-
Notifications
You must be signed in to change notification settings - Fork 1
/
errorlist.xml
542 lines (542 loc) · 96 KB
/
errorlist.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
<?xml version="1.0" encoding="UTF-8"?>
<results version="2">
<cppcheck version="1.87"/>
<errors> <error id="purgedConfiguration" severity="information" msg="The configuration '' was not checked because its code equals another one." verbose="The configuration '' was not checked because its code equals another one."/>
<error id="toomanyconfigs" severity="information" msg="Too many #ifdef configurations - cppcheck only checks 12 configurations. Use --force to check all configurations. For more details, use --enable=information." verbose="The checking of the file will be interrupted because there are too many #ifdef configurations. Checking of all #ifdef configurations can be forced by --force command line option or from GUI preferences. However that may increase the checking time. For more details, use --enable=information." cwe="398"/>
<error id="AssignmentAddressToInteger" severity="portability" msg="Assigning a pointer to an integer is not portable." verbose="Assigning a pointer to an integer (int/long/etc) is not portable across different platforms and compilers. For example in 32-bit Windows and linux they are same width, but in 64-bit Windows and linux they are of different width. In worst case you end up assigning 64-bit address to 32-bit integer. The safe way is to store addresses only in pointer types (or typedefs like uintptr_t)." cwe="758"/>
<error id="AssignmentIntegerToAddress" severity="portability" msg="Assigning an integer to a pointer is not portable." verbose="Assigning an integer (int/long/etc) to a pointer is not portable across different platforms and compilers. For example in 32-bit Windows and linux they are same width, but in 64-bit Windows and linux they are of different width. In worst case you end up assigning 64-bit integer to 32-bit pointer. The safe way is to store addresses only in pointer types (or typedefs like uintptr_t)." cwe="758"/>
<error id="CastIntegerToAddressAtReturn" severity="portability" msg="Returning an integer in a function with pointer return type is not portable." verbose="Returning an integer (int/long/etc) in a function with pointer return type is not portable across different platforms and compilers. For example in 32-bit Windows and Linux they are same width, but in 64-bit Windows and Linux they are of different width. In worst case you end up casting 64-bit integer down to 32-bit pointer. The safe way is to always return a pointer." cwe="758"/>
<error id="CastAddressToIntegerAtReturn" severity="portability" msg="Returning an address value in a function with integer return type is not portable." verbose="Returning an address value in a function with integer (int/long/etc) return type is not portable across different platforms and compilers. For example in 32-bit Windows and Linux they are same width, but in 64-bit Windows and Linux they are of different width. In worst case you end up casting 64-bit address down to 32-bit integer. The safe way is to always return an integer." cwe="758"/>
<error id="assertWithSideEffect" severity="warning" msg="Assert statement calls a function which may have desired side effects: 'function'." verbose="Non-pure function: 'function' is called inside assert statement. Assert statements are removed from release builds so the code inside assert statement is not executed. If the code is needed also in release builds, this is a bug." cwe="398">
<symbol>function</symbol>
</error>
<error id="assignmentInAssert" severity="warning" msg="Assert statement modifies 'var'." verbose="Variable 'var' is modified inside assert statement. Assert statements are removed from release builds so the code inside assert statement is not executed. If the code is needed also in release builds, this is a bug." cwe="398">
<symbol>var</symbol>
</error>
<error id="autoVariables" severity="error" msg="Address of local auto-variable assigned to a function parameter." verbose="Dangerous assignment - the function parameter is assigned the address of a local auto-variable. Local auto-variables are reserved from the stack which is freed when the function ends. So the pointer to a local variable is invalid after the function ends." cwe="562"/>
<error id="returnAddressOfAutoVariable" severity="error" msg="Address of an auto-variable returned." verbose="Address of an auto-variable returned." cwe="562"/>
<error id="autoVariablesAssignGlobalPointer" severity="warning" msg="Address of local array array is assigned to global pointer pointer and not reassigned before array goes out of scope." verbose="Address of local array array is assigned to global pointer pointer and not reassigned before array goes out of scope." cwe="562">
<symbol>array</symbol>
</error>
<error id="returnLocalVariable" severity="error" msg="Pointer to local array variable returned." verbose="Pointer to local array variable returned." cwe="562"/>
<error id="returnReference" severity="error" msg="Reference to local variable returned." verbose="Reference to local variable returned." cwe="562"/>
<error id="danglingReference" severity="error" msg="Non-local reference variable 'x' to local variable 'y'" verbose="Non-local reference variable 'x' to local variable 'y'" cwe="562"/>
<error id="returnTempReference" severity="error" msg="Reference to temporary returned." verbose="Reference to temporary returned." cwe="562"/>
<error id="autovarInvalidDeallocation" severity="error" msg="Deallocation of an auto-variable results in undefined behaviour." verbose="The deallocation of an auto-variable results in undefined behaviour. You should only free memory that has been allocated dynamically." cwe="590"/>
<error id="returnAddressOfFunctionParameter" severity="error" msg="Address of function parameter 'parameter' returned." verbose="Address of the function parameter 'parameter' becomes invalid after the function exits because function parameters are stored on the stack which is freed when the function exits. Thus the returned value is invalid." cwe="562">
<symbol>parameter</symbol>
</error>
<error id="uselessAssignmentArg" severity="style" msg="Assignment of function parameter has no effect outside the function." verbose="Assignment of function parameter has no effect outside the function." cwe="398"/>
<error id="uselessAssignmentPtrArg" severity="warning" msg="Assignment of function parameter has no effect outside the function. Did you forget dereferencing it?" verbose="Assignment of function parameter has no effect outside the function. Did you forget dereferencing it?" cwe="398"/>
<error id="returnDanglingLifetime" severity="error" msg="Returning object that will be invalid when returning." verbose="Returning object that will be invalid when returning." cwe="562"/>
<error id="invalidLifetime" severity="error" msg="Using object that is out of scope." verbose="Using object that is out of scope." cwe="562"/>
<error id="danglingLifetime" severity="error" msg="Non-local variable 'x' will use object." verbose="Non-local variable 'x' will use object." cwe="562"/>
<error id="assignBoolToPointer" severity="error" msg="Boolean value assigned to pointer." verbose="Boolean value assigned to pointer." cwe="587"/>
<error id="assignBoolToFloat" severity="style" msg="Boolean value assigned to floating point variable." verbose="Boolean value assigned to floating point variable." cwe="704"/>
<error id="comparisonOfFuncReturningBoolError" severity="style" msg="Comparison of a function returning boolean value using relational (<, >, <= or >=) operator." verbose="The return type of function 'func_name' is 'bool' and result is of type 'bool'. Comparing 'bool' value using relational (<, >, <= or >=) operator could cause unexpected results." cwe="398"/>
<error id="comparisonOfTwoFuncsReturningBoolError" severity="style" msg="Comparison of two functions returning boolean value using relational (<, >, <= or >=) operator." verbose="The return type of function 'func_name1' and function 'func_name2' is 'bool' and result is of type 'bool'. Comparing 'bool' value using relational (<, >, <= or >=) operator could cause unexpected results." cwe="398"/>
<error id="comparisonOfBoolWithBoolError" severity="style" msg="Comparison of a variable having boolean value using relational (<, >, <= or >=) operator." verbose="The variable 'var_name' is of type 'bool' and comparing 'bool' value using relational (<, >, <= or >=) operator could cause unexpected results." cwe="398"/>
<error id="incrementboolean" severity="style" msg="Incrementing a variable of type 'bool' with postfix operator++ is deprecated by the C++ Standard. You should assign it the value 'true' instead." verbose="The operand of a postfix increment operator may be of type bool but it is deprecated by C++ Standard (Annex D-1) and the operand is always set to true. You should assign it the value 'true' instead." cwe="398"/>
<error id="bitwiseOnBoolean" severity="style" msg="Boolean variable 'varname' is used in bitwise operation. Did you mean '&&'?" verbose="Boolean variable 'varname' is used in bitwise operation. Did you mean '&&'?" cwe="398" inconclusive="true"/>
<error id="compareBoolExpressionWithInt" severity="warning" msg="Comparison of a boolean expression with an integer other than 0 or 1." verbose="Comparison of a boolean expression with an integer other than 0 or 1." cwe="398"/>
<error id="pointerArithBool" severity="error" msg="Converting pointer arithmetic result to bool. The bool is always true unless there is undefined behaviour." verbose="Converting pointer arithmetic result to bool. The boolean result is always true unless there is pointer arithmetic overflow, and overflow is undefined behaviour. Probably a dereference is forgotten." cwe="571"/>
<error id="comparisonOfBoolWithInvalidComparator" severity="warning" msg="Comparison of a boolean value using relational operator (<, >, <= or >=)." verbose="The result of the expression 'expression' is of type 'bool'. Comparing 'bool' value using relational (<, >, <= or >=) operator could cause unexpected results."/>
<error id="returnNonBoolInBooleanFunction" severity="style" msg="Non-boolean value returned from function returning bool" verbose="Non-boolean value returned from function returning bool"/>
<error id="boostForeachError" severity="error" msg="BOOST_FOREACH caches the end() iterator. It's undefined behavior if you modify the container inside." verbose="BOOST_FOREACH caches the end() iterator. It's undefined behavior if you modify the container inside." cwe="664"/>
<error id="arrayIndexOutOfBounds" severity="error" msg="Array 'array[2]' index array[1][1] out of bounds." verbose="Array 'array[2]' index array[1][1] out of bounds." cwe="788">
<symbol>array</symbol>
</error>
<error id="bufferAccessOutOfBounds" severity="error" msg="Buffer is accessed out of bounds: buffer" verbose="Buffer is accessed out of bounds: buffer" cwe="788">
