example where cppcheck will write that the scope for 'i' can be reduced:\012void f(int x)\012{\012 int i = 0;\012 if (x) {\012 // it's safe to move 'int i = 0;' here\012 for (int n = 0; n < 10; ++n) {\012 // it is possible but not safe to move 'int i = 0;' here\012 do_something(&i);\012 }\012 }\012}\012When you see this message it is always safe to reduce the variable scope 1 level." cwe="398">
<symbol>varname</symbol>
</error>
<error id="redundantAssignInSwitch" severity="style" msg="Variable 'var' is reassigned a value before the old one has been used. 'break;' missing?" verbose="Variable 'var' is reassigned a value before the old one has been used. 'break;' missing?" cwe="563">
<symbol>var</symbol>
</error>
<error id="suspiciousCase" severity="warning" msg="Found suspicious case label in switch(). Operator '||' probably doesn't work as intended." verbose="Using an operator like '||' in a case label is suspicious. Did you intend to use a bitwise operator, multiple case labels or if/else instead?" cwe="398" inconclusive="true"/>
<error id="selfAssignment" severity="style" msg="Redundant assignment of 'varname' to itself." verbose="Redundant assignment of 'varname' to itself." cwe="398">
<symbol>varname</symbol>
</error>
<error id="clarifyCalculation" severity="style" msg="Clarify calculation precedence for '+' and '?'." verbose="Suspicious calculation. Please use parentheses to clarify the code. The code ''a+b?c:d'' should be written as either ''(a+b)?c:d'' or ''a+(b?c:d)''." cwe="783"/>
<error id="clarifyStatement" severity="warning" msg="In expression like '*A++' the result of '*' is unused. Did you intend to write '(*A)++;'?" verbose="A statement like '*A++;' might not do what you intended. Postfix 'operator++' is executed before 'operator*'. Thus, the dereference is meaningless. Did you intend to write '(*A)++;'?" cwe="783"/>
<error id="duplicateBranch" severity="style" msg="Found duplicate branches for 'if' and 'else'." verbose="Finding the same code in an 'if' and related 'else' branch is suspicious and might indicate a cut and paste or logic error. Please examine this code carefully to determine if it is correct." cwe="398" inconclusive="true"/>
<error id="duplicateAssignExpression" severity="style" msg="Same expression used in consecutive assignments of 'x' and 'x'." verbose="Finding variables 'x' and 'x' that are assigned the same expression is suspicious and might indicate a cut and paste or logic error. Please examine this code carefully to determine if it is correct." cwe="398" inconclusive="true"/>
<error id="oppositeExpression" severity="style" msg="Opposite expression on both sides of '&&'." verbose="Finding the opposite expression on both sides of an operator is suspicious and might indicate a cut and paste or logic error. Please examine this code carefully to determine if it is correct." cwe="398"/>
<error id="duplicateExpression" severity="style" msg="Same expression on both sides of '&&'." verbose="Finding the same expression on both sides of an operator is suspicious and might indicate a cut and paste or logic error. Please examine this code carefully to determine if it is correct." cwe="398"/>
<error id="duplicateValueTernary" severity="style" msg="Same value in both branches of ternary operator." verbose="Finding the same value in both branches of ternary operator is suspicious as the same code is executed regardless of the condition." cwe="398"/>
<error id="duplicateExpressionTernary" severity="style" msg="Same expression in both branches of ternary operator." verbose="Finding the same expression in both branches of ternary operator is suspicious as the same code is executed regardless of the condition." cwe="398"/>
<error id="duplicateBreak" severity="style" msg="Consecutive return, break, continue, goto or throw statements are unnecessary." verbose="Consecutive return, break, continue, goto or throw statements are unnecessary. The second statement can never be executed, and so should be removed." cwe="561"/>
<error id="unreachableCode" severity="style" msg="Statements following return, break, continue, goto or throw will never be executed." verbose="Statements following return, break, continue, goto or throw will never be executed." cwe="561"/>
<error id="unsignedLessThanZero" severity="style" msg="Checking if unsigned expression 'varname' is less than zero." verbose="The unsigned expression 'varname' will never be negative so it is either pointless or an error to check if it is." cwe="570">