<symbol>buffer</symbol>
</error>
<error id="strncatUsage" severity="warning" msg="Dangerous usage of strncat - 3rd parameter is the maximum number of characters to append." verbose="At most, strncat appends the 3rd parameter's amount of characters and adds a terminating null byte.\012The safe way to use strncat is to subtract one from the remaining space in the buffer and use it as 3rd parameter.Source: http://www.cplusplus.com/reference/cstring/strncat/\012Source: http://www.opensource.apple.com/source/Libc/Libc-167/gen.subproj/i386.subproj/strncat.c" cwe="119"/>
<error id="outOfBounds" severity="error" msg="index is out of bounds: Supplied size 2 is larger than actual size 1." verbose="index is out of bounds: Supplied size 2 is larger than actual size 1." cwe="788"/>
<error id="sizeArgumentAsChar" severity="warning" msg="The size argument is given as a char constant." verbose="The size argument is given as a char constant." cwe="682"/>
<error id="terminateStrncpy" severity="warning" msg="The buffer 'buffer' may not be null-terminated after the call to strncpy()." verbose="The buffer 'buffer' may not be null-terminated after the call to strncpy(). If the source string's size fits or exceeds the given size, strncpy() does not add a zero at the end of the buffer. This causes bugs later in the code if the code assumes buffer is null-terminated." cwe="170" inconclusive="true">
<symbol>buffer</symbol>
</error>
<error id="bufferNotZeroTerminated" severity="warning" msg="The buffer 'buffer' is not null-terminated after the call to strncpy()." verbose="The buffer 'buffer' is not null-terminated after the call to strncpy(). This will cause bugs later in the code if the code assumes the buffer is null-terminated." cwe="170" inconclusive="true">
<symbol>buffer</symbol>
<symbol>strncpy</symbol>
</error>
<error id="negativeIndex" severity="error" msg="Array index -1 is out of bounds." verbose="Array index -1 is out of bounds." cwe="786"/>
<error id="insecureCmdLineArgs" severity="error" msg="Buffer overrun possible for long command line arguments." verbose="Buffer overrun possible for long command line arguments." cwe="119"/>
<error id="pointerOutOfBounds" severity="portability" msg="Undefined behaviour, pointer arithmetic '' is out of bounds." verbose="Undefined behaviour, pointer arithmetic '' is out of bounds. From chapter 6.5.6 in the C specification:\012"When an expression that has integer type is added to or subtracted from a pointer, .." and then "If both the pointer operand and the result point to elements of the same array object, or one past the last element of the array object, the evaluation shall not produce an overflow; otherwise, the behavior is undefined."" cwe="398"/>
<error id="arrayIndexThenCheck" severity="style" msg="Array index 'index' is used before limits check." verbose="Defensive programming: The variable 'index' is used as an array index before it is checked that is within limits. This can mean that the array might be accessed out of bounds. Reorder conditions such as '(a[i] && i < 10)' to '(i < 10 && a[i])'. That way the array will not be accessed if the index is out of limits." cwe="398">
<symbol>index</symbol>
</error>
<error id="possibleBufferAccessOutOfBounds" severity="warning" msg="Possible buffer overflow if strlen(source) is larger than or equal to sizeof(destination)." verbose="Possible buffer overflow if strlen(source) is larger than or equal to sizeof(destination). The source buffer is larger than the destination buffer so there is the potential for overflowing the destination buffer." cwe="398"/>
<error id="argumentSize" severity="warning" msg="The array 'array' is too small, the function 'function' expects a bigger one." verbose="The array 'array' is too small, the function 'function' expects a bigger one." cwe="398">
<symbol>function</symbol>
<symbol>array</symbol>
</error>
<error id="negativeMemoryAllocationSize" severity="error" msg="Memory allocation size is negative." verbose="Memory allocation size is negative.Negative allocation size has no specified behaviour." cwe="131"/>
<error id="negativeArraySize" severity="error" msg="Declaration of array '' with negative size is undefined behaviour" verbose="Declaration of array '' with negative size is undefined behaviour" cwe="758"/>
<error id="arrayIndexOutOfBoundsCond" severity="warning" msg="Array 'x[10]' accessed at index 20, which is out of bounds. Otherwise condition 'y==20' is redundant." verbose="Array 'x[10]' accessed at index 20, which is out of bounds. Otherwise condition 'y==20' is redundant." cwe="119"/>
<error id="invalidFunctionArg" severity="error" msg="Invalid func_name() argument nr 1. The value is 0 or 1 (boolean) but the valid values are '1:4'." verbose="Invalid func_name() argument nr 1. The value is 0 or 1 (boolean) but the valid values are '1:4'." cwe="628">
<symbol>func_name</symbol>
</error>
<error id="invalidFunctionArgBool" severity="error" msg="Invalid func_name() argument nr 1. A non-boolean value is required." verbose="Invalid func_name() argument nr 1. A non-boolean value is required." cwe="628">
<symbol>func_name</symbol>
</error>
<error id="invalidFunctionArgStr" severity="error" msg="Invalid func_name() argument nr 1. A nul-terminated string is required." verbose="Invalid func_name() argument nr 1. A nul-terminated string is required." cwe="628">
<symbol>func_name</symbol>
</error>
<error id="ignoredReturnValue" severity="warning" msg="Return value of function malloc() is not used." verbose="Return value of function malloc() is not used." cwe="252">
<symbol>malloc</symbol>
</error>
<error id="wrongmathcall" severity="warning" msg="Passing value '#' to #() leads to implementation-defined result." verbose="Passing value '#' to #() leads to implementation-defined result." cwe="758"/>
<error id="unpreciseMathCall" severity="style" msg="Expression '1 - erf(x)' can be replaced by 'erfc(x)' to avoid loss of precision." verbose="Expression '1 - erf(x)' can be replaced by 'erfc(x)' to avoid loss of precision." cwe="758"/>
<error id="memsetZeroBytes" severity="warning" msg="memset() called to fill 0 bytes." verbose="memset() called to fill 0 bytes. The second and third arguments might be inverted. The function memset ( void * ptr, int value, size_t num ) sets the first num bytes of the block of memory pointed by ptr to the specified value." cwe="687"/>
<error id="memsetFloat" severity="portability" msg="The 2nd memset() argument 'varname' is a float, its representation is implementation defined." verbose="The 2nd memset() argument 'varname' is a float, its representation is implementation defined. memset() is used to set each byte of a block of memory to a specific value and the actual representation of a floating-point value is implementation defined." cwe="688"/>
<error id="memsetValueOutOfRange" severity="warning" msg="The 2nd memset() argument 'varname' doesn't fit into an 'unsigned char'." verbose="The 2nd memset() argument 'varname' doesn't fit into an 'unsigned char'. The 2nd parameter is passed as an 'int', but the function fills the block of memory using the 'unsigned char' conversion of this value." cwe="686"/>
<error id="noConstructor" severity="style" msg="The class 'classname' does not have a constructor although it has private member variables." verbose="The class 'classname' does not have a constructor although it has private member variables. Member variables of builtin types are left uninitialized when the class is instantiated. That may cause bugs or undefined behavior." cwe="398">
<symbol>classname</symbol>
</error>
<error id="noExplicitConstructor" severity="style" msg="Class 'classname' has a constructor with 1 argument that is not explicit." verbose="Class 'classname' has a constructor with 1 argument that is not explicit. Such constructors should in general be explicit for type safety reasons. Using the explicit keyword in the constructor means some mistakes when using the class can be avoided." cwe="398">
<symbol>classname</symbol>
</error>
<error id="copyCtorPointerCopying" severity="style" msg="Value of pointer 'var', which points to allocated memory, is copied in copy constructor instead of allocating new memory." verbose="Value of pointer 'var', which points to allocated memory, is copied in copy constructor instead of allocating new memory." cwe="398">
<symbol>var</symbol>
</error>
<error id="noCopyConstructor" severity="style" msg="Class 'class' does not have a copy constructor which is recommended since it has dynamic memory/resource allocation(s)." verbose="Class 'class' does not have a copy constructor which is recommended since it has dynamic memory/resource allocation(s)." cwe="398">
<symbol>class</symbol>
</error>
<error id="noOperatorEq" severity="style" msg="Class 'class' does not have a operator= which is recommended since it has dynamic memory/resource allocation(s)." verbose="Class 'class' does not have a operator= which is recommended since it has dynamic memory/resource allocation(s)." cwe="398">
<symbol>class</symbol>
</error>
<error id="noDestructor" severity="style" msg="Class 'class' does not have a destructor which is recommended since it has dynamic memory/resource allocation(s)." verbose="Class 'class' does not have a destructor which is recommended since it has dynamic memory/resource allocation(s)." cwe="398">
<symbol>class</symbol>
</error>
<error id="uninitMemberVar" severity="warning" msg="Member variable 'classname::varname' is not initialized in the constructor." verbose="Member variable 'classname::varname' is not initialized in the constructor." cwe="398">
<symbol>classname::varname</symbol>
</error>
<error id="operatorEqVarError" severity="warning" msg="Member variable 'classname::' is not assigned a value in 'classname::operator='." verbose="Member variable 'classname::' is not assigned a value in 'classname::operator='." cwe="398">
<symbol>classname::</symbol>
</error>
<error id="unusedPrivateFunction" severity="style" msg="Unused private function: 'classname::funcname'" verbose="Unused private function: 'classname::funcname'" cwe="398">
<symbol>classname::funcname</symbol>
</error>
<error id="memsetClass" severity="error" msg="Using 'memfunc' on class that contains a classname." verbose="Using 'memfunc' on class that contains a classname is unsafe, because constructor, destructor and copy operator calls are omitted. These are necessary for this non-POD type to ensure that a valid object is created." cwe="762">
<symbol>memfunc</symbol>
<symbol>classname</symbol>
</error>
<error id="memsetClassReference" severity="error" msg="Using 'memfunc' on class that contains a reference." verbose="Using 'memfunc' on class that contains a reference." cwe="665">
<symbol>memfunc</symbol>
</error>