<symbol>varname</symbol>
</error>
<error id="unsignedPositive" severity="style" msg="Unsigned expression 'varname' can't be negative so it is unnecessary to test it." verbose="Unsigned expression 'varname' can't be negative so it is unnecessary to test it." cwe="570">
<symbol>varname</symbol>
</error>
<error id="pointerLessThanZero" severity="style" msg="A pointer can not be negative so it is either pointless or an error to check if it is." verbose="A pointer can not be negative so it is either pointless or an error to check if it is." cwe="570"/>
<error id="pointerPositive" severity="style" msg="A pointer can not be negative so it is either pointless or an error to check if it is not." verbose="A pointer can not be negative so it is either pointless or an error to check if it is not." cwe="570"/>
<error id="suspiciousSemicolon" severity="warning" msg="Suspicious use of ; at the end of '' statement." verbose="Suspicious use of ; at the end of '' statement." cwe="398"/>
<error id="incompleteArrayFill" severity="warning" msg="Array 'buffer' is filled incompletely. Did you forget to multiply the size given to 'memset()' with 'sizeof(*buffer)'?" verbose="The array 'buffer' is filled incompletely. The function 'memset()' needs the size given in bytes, but an element of the given array is larger than one byte. Did you forget to multiply the size with 'sizeof(*buffer)'?" cwe="131" inconclusive="true">
<symbol>buffer</symbol>
<symbol>memset</symbol>
</error>
<error id="varFuncNullUB" severity="portability" msg="Passing NULL after the last typed argument to a variadic function leads to undefined behaviour." verbose="Passing NULL after the last typed argument to a variadic function leads to undefined behaviour.\012The C99 standard, in section 7.15.1.1, states that if the type used by va_arg() is not compatible with the type of the actual next argument (as promoted according to the default argument promotions), the behavior is undefined.\012The value of the NULL macro is an implementation-defined null pointer constant (7.17), which can be any integer constant expression with the value 0, or such an expression casted to (void*) (6.3.2.3). This includes values like 0, 0L, or even 0LL.\012In practice on common architectures, this will cause real crashes if sizeof(int) != sizeof(void*), and NULL is defined to 0 or any other null pointer constant that promotes to int.\012To reproduce you might be able to use this little code example on 64bit platforms. If the output includes "ERROR", the sentinel had only 4 out of 8 bytes initialized to zero and was not detected as the final argument to stop argument processing via va_arg(). Changing the 0 to (void*)0 or 0L will make the "ERROR" output go away.\012#include <stdarg.h>\012#include <stdio.h>\012\012void f(char *s, ...) {\012 va_list ap;\012 va_start(ap,s);\012 for (;;) {\012 char *p = va_arg(ap,char*);\012 printf("%018p, %s\n", p, (long)p & 255 ? p : "");\012 if(!p) break;\012 }\012 va_end(ap);\012}\012\012void g() {\012 char *s2 = "x";\012 char *s3 = "ERROR";\012\012 // changing 0 to 0L for the 7th argument (which is intended to act as sentinel) makes the error go away on x86_64\012 f("first", s2, s2, s2, s2, s2, 0, s3, (char*)0);\012}\012\012void h() {\012 int i;\012 volatile unsigned char a[1000];\012 for (i = 0; i<sizeof(a); i++)\012 a[i] = -1;\012}\012\012int main() {\012 h();\012 g();\012 return 0;\012}" cwe="475"/>
<error id="nanInArithmeticExpression" severity="style" msg="Using NaN/Inf in a computation." verbose="Using NaN/Inf in a computation. Although nothing bad really happens, it is suspicious." cwe="369"/>
<error id="commaSeparatedReturn" severity="style" msg="Comma is used in return statement. The comma can easily be misread as a ';'." verbose="Comma is used in return statement. When comma is used in a return statement it can easily be misread as a semicolon. For example in the code below the value of 'b' is returned if the condition is true, but it is easy to think that 'a+1' is returned:\012 if (x)\012 return a + 1,\012 b++;\012However it can be useful to use comma in macros. Cppcheck does not warn when such a macro is then used in a return statement, it is less likely such code is misunderstood." cwe="398"/>
<error id="redundantPointerOp" severity="style" msg="Redundant pointer operation on 'varname' - it's already a pointer." verbose="Redundant pointer operation on 'varname' - it's already a pointer." cwe="398">
<symbol>varname</symbol>
</error>
<error id="unusedLabel" severity="style" msg="Label '' is not used." verbose="Label '' is not used." cwe="398">
<symbol></symbol>
</error>
<error id="unusedLabelConfiguration" severity="style" msg="Label '' is not used. There is #if in function body so the label might be used in code that is removed by the preprocessor." verbose="Label '' is not used. There is #if in function body so the label might be used in code that is removed by the preprocessor." cwe="398">
<symbol></symbol>
</error>
<error id="unusedLabelSwitch" severity="warning" msg="Label '' is not used. Should this be a 'case' of the enclosing switch()?" verbose="Label '' is not used. Should this be a 'case' of the enclosing switch()?" cwe="398">
<symbol></symbol>
</error>
<error id="unusedLabelSwitchConfiguration" severity="warning" msg="Label '' is not used. There is #if in function body so the label might be used in code that is removed by the preprocessor. Should this be a 'case' of the enclosing switch()?" verbose="Label '' is not used. There is #if in function body so the label might be used in code that is removed by the preprocessor. Should this be a 'case' of the enclosing switch()?" cwe="398">
<symbol></symbol>
</error>
<error id="unknownEvaluationOrder" severity="error" msg="Expression 'x = x++;' depends on order of evaluation of side effects" verbose="Expression 'x = x++;' depends on order of evaluation of side effects" cwe="768"/>
<error id="accessMoved" severity="warning" msg="Access of moved variable 'v'." verbose="Access of moved variable 'v'." cwe="672"/>
<error id="accessForwarded" severity="warning" msg="Access of forwarded variable 'v'." verbose="Access of forwarded variable 'v'." cwe="672"/>
<error id="funcArgNamesDifferent" severity="style" msg="Function 'function' argument 2 names different: declaration 'A' definition 'B'." verbose="Function 'function' argument 2 names different: declaration 'A' definition 'B'." cwe="628" inconclusive="true">
<symbol>function</symbol>
</error>
<error id="redundantBitwiseOperationInSwitch" severity="style" msg="Redundant bitwise operation on 'varname' in 'switch' statement. 'break;' missing?" verbose="Redundant bitwise operation on 'varname' in 'switch' statement. 'break;' missing?">
<symbol>varname</symbol>
</error>
<error id="shadowVariable" severity="style" msg="Local variable 'variable' shadows outer variable" verbose="Local variable 'variable' shadows outer variable" cwe="398">
<symbol>variable</symbol>
</error>
<error id="shadowFunction" severity="style" msg="Local variable 'function' shadows outer function" verbose="Local variable 'function' shadows outer function" cwe="398">
<symbol>function</symbol>
</error>
<error id="shadowArgument" severity="style" msg="Local variable 'argument' shadows outer argument" verbose="Local variable 'argument' shadows outer argument" cwe="398">
<symbol>argument</symbol>
</error>
<error id="knownArgument" severity="style" msg="Argument 'x-x' to function 'func' is always 0. It does not matter what value 'x' has." verbose="Argument 'x-x' to function 'func' is always 0. It does not matter what value 'x' has."/>
<error id="knownArgumentHiddenVariableExpression" severity="style" msg="Argument 'x*0' to function 'func' is always 0. Constant literal calculation disable/hide variable expression 'x'." verbose="Argument 'x*0' to function 'func' is always 0. Constant literal calculation disable/hide variable expression 'x'."/>
<error id="knownPointerToBool" severity="style" msg="Pointer expression 'p' converted to bool is always true." verbose="Pointer expression 'p' converted to bool is always true."/>
<error id="comparePointers" severity="error" msg="Comparing pointers that point to different objects" verbose="Comparing pointers that point to different objects" cwe="570"/>
<error id="redundantAssignment" severity="style" msg="Variable 'var' is reassigned a value before the old one has been used." verbose="Variable 'var' is reassigned a value before the old one has been used." cwe="563">
<symbol>var</symbol>
</error>
<error id="redundantInitialization" severity="style" msg="Redundant initialization for 'var'. The initialized value is overwritten before it is read." verbose="Redundant initialization for 'var'. The initialized value is overwritten before it is read." cwe="563">
<symbol>var</symbol>
</error>