<error id="memsetClassFloat" severity="portability" msg="Using memset() on class which contains a floating point number." verbose="Using memset() on class which contains a floating point number. This is not portable because memset() sets each byte of a block of memory to a specific value and the actual representation of a floating-point value is implementation defined. Note: In case of an IEEE754-1985 compatible implementation setting all bits to zero results in the value 0.0." cwe="758"/>
<error id="mallocOnClassWarning" severity="warning" msg="Memory for class instance allocated with malloc(), but class provides constructors." verbose="Memory for class instance allocated with malloc(), but class provides constructors. This is unsafe, since no constructor is called and class members remain uninitialized. Consider using 'new' instead." cwe="762">
<symbol>malloc</symbol>
</error>
<error id="mallocOnClassError" severity="error" msg="Memory for class instance allocated with malloc(), but class contains a std::string." verbose="Memory for class instance allocated with malloc(), but class a std::string. This is unsafe, since no constructor is called and class members remain uninitialized. Consider using 'new' instead." cwe="665">
<symbol>malloc</symbol>
<symbol>std::string</symbol>
</error>
<error id="operatorEq" severity="style" msg="'class::operator=' should return 'class &'." verbose="The class::operator= does not conform to standard C/C++ behaviour. To conform to standard C/C++ behaviour, return a reference to self (such as: 'class &class::operator=(..) { .. return *this; }'. For safety reasons it might be better to not fix this message. If you think that safety is always more important than conformance then please ignore/suppress this message. For more details about this topic, see the book "Effective C++" by Scott Meyers." cwe="398">
<symbol>class</symbol>
</error>
<error id="virtualDestructor" severity="error" msg="Class 'Base' which is inherited by class 'Derived' does not have a virtual destructor." verbose="Class 'Base' which is inherited by class 'Derived' does not have a virtual destructor. If you destroy instances of the derived class by deleting a pointer that points to the base class, only the destructor of the base class is executed. Thus, dynamic memory that is managed by the derived class could leak. This can be avoided by adding a virtual destructor to the base class." cwe="404">
<symbol>Base</symbol>
<symbol>Derived</symbol>
</error>
<error id="thisSubtraction" severity="warning" msg="Suspicious pointer subtraction. Did you intend to write '->'?" verbose="Suspicious pointer subtraction. Did you intend to write '->'?" cwe="398"/>
<error id="operatorEqRetRefThis" severity="style" msg="'operator=' should return reference to 'this' instance." verbose="'operator=' should return reference to 'this' instance." cwe="398"/>
<error id="operatorEqMissingReturnStatement" severity="error" msg="No 'return' statement in non-void function causes undefined behavior." verbose="No 'return' statement in non-void function causes undefined behavior." cwe="398"/>
<error id="operatorEqShouldBeLeftUnimplemented" severity="style" msg="'operator=' should either return reference to 'this' instance or be declared private and left unimplemented." verbose="'operator=' should either return reference to 'this' instance or be declared private and left unimplemented." cwe="398"/>
<error id="operatorEqToSelf" severity="warning" msg="'operator=' should check for assignment to self to avoid problems with dynamic memory." verbose="'operator=' should check for assignment to self to ensure that each block of dynamically allocated memory is owned and managed by only one instance of the class." cwe="398"/>
<error id="functionConst" severity="style" msg="Technically the member function 'class::function' can be const." verbose="The member function 'class::function' can be made a const function. Making this function 'const' should not cause compiler errors. Even though the function can be made const function technically it may not make sense conceptually. Think about your design and the task of the function first - is it a function that must not change object internal state?" cwe="398" inconclusive="true">
<symbol>class::function</symbol>
</error>
<error id="functionStatic" severity="performance" msg="Technically the member function 'class::function' can be static (but you may consider moving to unnamed namespace)." verbose="The member function 'class::function' can be made a static function. Making a function static can bring a performance benefit since no 'this' instance is passed to the function. This change should not cause compiler errors but it does not necessarily make sense conceptually. Think about your design and the task of the function first - is it a function that must not access members of class instances? And maybe it is more appropriate to move this function to a unnamed namespace." cwe="398" inconclusive="true">
<symbol>class::function</symbol>
</error>
<error id="initializerList" severity="style" msg="Member variable 'class::variable' is in the wrong place in the initializer list." verbose="Member variable 'class::variable' is in the wrong place in the initializer list. Members are initialized in the order they are declared, not in the order they are in the initializer list. Keeping the initializer list in the same order that the members were declared prevents order dependent initialization errors." cwe="398" inconclusive="true">
<symbol>class::variable</symbol>
</error>
<error id="useInitializationList" severity="performance" msg="Variable 'variable' is assigned in constructor body. Consider performing initialization in initialization list." verbose="When an object of a class is created, the constructors of all member variables are called consecutively in the order the variables are declared, even if you don't explicitly write them to the initialization list. You could avoid assigning 'variable' a value by passing the value to the constructor in the initialization list." cwe="398">
<symbol>variable</symbol>
</error>
<error id="selfInitialization" severity="error" msg="Member variable 'var' is initialized by itself." verbose="Member variable 'var' is initialized by itself." cwe="665">
<symbol>var</symbol>
</error>
<error id="duplInheritedMember" severity="warning" msg="The class 'class' defines member variable with name 'variable' also defined in its parent class 'class'." verbose="The class 'class' defines member variable with name 'variable' also defined in its parent class 'class'." cwe="398">
<symbol>class</symbol>
<symbol>variable</symbol>
<symbol>class</symbol>
</error>
<error id="copyCtorAndEqOperator" severity="warning" msg="The class 'class' has 'operator=' but lack of 'copy constructor'." verbose="The class 'class' has 'operator=' but lack of 'copy constructor'.">
<symbol>class</symbol>
</error>
<error id="unsafeClassDivZero" severity="style" msg="Public interface of Class is not safe. When calling Class::dostuff(), if parameter x is 0 that leads to division by zero." verbose="Public interface of Class is not safe. When calling Class::dostuff(), if parameter x is 0 that leads to division by zero.">
<symbol>Class</symbol>
<symbol>dostuff</symbol>
<symbol>x</symbol>
</error>
<error id="pureVirtualCall" severity="warning" msg="Call of pure virtual function 'f' in constructor." verbose="Call of pure virtual function 'f' in constructor. The call will fail during runtime.">
<symbol>f</symbol>
</error>
<error id="virtualCallInConstructor" severity="warning" msg="Virtual function 'f' is called from constructor '' at line 1. Dynamic binding is not used." verbose="Virtual function 'f' is called from constructor '' at line 1. Dynamic binding is not used."/>
<error id="missingOverride" severity="style" msg="The function '' overrides a function in a base class but is not marked with a 'override' specifier." verbose="The function '' overrides a function in a base class but is not marked with a 'override' specifier.">
<symbol></symbol>
</error>
<error id="assignIfError" severity="style" msg="Mismatching assignment and comparison, comparison '' is always false." verbose="Mismatching assignment and comparison, comparison '' is always false." cwe="398"/>
<error id="badBitmaskCheck" severity="warning" msg="Result of operator '|' is always true if one operand is non-zero. Did you intend to use '&'?" verbose="Result of operator '|' is always true if one operand is non-zero. Did you intend to use '&'?" cwe="571"/>
<error id="comparisonError" severity="style" msg="Expression '(X & 0x6) == 0x1' is always false." verbose="The expression '(X & 0x6) == 0x1' is always false. Check carefully constants and operators used, these errors might be hard to spot sometimes. In case of complex expression it might help to split it to separate expressions." cwe="398"/>
<error id="duplicateCondition" severity="style" msg="The if condition is the same as the previous if condition" verbose="The if condition is the same as the previous if condition" cwe="398"/>
<error id="multiCondition" severity="style" msg="Expression is always false because 'else if' condition matches previous condition at line 1." verbose="Expression is always false because 'else if' condition matches previous condition at line 1." cwe="398"/>
<error id="mismatchingBitAnd" severity="style" msg="Mismatching bitmasks. Result is always 0 (X = Y & 0xf0; Z = X & 0x1; => Z=0)." verbose="Mismatching bitmasks. Result is always 0 (X = Y & 0xf0; Z = X & 0x1; => Z=0)." cwe="398"/>
<error id="oppositeInnerCondition" severity="warning" msg="Opposite inner 'if' condition leads to a dead code block." verbose="Opposite inner 'if' condition leads to a dead code block (outer condition is 'x' and inner condition is '!x')." cwe="398"/>
<error id="identicalInnerCondition" severity="warning" msg="Identical inner 'if' condition is always true." verbose="Identical inner 'if' condition is always true (outer condition is 'x' and inner condition is 'x')." cwe="398"/>
<error id="identicalConditionAfterEarlyExit" severity="warning" msg="Identical condition 'x', second condition is always false" verbose="Identical condition 'x', second condition is always false" cwe="398"/>
<error id="incorrectLogicOperator" severity="warning" msg="Logical disjunction always evaluates to true: foo > 3 && foo < 4." verbose="Logical disjunction always evaluates to true: foo > 3 && foo < 4. Are these conditions necessary? Did you intend to use && instead? Are the numbers correct? Are you comparing the correct variables?" cwe="571"/>
<error id="redundantCondition" severity="style" msg="Redundant condition: If x > 11 the condition x > 10 is always true." verbose="Redundant condition: If x > 11 the condition x > 10 is always true." cwe="398"/>
<error id="moduloAlwaysTrueFalse" severity="warning" msg="Comparison of modulo result is predetermined, because it is always less than 1." verbose="Comparison of modulo result is predetermined, because it is always less than 1." cwe="398"/>