<error id="funcArgOrderDifferent" severity="warning" msg="Function 'function' argument order different: declaration '' definition ''" verbose="Function 'function' argument order different: declaration '' definition ''" cwe="683">
<symbol>function</symbol>
</error>
<error id="moduloofone" severity="style" msg="Modulo of one is always equal to zero" verbose="Modulo of one is always equal to zero"/>
<error id="containerOutOfBounds" severity="error" msg="Out of bounds access in expression 'container[x]'" verbose="Out of bounds access in expression 'container[x]'" cwe="398">
<symbol>container</symbol>
</error>
<error id="invalidIterator1" severity="error" msg="Invalid iterator: iterator" verbose="Invalid iterator: iterator" cwe="664">
<symbol>iterator</symbol>
</error>
<error id="iterators1" severity="error" msg="Same iterator is used with different containers 'container1' and 'container2'." verbose="Same iterator is used with different containers 'container1' and 'container2'." cwe="664">
<symbol>container1</symbol>
<symbol>container2</symbol>
</error>
<error id="iterators2" severity="error" msg="Same iterator is used with different containers 'container0' and 'container1'." verbose="Same iterator is used with different containers 'container0' and 'container1'." cwe="664">
<symbol>container0</symbol>
<symbol>container1</symbol>
</error>
<error id="iterators3" severity="error" msg="Same iterator is used with containers 'container' that are temporaries or defined in different scopes." verbose="Same iterator is used with containers 'container' that are temporaries or defined in different scopes." cwe="664">
<symbol>container</symbol>
</error>
<error id="invalidContainerLoop" severity="error" msg="Calling 'erase' while iterating the container is invalid." verbose="Calling 'erase' while iterating the container is invalid." cwe="664"/>
<error id="invalidContainer" severity="error" msg="Using object that may be invalid." verbose="Using object that may be invalid." cwe="664"/>
<error id="mismatchingContainerIterator" severity="error" msg="Iterator 'it' referring to container 'v2' is used with container 'v1'." verbose="Iterator 'it' referring to container 'v2' is used with container 'v1'." cwe="664"/>
<error id="mismatchingContainers" severity="error" msg="Iterators of different containers 'v1' and 'v2' are used together." verbose="Iterators of different containers 'v1' and 'v2' are used together." cwe="664"/>
<error id="mismatchingContainerExpression" severity="warning" msg="Iterators to containers from different expressions 'v1' and 'v2' are used together." verbose="Iterators to containers from different expressions 'v1' and 'v2' are used together." cwe="664"/>
<error id="sameIteratorExpression" severity="style" msg="Same iterators expression are used for algorithm." verbose="Same iterators expression are used for algorithm." cwe="664"/>
<error id="eraseDereference" severity="error" msg="Invalid iterator 'iter' used." verbose="The iterator 'iter' is invalid before being assigned. Dereferencing or comparing it with another iterator is invalid operation." cwe="664">
<symbol>iter</symbol>
</error>
<error id="stlOutOfBounds" severity="error" msg="When i==foo.size(), foo[i] is out of bounds." verbose="When i==foo.size(), foo[i] is out of bounds." cwe="788">
<symbol>foo</symbol>
</error>
<error id="negativeContainerIndex" severity="warning" msg="Array index -1 is out of bounds." verbose="Array index -1 is out of bounds." cwe="786"/>
<error id="stlBoundaries" severity="error" msg="Dangerous comparison using operator< on iterator." verbose="Iterator compared with operator<. This is dangerous since the order of items in the container is not guaranteed. One should use operator!= instead to compare iterators." cwe="664"/>
<error id="stlIfFind" severity="warning" msg="Suspicious condition. The result of find() is an iterator, but it is not properly checked." verbose="Suspicious condition. The result of find() is an iterator, but it is not properly checked." cwe="398"/>
<error id="stlIfStrFind" severity="performance" msg="Inefficient usage of string::find() in condition; string::starts_with() could be faster." verbose="Either inefficient or wrong usage of string::find(). string::starts_with() will be faster if string::find's result is compared with 0, because it will not scan the whole string. If your intention is to check that there are no findings in the string, you should compare with std::string::npos." cwe="597"/>