<error id="clarifyCondition" severity="style" msg="Suspicious condition (assignment + comparison); Clarify expression with parentheses." verbose="Suspicious condition (assignment + comparison); Clarify expression with parentheses." cwe="398"/>
<error id="knownConditionTrueFalse" severity="style" msg="Condition 'x' is always false" verbose="Condition 'x' is always false" cwe="570"/>
<error id="invalidTestForOverflow" severity="warning" msg="Invalid test for overflow 'x + u < x'. Condition is always false unless there is overflow, and overflow is undefined behaviour." verbose="Invalid test for overflow 'x + u < x'. Condition is always false unless there is overflow, and overflow is undefined behaviour." cwe="570"/>
<error id="pointerAdditionResultNotNull" severity="warning" msg="Comparison is wrong. Result of 'ptr+1' can't be 0 unless there is pointer overflow, and pointer overflow is undefined behaviour." verbose="Comparison is wrong. Result of 'ptr+1' can't be 0 unless there is pointer overflow, and pointer overflow is undefined behaviour."/>
<error id="exceptThrowInDestructor" severity="warning" msg="Class Class is not safe, destructor throws exception" verbose="The class Class is not safe because its destructor throws an exception. If Class is used and an exception is thrown that is caught in an outer scope the program will terminate." cwe="398"/>
<error id="exceptDeallocThrow" severity="warning" msg="Exception thrown in invalid state, 'p' points at deallocated memory." verbose="Exception thrown in invalid state, 'p' points at deallocated memory." cwe="398"/>
<error id="exceptRethrowCopy" severity="style" msg="Throwing a copy of the caught exception instead of rethrowing the original exception." verbose="Rethrowing an exception with 'throw varname;' creates an unnecessary copy of 'varname'. To rethrow the caught exception without unnecessary copying or slicing, use a bare 'throw;'." cwe="398"/>
<error id="catchExceptionByValue" severity="style" msg="Exception should be caught by reference." verbose="The exception is caught by value. It could be caught as a (const) reference which is usually recommended in C++." cwe="398"/>
<error id="throwInNoexceptFunction" severity="error" msg="Exception thrown in function declared not to throw exceptions." verbose="Exception thrown in function declared not to throw exceptions." cwe="398"/>
<error id="unhandledExceptionSpecification" severity="style" msg="Unhandled exception specification when calling function foo()." verbose="Unhandled exception specification when calling function foo(). Either use a try/catch around the function call, or add a exception specification for funcname() also." cwe="703" inconclusive="true"/>
<error id="coutCerrMisusage" severity="error" msg="Invalid usage of output stream: '<< std::cout'." verbose="Invalid usage of output stream: '<< std::cout'." cwe="398"/>
<error id="fflushOnInputStream" severity="portability" msg="fflush() called on input stream 'stdin' may result in undefined behaviour on non-linux systems." verbose="fflush() called on input stream 'stdin' may result in undefined behaviour on non-linux systems." cwe="398"/>
<error id="IOWithoutPositioning" severity="error" msg="Read and write operations without a call to a positioning function (fseek, fsetpos or rewind) or fflush in between result in undefined behaviour." verbose="Read and write operations without a call to a positioning function (fseek, fsetpos or rewind) or fflush in between result in undefined behaviour." cwe="664"/>
<error id="readWriteOnlyFile" severity="error" msg="Read operation on a file that was opened only for writing." verbose="Read operation on a file that was opened only for writing." cwe="664"/>
<error id="writeReadOnlyFile" severity="error" msg="Write operation on a file that was opened only for reading." verbose="Write operation on a file that was opened only for reading." cwe="664"/>
<error id="useClosedFile" severity="error" msg="Used file that is not opened." verbose="Used file that is not opened." cwe="910"/>
<error id="seekOnAppendedFile" severity="warning" msg="Repositioning operation performed on a file opened in append mode has no effect." verbose="Repositioning operation performed on a file opened in append mode has no effect." cwe="398"/>
<error id="invalidscanf" severity="warning" msg="scanf() without field width limits can crash with huge input data." verbose="scanf() without field width limits can crash with huge input data. Add a field width specifier to fix this problem.\012\012Sample program that can crash:\012\012#include <stdio.h>\012int main()\012{\012 char c[5];\012 scanf("%s", c);\012 return 0;\012}\012\012Typing in 5 or more characters may make the program crash. The correct usage here is 'scanf("%4s", c);', as the maximum field width does not include the terminating null byte.\012Source: http://linux.die.net/man/3/scanf\012Source: http://www.opensource.apple.com/source/xnu/xnu-1456.1.26/libkern/stdio/scanf.c" cwe="119"/>
<error id="wrongPrintfScanfArgNum" severity="error" msg="printf format string requires 3 parameters but only 2 are given." verbose="printf format string requires 3 parameters but only 2 are given." cwe="685"/>
<error id="invalidScanfArgType_s" severity="warning" msg="%s in format string (no. 1) requires a 'char *' but the argument type is Unknown." verbose="%s in format string (no. 1) requires a 'char *' but the argument type is Unknown." cwe="686"/>
<error id="invalidScanfArgType_int" severity="warning" msg="%d in format string (no. 1) requires 'int *' but the argument type is Unknown." verbose="%d in format string (no. 1) requires 'int *' but the argument type is Unknown." cwe="686"/>
<error id="invalidScanfArgType_float" severity="warning" msg="%f in format string (no. 1) requires 'float *' but the argument type is Unknown." verbose="%f in format string (no. 1) requires 'float *' but the argument type is Unknown." cwe="686"/>
<error id="invalidPrintfArgType_s" severity="warning" msg="%s in format string (no. 1) requires 'char *' but the argument type is Unknown." verbose="%s in format string (no. 1) requires 'char *' but the argument type is Unknown." cwe="686"/>
<error id="invalidPrintfArgType_n" severity="warning" msg="%n in format string (no. 1) requires 'int *' but the argument type is Unknown." verbose="%n in format string (no. 1) requires 'int *' but the argument type is Unknown." cwe="686"/>
<error id="invalidPrintfArgType_p" severity="warning" msg="%p in format string (no. 1) requires an address but the argument type is Unknown." verbose="%p in format string (no. 1) requires an address but the argument type is Unknown." cwe="686"/>
<error id="invalidPrintfArgType_uint" severity="warning" msg="%u in format string (no. 1) requires 'unsigned int' but the argument type is Unknown." verbose="%u in format string (no. 1) requires 'unsigned int' but the argument type is Unknown." cwe="686"/>
<error id="invalidPrintfArgType_sint" severity="warning" msg="%i in format string (no. 1) requires 'int' but the argument type is Unknown." verbose="%i in format string (no. 1) requires 'int' but the argument type is Unknown." cwe="686"/>
<error id="invalidPrintfArgType_float" severity="warning" msg="%f in format string (no. 1) requires 'double' but the argument type is Unknown." verbose="%f in format string (no. 1) requires 'double' but the argument type is Unknown." cwe="686"/>
<error id="invalidLengthModifierError" severity="warning" msg="'I' in format string (no. 1) is a length modifier and cannot be used without a conversion specifier." verbose="'I' in format string (no. 1) is a length modifier and cannot be used without a conversion specifier." cwe="704"/>
<error id="invalidScanfFormatWidth" severity="error" msg="Width 5 given in format string (no. 10) is larger than destination buffer '[0]', use %-1s to prevent overflowing it." verbose="Width 5 given in format string (no. 10) is larger than destination buffer '[0]', use %-1s to prevent overflowing it." cwe="687"/>
<error id="invalidScanfFormatWidth_smaller" severity="warning" msg="Width -1 given in format string (no. 99) is smaller than destination buffer '[0]'." verbose="Width -1 given in format string (no. 99) is smaller than destination buffer '[0]'." inconclusive="true"/>
<error id="wrongPrintfScanfParameterPositionError" severity="warning" msg="printf: referencing parameter 2 while 1 arguments given" verbose="printf: referencing parameter 2 while 1 arguments given" cwe="685"/>
<error id="deallocret" severity="error" msg="Returning/dereferencing 'p' after it is deallocated / released" verbose="Returning/dereferencing 'p' after it is deallocated / released" cwe="672">
<symbol>p</symbol>
</error>
<error id="doubleFree" severity="error" msg="Memory pointed to by 'varname' is freed twice." verbose="Memory pointed to by 'varname' is freed twice." cwe="415">
<symbol>varname</symbol>
</error>
<error id="leakNoVarFunctionCall" severity="error" msg="Allocation with funcName, funcName doesn't release it." verbose="Allocation with funcName, funcName doesn't release it." cwe="772"/>
<error id="leakReturnValNotUsed" severity="error" msg="Return value of allocation function 'funcName' is not stored." verbose="Return value of allocation function 'funcName' is not stored." cwe="771">
<symbol>funcName</symbol>
</error>
<error id="leakUnsafeArgAlloc" severity="warning" msg="Unsafe allocation. If funcName() throws, memory could be leaked. Use make_shared<int>() instead." verbose="Unsafe allocation. If funcName() throws, memory could be leaked. Use make_shared<int>() instead." cwe="401" inconclusive="true">
<symbol>funcName</symbol>
</error>
<error id="publicAllocationError" severity="warning" msg="Possible leak in public function. The pointer 'varname' is not deallocated before it is allocated." verbose="Possible leak in public function. The pointer 'varname' is not deallocated before it is allocated." cwe="398">
<symbol>varname</symbol>
</error>
<error id="unsafeClassCanLeak" severity="style" msg="Class 'class' is unsafe, 'class::varname' can leak by wrong usage." verbose="The class 'class' is unsafe, wrong usage can cause memory/resource leaks for 'class::varname'. This can for instance be fixed by adding proper cleanup in the destructor." cwe="398">
<symbol>class</symbol>
<symbol>class::varname</symbol>
</error>
<error id="memleak" severity="error" msg="Memory leak: varname" verbose="Memory leak: varname" cwe="401">
<symbol>varname</symbol>
</error>
<error id="resourceLeak" severity="error" msg="Resource leak: varname" verbose="Resource leak: varname" cwe="775">
<symbol>varname</symbol>
</error>
<error id="deallocDealloc" severity="error" msg="Deallocating a deallocated pointer: varname" verbose="Deallocating a deallocated pointer: varname" cwe="415">
<symbol>varname</symbol>
</error>
<error id="deallocuse" severity="error" msg="Dereferencing 'varname' after it is deallocated / released" verbose="Dereferencing 'varname' after it is deallocated / released" cwe="416">
<symbol>varname</symbol>
</error>
<error id="mismatchSize" severity="error" msg="The allocated size sz is not a multiple of the underlying type's size." verbose="The allocated size sz is not a multiple of the underlying type's size." cwe="131"/>
<error id="mismatchAllocDealloc" severity="error" msg="Mismatching allocation and deallocation: varname" verbose="Mismatching allocation and deallocation: varname" cwe="762">
<symbol>varname</symbol>
</error>
<error id="memleakOnRealloc" severity="error" msg="Common realloc mistake: 'varname' nulled but not freed upon failure" verbose="Common realloc mistake: 'varname' nulled but not freed upon failure" cwe="401">
<symbol>varname</symbol>
</error>
<error id="nullPointer" severity="error" msg="Null pointer dereference" verbose="Null pointer dereference" cwe="476"/>
<error id="nullPointerDefaultArg" severity="warning" msg="Possible null pointer dereference if the default parameter value is used: pointer" verbose="Possible null pointer dereference if the default parameter value is used: pointer" cwe="476">
<symbol>pointer</symbol>
</error>
<error id="nullPointerRedundantCheck" severity="warning" msg="Either the condition is redundant or there is possible null pointer dereference: pointer." verbose="Either the condition is redundant or there is possible null pointer dereference: pointer." cwe="476">
<symbol>pointer</symbol>
</error>
<error id="nullPointerArithmetic" severity="error" msg="Pointer arithmetic with NULL pointer." verbose="Pointer arithmetic with NULL pointer." cwe="682"/>
<error id="nullPointerArithmeticRedundantCheck" severity="warning" msg="Either the condition is redundant or there is pointer arithmetic with NULL pointer." verbose="Either the condition is redundant or there is pointer arithmetic with NULL pointer." cwe="682"/>
<error id="zerodiv" severity="error" msg="Division by zero." verbose="Division by zero." cwe="369"/>
<error id="zerodivcond" severity="error" msg="Either the condition is redundant or there is division by zero." verbose="Either the condition is redundant or there is division by zero." cwe="369"/>
<error id="unusedScopedObject" severity="style" msg="Instance of 'varname' object is destroyed immediately." verbose="Instance of 'varname' object is destroyed immediately." cwe="563">
<symbol>varname</symbol>
</error>
<error id="invalidPointerCast" severity="portability" msg="Casting between float* and double* which have an incompatible binary data representation." verbose="Casting between float* and double* which have an incompatible binary data representation." cwe="704"/>
<error id="shiftNegativeLHS" severity="portability" msg="Shifting a negative value is technically undefined behaviour" verbose="Shifting a negative value is technically undefined behaviour" cwe="758"/>
<error id="shiftNegative" severity="error" msg="Shifting by a negative value is undefined behaviour" verbose="Shifting by a negative value is undefined behaviour" cwe="758"/>
<error id="wrongPipeParameterSize" severity="error" msg="Buffer 'varname' must have size of 2 integers if used as parameter of pipe()." verbose="The pipe()/pipe2() system command takes an argument, which is an array of exactly two integers.\012The variable 'varname' is an array of size dimension, which does not match." cwe="686">
<symbol>varname</symbol>
</error>
<error id="raceAfterInterlockedDecrement" severity="error" msg="Race condition: non-interlocked access after InterlockedDecrement(). Use InterlockedDecrement() return value instead." verbose="Race condition: non-interlocked access after InterlockedDecrement(). Use InterlockedDecrement() return value instead." cwe="362"/>
<error id="invalidFree" severity="error" msg="Invalid memory address freed." verbose="Invalid memory address freed."/>
<error id="redundantCopyLocalConst" severity="performance" msg="Use const reference for 'varname' to avoid unnecessary data copying." verbose="The const variable 'varname' is assigned a copy of the data. You can avoid the unnecessary data copying by converting 'varname' to const reference." cwe="398" inconclusive="true">
<symbol>varname</symbol>
</error>
<error id="redundantCopy" severity="performance" msg="Buffer 'var' is being written before its old content has been used." verbose="Buffer 'var' is being written before its old content has been used." cwe="563">
<symbol>var</symbol>
</error>
<error id="redundantAssignment" severity="style" msg="Variable 'var' is reassigned a value before the old one has been used." verbose="Variable 'var' is reassigned a value before the old one has been used." cwe="563">
<symbol>var</symbol>
</error>
<error id="comparisonFunctionIsAlwaysTrueOrFalse" severity="warning" msg="Comparison of two identical variables with isless(varName,varName) always evaluates to false." verbose="The function isless is designed to compare two variables. Calling this function with one variable (varName) for both parameters leads to a statement which is always false." cwe="570">
<symbol>isless</symbol>
</error>
<error id="checkCastIntToCharAndBack" severity="warning" msg="Storing func_name() return value in char variable and then comparing with EOF." verbose="When saving func_name() return value in char variable there is loss of precision. When func_name() returns EOF this value is truncated. Comparing the char variable with EOF can have unexpected results. For instance a loop "while (EOF != (c = func_name());" loops forever on some compilers/platforms and on other compilers/platforms it will stop when the file contains a matching character." cwe="197">
<symbol>func_name</symbol>
</error>
<error id="cstyleCast" severity="style" msg="C-style pointer casting" verbose="C-style pointer casting detected. C++ offers four different kinds of casts as replacements: static_cast, const_cast, dynamic_cast and reinterpret_cast. A C-style cast could evaluate to any of those automatically, thus it is considered safer if the programmer explicitly states which kind of cast is expected. See also: https://www.securecoding.cert.org/confluence/display/cplusplus/EXP05-CPP.+Do+not+use+C-style+casts." cwe="398"/>
<error id="passedByValue" severity="performance" msg="Function parameter 'parametername' should be passed by const reference." verbose="Parameter 'parametername' is passed by value. It could be passed as a const reference which is usually faster and recommended in C++." cwe="398">
<symbol>parametername</symbol>
</error>
<error id="constStatement" severity="warning" msg="Redundant code: Found a statement that begins with type constant." verbose="Redundant code: Found a statement that begins with type constant." cwe="398"/>
<error id="signedCharArrayIndex" severity="warning" msg="Signed 'char' type used as array index." verbose="Signed 'char' type used as array index. If the value can be greater than 127 there will be a buffer underflow because of sign extension." cwe="128"/>
<error id="unknownSignCharArrayIndex" severity="portability" msg="'char' type used as array index." verbose="'char' type used as array index. Values greater that 127 will be treated depending on whether 'char' is signed or unsigned on target platform." cwe="758"/>
<error id="charBitOp" severity="warning" msg="When using 'char' variables in bit operations, sign extension can generate unexpected results." verbose="When using 'char' variables in bit operations, sign extension can generate unexpected results. For example:\012 char c = 0x80;\012 int i = 0 | c;\012 if (i & 0x8000)\012 printf("not expected");\012The "not expected" will be printed on the screen." cwe="398"/>
<error id="variableScope" severity="style" msg="The scope of the variable 'varname' can be reduced." verbose="The scope of the variable 'varname' can be reduced. Warning: Be careful when fixing this message, especially when there are inner loops. Here is an example where cppcheck will write that the scope for 'i' can be reduced:\012void f(int x)\012{\012 int i = 0;\012 if (x) {\012 // it's safe to move 'int i = 0;' here\012 for (int n = 0; n < 10; ++n) {\012 // it is possible but not safe to move 'int i = 0;' here\012 do_something(&i);\012 }\012 }\012}\012When you see this message it is always safe to reduce the variable scope 1 level." cwe="398">
<symbol>varname</symbol>
</error>
<error id="redundantAssignInSwitch" severity="warning" msg="Variable 'var' is reassigned a value before the old one has been used. 'break;' missing?" verbose="Variable 'var' is reassigned a value before the old one has been used. 'break;' missing?" cwe="563">
<symbol>var</symbol>
</error>
<error id="redundantCopyInSwitch" severity="warning" msg="Buffer 'var' is being written before its old content has been used. 'break;' missing?" verbose="Buffer 'var' is being written before its old content has been used. 'break;' missing?" cwe="563">
<symbol>var</symbol>
</error>
<error id="suspiciousCase" severity="warning" msg="Found suspicious case label in switch(). Operator '||' probably doesn't work as intended." verbose="Using an operator like '||' in a case label is suspicious. Did you intend to use a bitwise operator, multiple case labels or if/else instead?" cwe="398" inconclusive="true"/>
<error id="suspiciousEqualityComparison" severity="warning" msg="Found suspicious equality comparison. Did you intend to assign a value instead?" verbose="Found suspicious equality comparison. Did you intend to assign a value instead?" cwe="482" inconclusive="true"/>
<error id="selfAssignment" severity="warning" msg="Redundant assignment of 'varname' to itself." verbose="Redundant assignment of 'varname' to itself." cwe="398">
<symbol>varname</symbol>
</error>
<error id="clarifyCalculation" severity="style" msg="Clarify calculation precedence for '+' and '?'." verbose="Suspicious calculation. Please use parentheses to clarify the code. The code ''a+b?c:d'' should be written as either ''(a+b)?c:d'' or ''a+(b?c:d)''." cwe="783"/>
<error id="clarifyStatement" severity="warning" msg="Ineffective statement similar to '*A++;'. Did you intend to write '(*A)++;'?" verbose="A statement like '*A++;' might not do what you intended. Postfix 'operator++' is executed before 'operator*'. Thus, the dereference is meaningless. Did you intend to write '(*A)++;'?" cwe="783"/>
<error id="duplicateBranch" severity="style" msg="Found duplicate branches for 'if' and 'else'." verbose="Finding the same code in an 'if' and related 'else' branch is suspicious and might indicate a cut and paste or logic error. Please examine this code carefully to determine if it is correct." cwe="398" inconclusive="true"/>
<error id="duplicateAssignExpression" severity="style" msg="Same expression used in consecutive assignments of 'x' and 'x'." verbose="Finding variables 'x' and 'x' that are assigned the same expression is suspicious and might indicate a cut and paste or logic error. Please examine this code carefully to determine if it is correct." cwe="398" inconclusive="true"/>