<error id="stlFindInsert" severity="performance" msg="Searching before insertion is not necessary." verbose="Searching before insertion is not necessary." cwe="398"/>
<error id="stlcstr" severity="error" msg="Dangerous usage of c_str(). The value returned by c_str() is invalid after this call." verbose="Dangerous usage of c_str(). The c_str() return value is only valid until its string is deleted." cwe="664"/>
<error id="stlcstrReturn" severity="performance" msg="Returning the result of c_str() in a function that returns std::string is slow and redundant." verbose="The conversion from const char* as returned by c_str() to std::string creates an unnecessary string copy. Solve that by directly returning the string." cwe="704"/>
<error id="stlcstrParam" severity="performance" msg="Passing the result of c_str() to a function that takes std::string as argument no. 0 is slow and redundant." verbose="The conversion from const char* as returned by c_str() to std::string creates an unnecessary string copy or length calculation. Solve that by directly passing the string." cwe="704"/>
<error id="stlcstrthrow" severity="error" msg="Dangerous usage of c_str(). The value returned by c_str() is invalid after throwing exception." verbose="Dangerous usage of c_str(). The string is destroyed after the c_str() call so the thrown pointer is invalid."/>
<error id="stlSize" severity="performance" msg="Possible inefficient checking for 'list' emptiness." verbose="Checking for 'list' emptiness might be inefficient. Using list.empty() instead of list.size() can be faster. list.size() can take linear time but list.empty() is guaranteed to take constant time." cwe="398">
<symbol>list</symbol>
</error>
<error id="StlMissingComparison" severity="warning" msg="Missing bounds check for extra iterator increment in loop." verbose="The iterator incrementing is suspicious - it is incremented at line and then at line . The loop might unintentionally skip an element in the container. There is no comparison between these increments to prevent that the iterator is incremented beyond the end." cwe="834"/>
<error id="redundantIfRemove" severity="style" msg="Redundant checking of STL container element existence before removing it." verbose="Redundant checking of STL container element existence before removing it. It is safe to call the remove method on a non-existing element." cwe="398"/>
<error id="uselessCallsCompare" severity="warning" msg="It is inefficient to call 'str.find(str)' as it always returns 0." verbose="'std::string::find()' returns zero when given itself as parameter (str.find(str)). As it is currently the code is inefficient. It is possible either the string searched ('str') or searched for ('str') is wrong." cwe="628">
<symbol>str</symbol>
<symbol>find</symbol>
</error>
<error id="uselessCallsSwap" severity="performance" msg="It is inefficient to swap a object with itself by calling 'str.swap(str)'" verbose="The 'swap()' function has no logical effect when given itself as parameter (str.swap(str)). As it is currently the code is inefficient. Is the object or the parameter wrong here?" cwe="628">
<symbol>str</symbol>
</error>
<error id="uselessCallsSubstr" severity="performance" msg="Ineffective call of function 'substr' because it returns a copy of the object. Use operator= instead." verbose="Ineffective call of function 'substr' because it returns a copy of the object. Use operator= instead." cwe="398"/>
<error id="uselessCallsEmpty" severity="warning" msg="Ineffective call of function 'empty()'. Did you intend to call 'clear()' instead?" verbose="Ineffective call of function 'empty()'. Did you intend to call 'clear()' instead?" cwe="398"/>
<error id="uselessCallsRemove" severity="warning" msg="Return value of std::remove() ignored. Elements remain in container." verbose="The return value of std::remove() is ignored. This function returns an iterator to the end of the range containing those elements that should be kept. Elements past new end remain valid but with unspecified values. Use the erase method of the container to delete them." cwe="762">
<symbol>remove</symbol>
</error>
<error id="derefInvalidIterator" severity="warning" msg="Possible dereference of an invalid iterator: i" verbose="Possible dereference of an invalid iterator: i. Make sure to check that the iterator is valid before dereferencing it - not after." cwe="825">
<symbol>i</symbol>
</error>