<error id="oppositeExpression" severity="style" msg="Opposite expression on both sides of '&&'." verbose="Finding the opposite expression on both sides of an operator is suspicious and might indicate a cut and paste or logic error. Please examine this code carefully to determine if it is correct." cwe="398"/>
<error id="duplicateExpression" severity="style" msg="Same expression on both sides of '&&'." verbose="Finding the same expression on both sides of an operator is suspicious and might indicate a cut and paste or logic error. Please examine this code carefully to determine if it is correct." cwe="398"/>
<error id="duplicateValueTernary" severity="style" msg="Same value in both branches of ternary operator." verbose="Finding the same value in both branches of ternary operator is suspicious as the same code is executed regardless of the condition." cwe="398"/>
<error id="duplicateExpressionTernary" severity="style" msg="Same expression in both branches of ternary operator." verbose="Finding the same expression in both branches of ternary operator is suspicious as the same code is executed regardless of the condition." cwe="398"/>
<error id="duplicateBreak" severity="style" msg="Consecutive return, break, continue, goto or throw statements are unnecessary." verbose="Consecutive return, break, continue, goto or throw statements are unnecessary. The second statement can never be executed, and so should be removed." cwe="561"/>
<error id="unreachableCode" severity="style" msg="Statements following return, break, continue, goto or throw will never be executed." verbose="Statements following return, break, continue, goto or throw will never be executed." cwe="561"/>
<error id="unsignedLessThanZero" severity="style" msg="Checking if unsigned expression 'varname' is less than zero." verbose="The unsigned expression 'varname' will never be negative so it is either pointless or an error to check if it is." cwe="570">
<symbol>varname</symbol>
</error>
<error id="unsignedPositive" severity="style" msg="Unsigned expression 'varname' can't be negative so it is unnecessary to test it." verbose="Unsigned expression 'varname' can't be negative so it is unnecessary to test it." cwe="570">
<symbol>varname</symbol>
</error>
<error id="pointerLessThanZero" severity="style" msg="A pointer can not be negative so it is either pointless or an error to check if it is." verbose="A pointer can not be negative so it is either pointless or an error to check if it is." cwe="570"/>
<error id="pointerPositive" severity="style" msg="A pointer can not be negative so it is either pointless or an error to check if it is not." verbose="A pointer can not be negative so it is either pointless or an error to check if it is not." cwe="570"/>
<error id="suspiciousSemicolon" severity="warning" msg="Suspicious use of ; at the end of '' statement." verbose="Suspicious use of ; at the end of '' statement." cwe="398" inconclusive="true"/>
<error id="incompleteArrayFill" severity="warning" msg="Array 'buffer' is filled incompletely. Did you forget to multiply the size given to 'memset()' with 'sizeof(*buffer)'?" verbose="The array 'buffer' is filled incompletely. The function 'memset()' needs the size given in bytes, but an element of the given array is larger than one byte. Did you forget to multiply the size with 'sizeof(*buffer)'?" cwe="131" inconclusive="true">
<symbol>buffer</symbol>
<symbol>memset</symbol>
</error>
<error id="varFuncNullUB" severity="portability" msg="Passing NULL after the last typed argument to a variadic function leads to undefined behaviour." verbose="Passing NULL after the last typed argument to a variadic function leads to undefined behaviour.\012The C99 standard, in section 7.15.1.1, states that if the type used by va_arg() is not compatible with the type of the actual next argument (as promoted according to the default argument promotions), the behavior is undefined.\012The value of the NULL macro is an implementation-defined null pointer constant (7.17), which can be any integer constant expression with the value 0, or such an expression casted to (void*) (6.3.2.3). This includes values like 0, 0L, or even 0LL.\012In practice on common architectures, this will cause real crashes if sizeof(int) != sizeof(void*), and NULL is defined to 0 or any other null pointer constant that promotes to int.\012To reproduce you might be able to use this little code example on 64bit platforms. If the output includes "ERROR", the sentinel had only 4 out of 8 bytes initialized to zero and was not detected as the final argument to stop argument processing via va_arg(). Changing the 0 to (void*)0 or 0L will make the "ERROR" output go away.\012#include <stdarg.h>\012#include <stdio.h>\012\012void f(char *s, ...) {\012 va_list ap;\012 va_start(ap,s);\012 for (;;) {\012 char *p = va_arg(ap,char*);\012 printf("%018p, %s\n", p, (long)p & 255 ? p : "");\012 if(!p) break;\012 }\012 va_end(ap);\012}\012\012void g() {\012 char *s2 = "x";\012 char *s3 = "ERROR";\012\012 // changing 0 to 0L for the 7th argument (which is intended to act as sentinel) makes the error go away on x86_64\012 f("first", s2, s2, s2, s2, s2, 0, s3, (char*)0);\012}\012\012void h() {\012 int i;\012 volatile unsigned char a[1000];\012 for (i = 0; i<sizeof(a); i++)\012 a[i] = -1;\012}\012\012int main() {\012 h();\012 g();\012 return 0;\012}" cwe="475"/>
<error id="nanInArithmeticExpression" severity="style" msg="Using NaN/Inf in a computation." verbose="Using NaN/Inf in a computation. Although nothing bad really happens, it is suspicious." cwe="369"/>
<error id="commaSeparatedReturn" severity="style" msg="Comma is used in return statement. The comma can easily be misread as a ';'." verbose="Comma is used in return statement. When comma is used in a return statement it can easily be misread as a semicolon. For example in the code below the value of 'b' is returned if the condition is true, but it is easy to think that 'a+1' is returned:\012 if (x)\012 return a + 1,\012 b++;\012However it can be useful to use comma in macros. Cppcheck does not warn when such a macro is then used in a return statement, it is less likely such code is misunderstood." cwe="398"/>
<error id="redundantPointerOp" severity="style" msg="Redundant pointer operation on 'varname' - it's already a pointer." verbose="Redundant pointer operation on 'varname' - it's already a pointer." cwe="398">
<symbol>varname</symbol>
</error>
<error id="unusedLabelSwitch" severity="warning" msg="Label '' is not used. Should this be a 'case' of the enclosing switch()?" verbose="Label '' is not used. Should this be a 'case' of the enclosing switch()?" cwe="398">
<symbol></symbol>
</error>
<error id="unusedLabel" severity="style" msg="Label '' is not used." verbose="Label '' is not used." cwe="398">
<symbol></symbol>
</error>
<error id="unknownEvaluationOrder" severity="error" msg="Expression 'x = x++;' depends on order of evaluation of side effects" verbose="Expression 'x = x++;' depends on order of evaluation of side effects" cwe="768"/>
<error id="accessMoved" severity="warning" msg="Access of moved variable 'v'." verbose="Access of moved variable 'v'." cwe="672"/>
<error id="accessForwarded" severity="warning" msg="Access of forwarded variable 'v'." verbose="Access of forwarded variable 'v'." cwe="672"/>
<error id="funcArgNamesDifferent" severity="style" msg="Function 'function' argument 2 names different: declaration 'A' definition 'B'." verbose="Function 'function' argument 2 names different: declaration 'A' definition 'B'." cwe="628" inconclusive="true">
<symbol>function</symbol>
</error>
<error id="redundantBitwiseOperationInSwitch" severity="warning" msg="Redundant bitwise operation on 'varname' in 'switch' statement. 'break;' missing?" verbose="Redundant bitwise operation on 'varname' in 'switch' statement. 'break;' missing?">
<symbol>varname</symbol>
</error>
<error id="shadowFunction" severity="style" msg="Local variable f shadows outer function" verbose="Local variable f shadows outer function" cwe="398">
<symbol>f</symbol>
</error>
<error id="shadowVar" severity="style" msg="Local variable var shadows outer variable" verbose="Local variable var shadows outer variable" cwe="398">
<symbol>var</symbol>
</error>
<error id="constArgument" severity="style" msg="Argument 'x' to function f is always 0" verbose="Argument 'x' to function f is always 0" cwe="570"/>
<error id="funcArgOrderDifferent" severity="warning" msg="Function 'function' argument order different: declaration '' definition ''" verbose="Function 'function' argument order different: declaration '' definition ''" cwe="683">
<symbol>function</symbol>
</error>
<error id="containerOutOfBounds" severity="error" msg="Out of bounds access of item in container 'var'" verbose="Out of bounds access of item in container 'var'" cwe="398">
<symbol>var</symbol>
</error>
<error id="invalidIterator1" severity="error" msg="Invalid iterator: iterator" verbose="Invalid iterator: iterator" cwe="664">
<symbol>iterator</symbol>
</error>
<error id="iterators1" severity="error" msg="Same iterator is used with different containers 'container1' and 'container2'." verbose="Same iterator is used with different containers 'container1' and 'container2'." cwe="664">
<symbol>container1</symbol>
<symbol>container2</symbol>
</error>
<error id="iterators2" severity="error" msg="Same iterator is used with different containers 'container0' and 'container1'." verbose="Same iterator is used with different containers 'container0' and 'container1'." cwe="664">
<symbol>container0</symbol>
<symbol>container1</symbol>
</error>
<error id="iterators3" severity="error" msg="Same iterator is used with containers 'container' that are defined in different scopes." verbose="Same iterator is used with containers 'container' that are defined in different scopes." cwe="664">
<symbol>container</symbol>
</error>
<error id="iteratorsCmp1" severity="error" msg="Comparison of iterators from containers 'container1' and 'container2'." verbose="Comparison of iterators from containers 'container1' and 'container2'." cwe="664">
<symbol>container1</symbol>
<symbol>container2</symbol>
</error>
<error id="iteratorsCmp2" severity="error" msg="Comparison of iterators from containers 'container' that are defined in different scopes." verbose="Comparison of iterators from containers 'container' that are defined in different scopes." cwe="664">
<symbol>container</symbol>
</error>
<error id="mismatchingContainers" severity="error" msg="Iterators of different containers are used together." verbose="Iterators of different containers are used together." cwe="664"/>
<error id="mismatchingContainerExpression" severity="warning" msg="Iterators to containers from different expressions 'v1' and 'v2' are used together." verbose="Iterators to containers from different expressions 'v1' and 'v2' are used together." cwe="664"/>
<error id="sameIteratorExpression" severity="style" msg="Same iterators expression are used for algorithm." verbose="Same iterators expression are used for algorithm." cwe="664"/>
<error id="eraseDereference" severity="error" msg="Invalid iterator 'iter' used." verbose="The iterator 'iter' is invalid before being assigned. Dereferencing or comparing it with another iterator is invalid operation." cwe="664">
<symbol>iter</symbol>
</error>
<error id="stlOutOfBounds" severity="error" msg="When i==foo.size(), foo[i] is out of bounds." verbose="When i==foo.size(), foo[i] is out of bounds." cwe="788">
<symbol>foo</symbol>
</error>
<error id="invalidIterator2" severity="error" msg="After push_back|push_front|insert(), the iterator 'iterator' may be invalid." verbose="After push_back|push_front|insert(), the iterator 'iterator' may be invalid." cwe="664">
<symbol>push_back|push_front|insert</symbol>
<symbol>iterator</symbol>
</error>
<error id="invalidPointer" severity="error" msg="Invalid pointer 'pointer' after push_back()." verbose="Invalid pointer 'pointer' after push_back()." cwe="664">
<symbol>push_back</symbol>
<symbol>pointer</symbol>
</error>
<error id="stlBoundaries" severity="error" msg="Dangerous comparison using operator< on iterator." verbose="Iterator compared with operator<. This is dangerous since the order of items in the container is not guaranteed. One should use operator!= instead to compare iterators." cwe="664"/>
<error id="stlIfFind" severity="warning" msg="Suspicious condition. The result of find() is an iterator, but it is not properly checked." verbose="Suspicious condition. The result of find() is an iterator, but it is not properly checked." cwe="398"/>
<error id="stlIfStrFind" severity="performance" msg="Inefficient usage of string::find() in condition; string::compare() would be faster." verbose="Either inefficient or wrong usage of string::find(). string::compare() will be faster if string::find's result is compared with 0, because it will not scan the whole string. If your intention is to check that there are no findings in the string, you should compare with std::string::npos." cwe="597"/>
<error id="stlcstr" severity="error" msg="Dangerous usage of c_str(). The value returned by c_str() is invalid after this call." verbose="Dangerous usage of c_str(). The c_str() return value is only valid until its string is deleted." cwe="664"/>
<error id="stlcstrReturn" severity="performance" msg="Returning the result of c_str() in a function that returns std::string is slow and redundant." verbose="The conversion from const char* as returned by c_str() to std::string creates an unnecessary string copy. Solve that by directly returning the string." cwe="704"/>
<error id="stlcstrParam" severity="performance" msg="Passing the result of c_str() to a function that takes std::string as argument no. 0 is slow and redundant." verbose="The conversion from const char* as returned by c_str() to std::string creates an unnecessary string copy. Solve that by directly passing the string." cwe="704"/>
<error id="stlcstrthrow" severity="error" msg="Dangerous usage of c_str(). The value returned by c_str() is invalid after throwing exception." verbose="Dangerous usage of c_str(). The string is destroyed after the c_str() call so the thrown pointer is invalid."/>
<error id="stlSize" severity="performance" msg="Possible inefficient checking for 'list' emptiness." verbose="Checking for 'list' emptiness might be inefficient. Using list.empty() instead of list.size() can be faster. list.size() can take linear time but list.empty() is guaranteed to take constant time." cwe="398">
<symbol>list</symbol>
</error>
<error id="StlMissingComparison" severity="warning" msg="Missing bounds check for extra iterator increment in loop." verbose="The iterator incrementing is suspicious - it is incremented at line and then at line . The loop might unintentionally skip an element in the container. There is no comparison between these increments to prevent that the iterator is incremented beyond the end." cwe="834"/>
<error id="redundantIfRemove" severity="style" msg="Redundant checking of STL container element existence before removing it." verbose="Redundant checking of STL container element existence before removing it. It is safe to call the remove method on a non-existing element." cwe="398"/>
<error id="useAutoPointerCopy" severity="style" msg="Copying 'auto_ptr' pointer to another does not create two equal objects since one has lost its ownership of the pointer." verbose="'std::auto_ptr' has semantics of strict ownership, meaning that the 'auto_ptr' instance is the sole entity responsible for the object's lifetime. If an 'auto_ptr' is copied, the source looses the reference." cwe="398"/>
<error id="useAutoPointerContainer" severity="error" msg="You can randomly lose access to pointers if you store 'auto_ptr' pointers in an STL container." verbose="An element of container must be able to be copied but 'auto_ptr' does not fulfill this requirement. You should consider to use 'shared_ptr' or 'unique_ptr'. It is suitable for use in containers, because they no longer copy their values, they move them." cwe="664"/>
<error id="useAutoPointerArray" severity="error" msg="Object pointed by an 'auto_ptr' is destroyed using operator 'delete'. You should not use 'auto_ptr' for pointers obtained with operator 'new[]'." verbose="Object pointed by an 'auto_ptr' is destroyed using operator 'delete'. This means that you should only use 'auto_ptr' for pointers obtained with operator 'new'. This excludes arrays, which are allocated by operator 'new[]' and must be deallocated by operator 'delete[]'." cwe="664"/>
<error id="useAutoPointerMalloc" severity="error" msg="Object pointed by an 'auto_ptr' is destroyed using operator 'delete'. You should not use 'auto_ptr' for pointers obtained with function 'malloc'." verbose="Object pointed by an 'auto_ptr' is destroyed using operator 'delete'. You should not use 'auto_ptr' for pointers obtained with function 'malloc'. This means that you should only use 'auto_ptr' for pointers obtained with operator 'new'. This excludes use C library allocation functions (for example 'malloc'), which must be deallocated by the appropriate C library function." cwe="762">
<symbol>malloc</symbol>
</error>
<error id="uselessCallsCompare" severity="warning" msg="It is inefficient to call 'str.find(str)' as it always returns 0." verbose="'std::string::find()' returns zero when given itself as parameter (str.find(str)). As it is currently the code is inefficient. It is possible either the string searched ('str') or searched for ('str') is wrong." cwe="628">
<symbol>str</symbol>
<symbol>find</symbol>
</error>
<error id="uselessCallsSwap" severity="performance" msg="It is inefficient to swap a object with itself by calling 'str.swap(str)'" verbose="The 'swap()' function has no logical effect when given itself as parameter (str.swap(str)). As it is currently the code is inefficient. Is the object or the parameter wrong here?" cwe="628">
<symbol>str</symbol>
</error>
<error id="uselessCallsSubstr" severity="performance" msg="Ineffective call of function 'substr' because it returns a copy of the object. Use operator= instead." verbose="Ineffective call of function 'substr' because it returns a copy of the object. Use operator= instead." cwe="398"/>
<error id="uselessCallsEmpty" severity="warning" msg="Ineffective call of function 'empty()'. Did you intend to call 'clear()' instead?" verbose="Ineffective call of function 'empty()'. Did you intend to call 'clear()' instead?" cwe="398"/>
<error id="uselessCallsRemove" severity="warning" msg="Return value of std::remove() ignored. Elements remain in container." verbose="The return value of std::remove() is ignored. This function returns an iterator to the end of the range containing those elements that should be kept. Elements past new end remain valid but with unspecified values. Use the erase method of the container to delete them." cwe="762">
<symbol>remove</symbol>
</error>
<error id="derefInvalidIterator" severity="warning" msg="Possible dereference of an invalid iterator: i" verbose="Possible dereference of an invalid iterator: i. Make sure to check that the iterator is valid before dereferencing it - not after." cwe="825">
<symbol>i</symbol>
</error>
<error id="reademptycontainer" severity="style" msg="Reading from empty STL container 'var'" verbose="Reading from empty STL container 'var'" cwe="398" inconclusive="true">
<symbol>var</symbol>
</error>
<error id="useStlAlgorithm" severity="style" msg="Consider using algorithm instead of a raw loop." verbose="Consider using algorithm instead of a raw loop." cwe="398"/>
<error id="sizeofwithsilentarraypointer" severity="warning" msg="Using 'sizeof' on array given as function argument returns size of a pointer." verbose="Using 'sizeof' for array given as function argument returns the size of a pointer. It does not return the size of the whole array in bytes as might be expected. For example, this code:\012 int f(char a[100]) {\012 return sizeof(a);\012 }\012returns 4 (in 32-bit systems) or 8 (in 64-bit systems) instead of 100 (the size of the array in bytes)." cwe="467"/>
<error id="pointerSize" severity="warning" msg="Size of pointer 'varname' used instead of size of its data." verbose="Size of pointer 'varname' used instead of size of its data. This is likely to lead to a buffer overflow. You probably intend to write 'sizeof(*varname)'." cwe="467"/>
<error id="sizeofDivisionMemfunc" severity="warning" msg="Division by result of sizeof(). memset() expects a size in bytes, did you intend to multiply instead?" verbose="Division by result of sizeof(). memset() expects a size in bytes, did you intend to multiply instead?" cwe="682"/>
<error id="sizeofwithnumericparameter" severity="warning" msg="Suspicious usage of 'sizeof' with a numeric constant as parameter." verbose="It is unusual to use a constant value with sizeof. For example, 'sizeof(10)' returns 4 (in 32-bit systems) or 8 (in 64-bit systems) instead of 10. 'sizeof('A')' and 'sizeof(char)' can return different results." cwe="682"/>
<error id="sizeofsizeof" severity="warning" msg="Calling 'sizeof' on 'sizeof'." verbose="Calling sizeof for 'sizeof looks like a suspicious code and most likely there should be just one 'sizeof'. The current code is equivalent to 'sizeof(size_t)'" cwe="682"/>
<error id="sizeofCalculation" severity="warning" msg="Found calculation inside sizeof()." verbose="Found calculation inside sizeof()." cwe="682"/>
<error id="sizeofFunctionCall" severity="warning" msg="Found function call inside sizeof()." verbose="Found function call inside sizeof()." cwe="682"/>
<error id="multiplySizeof" severity="warning" msg="Multiplying sizeof() with sizeof() indicates a logic error." verbose="Multiplying sizeof() with sizeof() indicates a logic error." cwe="682" inconclusive="true"/>
<error id="divideSizeof" severity="warning" msg="Division of result of sizeof() on pointer type." verbose="Division of result of sizeof() on pointer type. sizeof() returns the size of the pointer, not the size of the memory area it points to." cwe="682" inconclusive="true"/>