<error id="eraseIteratorOutOfBounds" severity="error" msg="Calling function 'erase()' on the iterator 'iter' which is out of bounds." verbose="Calling function 'erase()' on the iterator 'iter' which is out of bounds." cwe="628"/>
<error id="eraseIteratorOutOfBoundsCond" severity="warning" msg="Either the condition 'x' is redundant or function 'erase()' is called on the iterator 'iter' which is out of bounds." verbose="Either the condition 'x' is redundant or function 'erase()' is called on the iterator 'iter' which is out of bounds." cwe="628"/>
<error id="useStlAlgorithm" severity="style" msg="Consider using algorithm instead of a raw loop." verbose="Consider using algorithm instead of a raw loop." cwe="398"/>
<error id="knownEmptyContainer" severity="style" msg="Iterating over container 'var' that is always empty." verbose="Iterating over container 'var' that is always empty." cwe="398"/>
<error id="globalLockGuard" severity="warning" msg="Lock guard is defined globally. Lock guards are intended to be local. A global lock guard could lead to a deadlock since it won't unlock until the end of the program." verbose="Lock guard is defined globally. Lock guards are intended to be local. A global lock guard could lead to a deadlock since it won't unlock until the end of the program." cwe="833"/>
<error id="localMutex" severity="warning" msg="The lock is ineffective because the mutex is locked at the same scope as the mutex itself." verbose="The lock is ineffective because the mutex is locked at the same scope as the mutex itself." cwe="667"/>
<error id="sizeofwithsilentarraypointer" severity="warning" msg="Using 'sizeof' on array given as function argument returns size of a pointer." verbose="Using 'sizeof' for array given as function argument returns the size of a pointer. It does not return the size of the whole array in bytes as might be expected. For example, this code:\012 int f(char a[100]) {\012 return sizeof(a);\012 }\012returns 4 (in 32-bit systems) or 8 (in 64-bit systems) instead of 100 (the size of the array in bytes)." cwe="467"/>
<error id="pointerSize" severity="warning" msg="Size of pointer 'varname' used instead of size of its data." verbose="Size of pointer 'varname' used instead of size of its data. This is likely to lead to a buffer overflow. You probably intend to write 'sizeof(*varname)'." cwe="467"/>
<error id="sizeofDivisionMemfunc" severity="warning" msg="Division by result of sizeof(). memset() expects a size in bytes, did you intend to multiply instead?" verbose="Division by result of sizeof(). memset() expects a size in bytes, did you intend to multiply instead?" cwe="682"/>
<error id="sizeofwithnumericparameter" severity="warning" msg="Suspicious usage of 'sizeof' with a numeric constant as parameter." verbose="It is unusual to use a constant value with sizeof. For example, 'sizeof(10)' returns 4 (in 32-bit systems) or 8 (in 64-bit systems) instead of 10. 'sizeof('A')' and 'sizeof(char)' can return different results." cwe="682"/>
<error id="sizeofsizeof" severity="warning" msg="Calling 'sizeof' on 'sizeof'." verbose="Calling sizeof for 'sizeof looks like a suspicious code and most likely there should be just one 'sizeof'. The current code is equivalent to 'sizeof(size_t)'" cwe="682"/>
<error id="sizeofCalculation" severity="warning" msg="Found calculation inside sizeof()." verbose="Found calculation inside sizeof()." cwe="682"/>
<error id="sizeofFunctionCall" severity="warning" msg="Found function call inside sizeof()." verbose="Found function call inside sizeof()." cwe="682"/>
<error id="multiplySizeof" severity="warning" msg="Multiplying sizeof() with sizeof() indicates a logic error." verbose="Multiplying sizeof() with sizeof() indicates a logic error." cwe="682" inconclusive="true"/>
<error id="divideSizeof" severity="warning" msg="Division of result of sizeof() on pointer type." verbose="Division of result of sizeof() on pointer type. sizeof() returns the size of the pointer, not the size of the memory area it points to." cwe="682" inconclusive="true"/>
<error id="sizeofVoid" severity="portability" msg="Behaviour of 'sizeof(void)' is not covered by the ISO C standard." verbose="Behaviour of 'sizeof(void)' is not covered by the ISO C standard. A value for 'sizeof(void)' is defined only as part of a GNU C extension, which defines 'sizeof(void)' to be 1." cwe="682"/>
<error id="sizeofDereferencedVoidPointer" severity="portability" msg="'*varname' is of type 'void', the behaviour of 'sizeof(void)' is not covered by the ISO C standard." verbose="'*varname' is of type 'void', the behaviour of 'sizeof(void)' is not covered by the ISO C standard. A value for 'sizeof(void)' is defined only as part of a GNU C extension, which defines 'sizeof(void)' to be 1." cwe="682"/>
<error id="arithOperationsOnVoidPointer" severity="portability" msg="'varname' is of type 'vartype'. When using void pointers in calculations, the behaviour is undefined." verbose="'varname' is of type 'vartype'. When using void pointers in calculations, the behaviour is undefined. Arithmetic operations on 'void *' is a GNU C extension, which defines the 'sizeof(void)' to be 1." cwe="467">
<symbol>varname</symbol>
</error>
<error id="stringLiteralWrite" severity="error" msg="Modifying string literal directly or indirectly is undefined behaviour." verbose="Modifying string literal directly or indirectly is undefined behaviour." cwe="758"/>
<error id="sprintfOverlappingData" severity="error" msg="Undefined behavior: Variable 'varname' is used as parameter and destination in s[n]printf()." verbose="The variable 'varname' is used both as a parameter and as destination in s[n]printf(). The origin and destination buffers overlap. Quote from glibc (C-library) documentation (http://www.gnu.org/software/libc/manual/html_mono/libc.html#Formatted-Output-Functions): "If copying takes place between objects that overlap as a result of a call to sprintf() or snprintf(), the results are undefined."" cwe="628">
<symbol>varname</symbol>
</error>
<error id="strPlusChar" severity="error" msg="Unusual pointer arithmetic. A value of type 'char' is added to a string literal." verbose="Unusual pointer arithmetic. A value of type 'char' is added to a string literal." cwe="665"/>
<error id="incorrectStringCompare" severity="warning" msg="String literal "Hello World" doesn't match length argument for substr()." verbose="String literal "Hello World" doesn't match length argument for substr()." cwe="570">
<symbol>substr</symbol>
</error>
<error id="literalWithCharPtrCompare" severity="warning" msg="String literal compared with variable 'foo'. Did you intend to use strcmp() instead?" verbose="String literal compared with variable 'foo'. Did you intend to use strcmp() instead?" cwe="595">
<symbol>foo</symbol>
</error>
<error id="charLiteralWithCharPtrCompare" severity="warning" msg="Char literal compared with pointer 'foo'. Did you intend to dereference it?" verbose="Char literal compared with pointer 'foo'. Did you intend to dereference it?" cwe="595">
<symbol>foo</symbol>
</error>
<error id="incorrectStringBooleanError" severity="warning" msg="Conversion of string literal "Hello World" to bool always evaluates to true." verbose="Conversion of string literal "Hello World" to bool always evaluates to true." cwe="571"/>
<error id="incorrectCharBooleanError" severity="warning" msg="Conversion of char literal 'x' to bool always evaluates to true." verbose="Conversion of char literal 'x' to bool always evaluates to true." cwe="571"/>
<error id="staticStringCompare" severity="warning" msg="Unnecessary comparison of static strings." verbose="The compared strings, 'str1' and 'str2', are always unequal. Therefore the comparison is unnecessary and looks suspicious." cwe="570"/>
<error id="stringCompare" severity="warning" msg="Comparison of identical string variables." verbose="The compared strings, 'varname1' and 'varname2', are identical. This could be a logic bug." cwe="571"/>
<error id="overlappingStrcmp" severity="warning" msg="The expression 'strcmp(x,"def") != 0' is suspicious. It overlaps 'strcmp(x,"abc") == 0'." verbose="The expression 'strcmp(x,"def") != 0' is suspicious. It overlaps 'strcmp(x,"abc") == 0'."/>
<error id="shiftTooManyBits" severity="error" msg="Shifting 32-bit value by 40 bits is undefined behaviour" verbose="Shifting 32-bit value by 40 bits is undefined behaviour" cwe="758"/>
<error id="shiftTooManyBitsSigned" severity="error" msg="Shifting signed 32-bit value by 31 bits is undefined behaviour" verbose="Shifting signed 32-bit value by 31 bits is undefined behaviour" cwe="758"/>
<error id="integerOverflow" severity="error" msg="Signed integer overflow for expression ''." verbose="Signed integer overflow for expression ''." cwe="190"/>
<error id="signConversion" severity="warning" msg="Expression 'var' can have a negative value. That is converted to an unsigned value and used in an unsigned calculation." verbose="Expression 'var' can have a negative value. That is converted to an unsigned value and used in an unsigned calculation." cwe="195"/>