<error id="sizeofVoid" severity="portability" msg="Behaviour of 'sizeof(void)' is not covered by the ISO C standard." verbose="Behaviour of 'sizeof(void)' is not covered by the ISO C standard. A value for 'sizeof(void)' is defined only as part of a GNU C extension, which defines 'sizeof(void)' to be 1." cwe="682"/>
<error id="sizeofDereferencedVoidPointer" severity="portability" msg="'*varname' is of type 'void', the behaviour of 'sizeof(void)' is not covered by the ISO C standard." verbose="'*varname' is of type 'void', the behaviour of 'sizeof(void)' is not covered by the ISO C standard. A value for 'sizeof(void)' is defined only as part of a GNU C extension, which defines 'sizeof(void)' to be 1." cwe="682"/>
<error id="arithOperationsOnVoidPointer" severity="portability" msg="'varname' is of type 'vartype'. When using void pointers in calculations, the behaviour is undefined." verbose="'varname' is of type 'vartype'. When using void pointers in calculations, the behaviour is undefined. Arithmetic operations on 'void *' is a GNU C extension, which defines the 'sizeof(void)' to be 1." cwe="467">
<symbol>varname</symbol>
</error>
<error id="stringLiteralWrite" severity="error" msg="Modifying string literal directly or indirectly is undefined behaviour." verbose="Modifying string literal directly or indirectly is undefined behaviour." cwe="758"/>
<error id="sprintfOverlappingData" severity="error" msg="Undefined behavior: Variable 'varname' is used as parameter and destination in s[n]printf()." verbose="The variable 'varname' is used both as a parameter and as destination in s[n]printf(). The origin and destination buffers overlap. Quote from glibc (C-library) documentation (http://www.gnu.org/software/libc/manual/html_mono/libc.html#Formatted-Output-Functions): "If copying takes place between objects that overlap as a result of a call to sprintf() or snprintf(), the results are undefined."" cwe="628">
<symbol>varname</symbol>
</error>
<error id="strPlusChar" severity="error" msg="Unusual pointer arithmetic. A value of type 'char' is added to a string literal." verbose="Unusual pointer arithmetic. A value of type 'char' is added to a string literal." cwe="665"/>
<error id="incorrectStringCompare" severity="warning" msg="String literal "Hello World" doesn't match length argument for substr()." verbose="String literal "Hello World" doesn't match length argument for substr()." cwe="570">
<symbol>substr</symbol>
</error>
<error id="literalWithCharPtrCompare" severity="warning" msg="String literal compared with variable 'foo'. Did you intend to use strcmp() instead?" verbose="String literal compared with variable 'foo'. Did you intend to use strcmp() instead?" cwe="595">
<symbol>foo</symbol>
</error>
<error id="charLiteralWithCharPtrCompare" severity="warning" msg="Char literal compared with pointer 'foo'. Did you intend to dereference it?" verbose="Char literal compared with pointer 'foo'. Did you intend to dereference it?" cwe="595">
<symbol>foo</symbol>
</error>
<error id="incorrectStringBooleanError" severity="warning" msg="Conversion of string literal "Hello World" to bool always evaluates to true." verbose="Conversion of string literal "Hello World" to bool always evaluates to true." cwe="571"/>
<error id="incorrectCharBooleanError" severity="warning" msg="Conversion of char literal 'x' to bool always evaluates to true." verbose="Conversion of char literal 'x' to bool always evaluates to true." cwe="571"/>
<error id="staticStringCompare" severity="warning" msg="Unnecessary comparison of static strings." verbose="The compared strings, 'str1' and 'str2', are always unequal. Therefore the comparison is unnecessary and looks suspicious." cwe="570"/>
<error id="stringCompare" severity="warning" msg="Comparison of identical string variables." verbose="The compared strings, 'varname1' and 'varname2', are identical. This could be a logic bug." cwe="571"/>
<error id="overlappingStrcmp" severity="warning" msg="The expression 'strcmp(x,"def") != 0' is suspicious. It overlaps 'strcmp(x,"abc") == 0'." verbose="The expression 'strcmp(x,"def") != 0' is suspicious. It overlaps 'strcmp(x,"abc") == 0'."/>
<error id="shiftTooManyBits" severity="error" msg="Shifting 32-bit value by 40 bits is undefined behaviour" verbose="Shifting 32-bit value by 40 bits is undefined behaviour" cwe="758"/>
<error id="shiftTooManyBitsSigned" severity="error" msg="Shifting signed 32-bit value by 31 bits is undefined behaviour" verbose="Shifting signed 32-bit value by 31 bits is undefined behaviour" cwe="758"/>
<error id="integerOverflow" severity="error" msg="Signed integer overflow for expression ''." verbose="Signed integer overflow for expression ''." cwe="190"/>
<error id="signConversion" severity="warning" msg="Suspicious code: sign conversion of 'var' in calculation, even though 'var' can have a negative value" verbose="Suspicious code: sign conversion of 'var' in calculation, even though 'var' can have a negative value" cwe="195"/>
<error id="truncLongCastAssignment" severity="style" msg="int result is assigned to long variable. If the variable is long to avoid loss of information, then you have loss of information." verbose="int result is assigned to long variable. If the variable is long to avoid loss of information, then there is loss of information. To avoid loss of information you must cast a calculation operand to long, for example 'l = a * b;' => 'l = (long)a * b;'." cwe="197"/>
<error id="truncLongCastReturn" severity="style" msg="int result is returned as long value. If the return value is long to avoid loss of information, then you have loss of information." verbose="int result is returned as long value. If the return value is long to avoid loss of information, then there is loss of information. To avoid loss of information you must cast a calculation operand to long, for example 'return a*b;' => 'return (long)a*b'." cwe="197"/>
<error id="floatConversionOverflow" severity="error" msg="Undefined behaviour: float (1e+100) to integer conversion overflow." verbose="Undefined behaviour: float (1e+100) to integer conversion overflow." cwe="190"/>
<error id="uninitstring" severity="error" msg="Dangerous usage of 'varname' (strncpy doesn't always null-terminate it)." verbose="Dangerous usage of 'varname' (strncpy doesn't always null-terminate it)." cwe="676">
<symbol>varname</symbol>
</error>
<error id="uninitdata" severity="error" msg="Memory is allocated but not initialized: varname" verbose="Memory is allocated but not initialized: varname" cwe="908">
<symbol>varname</symbol>
</error>
<error id="uninitvar" severity="error" msg="Uninitialized variable: varname" verbose="Uninitialized variable: varname" cwe="908">
<symbol>varname</symbol>
</error>
<error id="uninitStructMember" severity="error" msg="Uninitialized struct member: a.b" verbose="Uninitialized struct member: a.b" cwe="908">
<symbol>a.b</symbol>
</error>
<error id="deadpointer" severity="error" msg="Dead pointer usage. Pointer 'pointer' is dead if it has been assigned '&x' at line 0." verbose="Dead pointer usage. Pointer 'pointer' is dead if it has been assigned '&x' at line 0." cwe="825">
<symbol>pointer</symbol>
</error>
<error id="unusedFunction" severity="style" msg="The function 'funcName' is never used." verbose="The function 'funcName' is never used." cwe="561">
<symbol>funcName</symbol>
</error>
<error id="unusedVariable" severity="style" msg="Unused variable: varname" verbose="Unused variable: varname" cwe="563">
<symbol>varname</symbol>
</error>
<error id="unusedAllocatedMemory" severity="style" msg="Variable 'varname' is allocated memory that is never used." verbose="Variable 'varname' is allocated memory that is never used." cwe="563">
<symbol>varname</symbol>
</error>
<error id="unreadVariable" severity="style" msg="Variable 'varname' is assigned a value that is never used." verbose="Variable 'varname' is assigned a value that is never used." cwe="563">
<symbol>varname</symbol>
</error>
<error id="unassignedVariable" severity="style" msg="Variable 'varname' is not assigned a value." verbose="Variable 'varname' is not assigned a value." cwe="665">
<symbol>varname</symbol>
</error>
<error id="unusedStructMember" severity="style" msg="struct member 'structname::variable' is never used." verbose="struct member 'structname::variable' is never used." cwe="563">
<symbol>structname::variable</symbol>
</error>
<error id="postfixOperator" severity="performance" msg="Prefer prefix ++/-- operators for non-primitive types." verbose="Prefix ++/-- operators should be preferred for non-primitive types. Pre-increment/decrement can be more efficient than post-increment/decrement. Post-increment/decrement usually involves keeping a copy of the previous value around and adds a little extra code." cwe="398"/>
<error id="va_start_wrongParameter" severity="warning" msg="'arg1' given to va_start() is not last named argument of the function. Did you intend to pass 'arg2'?" verbose="'arg1' given to va_start() is not last named argument of the function. Did you intend to pass 'arg2'?" cwe="688"/>
<error id="va_start_referencePassed" severity="error" msg="Using reference 'arg1' as parameter for va_start() results in undefined behaviour." verbose="Using reference 'arg1' as parameter for va_start() results in undefined behaviour." cwe="758"/>
<error id="va_end_missing" severity="error" msg="va_list 'vl' was opened but not closed by va_end()." verbose="va_list 'vl' was opened but not closed by va_end()." cwe="664"/>
<error id="va_list_usedBeforeStarted" severity="error" msg="va_list 'vl' used before va_start() was called." verbose="va_list 'vl' used before va_start() was called." cwe="664"/>
<error id="va_start_subsequentCalls" severity="error" msg="va_start() or va_copy() called subsequently on 'vl' without va_end() in between." verbose="va_start() or va_copy() called subsequently on 'vl' without va_end() in between." cwe="664"/>
<error id="missingInclude" severity="information" msg="Include file: "" not found." verbose="Include file: "" not found."/>
<error id="missingIncludeSystem" severity="information" msg="Include file: <> not found. Please note: Cppcheck does not need standard library headers to get proper results." verbose="Include file: <> not found. Please note: Cppcheck does not need standard library headers to get proper results."/>
<error id="ConfigurationNotChecked" severity="information" msg="Skipping configuration 'X' since the value of 'X' is unknown. Use -D if you want to check it. You can use -U to skip it explicitly." verbose="Skipping configuration 'X' since the value of 'X' is unknown. Use -D if you want to check it. You can use -U to skip it explicitly.">
<location file="" line="1"/>
</error>
<error id="preprocessorErrorDirective" severity="error" msg="#error message" verbose="#error message"/>
</errors>
</results>