<error id="truncLongCastAssignment" severity="style" msg="int result is assigned to long variable. If the variable is long to avoid loss of information, then you have loss of information." verbose="int result is assigned to long variable. If the variable is long to avoid loss of information, then there is loss of information. To avoid loss of information you must cast a calculation operand to long, for example 'l = a * b;' => 'l = (long)a * b;'." cwe="197"/>
<error id="truncLongCastReturn" severity="style" msg="int result is returned as long value. If the return value is long to avoid loss of information, then you have loss of information." verbose="int result is returned as long value. If the return value is long to avoid loss of information, then there is loss of information. To avoid loss of information you must cast a calculation operand to long, for example 'return a*b;' => 'return (long)a*b'." cwe="197"/>
<error id="floatConversionOverflow" severity="error" msg="Undefined behaviour: float (1e+100) to integer conversion overflow." verbose="Undefined behaviour: float (1e+100) to integer conversion overflow." cwe="190"/>
<error id="uninitdata" severity="error" msg="Memory is allocated but not initialized: varname" verbose="Memory is allocated but not initialized: varname" cwe="457">
<symbol>varname</symbol>
</error>
<error id="uninitStructMember" severity="error" msg="Uninitialized struct member: a.b" verbose="Uninitialized struct member: a.b" cwe="457">
<symbol>a.b</symbol>
</error>
<error id="unusedVariable" severity="style" msg="Unused variable: varname" verbose="Unused variable: varname" cwe="563">
<symbol>varname</symbol>
</error>
<error id="unusedAllocatedMemory" severity="style" msg="Variable 'varname' is allocated memory that is never used." verbose="Variable 'varname' is allocated memory that is never used." cwe="563">
<symbol>varname</symbol>
</error>
<error id="unreadVariable" severity="style" msg="Variable 'varname' is assigned a value that is never used." verbose="Variable 'varname' is assigned a value that is never used." cwe="563">
<symbol>varname</symbol>
</error>
<error id="unassignedVariable" severity="style" msg="Variable 'varname' is not assigned a value." verbose="Variable 'varname' is not assigned a value." cwe="665">
<symbol>varname</symbol>
</error>
<error id="unusedStructMember" severity="style" msg="struct member 'structname::variable' is never used." verbose="struct member 'structname::variable' is never used." cwe="563">
<symbol>structname::variable</symbol>
</error>
<error id="postfixOperator" severity="performance" msg="Prefer prefix ++/-- operators for non-primitive types." verbose="Prefix ++/-- operators should be preferred for non-primitive types. Pre-increment/decrement can be more efficient than post-increment/decrement. Post-increment/decrement usually involves keeping a copy of the previous value around and adds a little extra code." cwe="398"/>
<error id="va_start_wrongParameter" severity="warning" msg="'arg1' given to va_start() is not last named argument of the function. Did you intend to pass 'arg2'?" verbose="'arg1' given to va_start() is not last named argument of the function. Did you intend to pass 'arg2'?" cwe="688"/>
<error id="va_start_referencePassed" severity="error" msg="Using reference 'arg1' as parameter for va_start() results in undefined behaviour." verbose="Using reference 'arg1' as parameter for va_start() results in undefined behaviour." cwe="758"/>
<error id="va_end_missing" severity="error" msg="va_list 'vl' was opened but not closed by va_end()." verbose="va_list 'vl' was opened but not closed by va_end()." cwe="664"/>
<error id="va_list_usedBeforeStarted" severity="error" msg="va_list 'vl' used before va_start() was called." verbose="va_list 'vl' used before va_start() was called." cwe="664"/>
<error id="va_start_subsequentCalls" severity="error" msg="va_start() or va_copy() called subsequently on 'vl' without va_end() in between." verbose="va_start() or va_copy() called subsequently on 'vl' without va_end() in between." cwe="664"/>
<error id="unusedFunction" severity="style" msg="The function 'funcName' is never used." verbose="The function 'funcName' is never used." cwe="561">
<symbol>funcName</symbol>
</error>
<error id="preprocessorErrorDirective" severity="error" msg="#error message" verbose="#error message"/>
</errors>
</results>