The NetBSD Project

CVS log for pkgsrc/devel/cppcheck/distinfo

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / devel / cppcheck

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.20 / (download) - annotate - [select for diffs], Mon Aug 22 07:53:17 2022 UTC (19 months ago) by markd
Branch: MAIN
CVS Tags: pkgsrc-2023Q4-base, pkgsrc-2023Q4, pkgsrc-2023Q3-base, pkgsrc-2023Q3, pkgsrc-2023Q2-base, pkgsrc-2023Q2, pkgsrc-2023Q1-base, pkgsrc-2023Q1, pkgsrc-2022Q4-base, pkgsrc-2022Q4, pkgsrc-2022Q3-base, pkgsrc-2022Q3, HEAD
Changes since 1.19: +4 -7 lines
Diff to previous 1.19 (colored) to selected 1.4 (colored)

cppcheck: update to 2.8

Cppcheck-2.8
* Lifetime analysis can now track lifetime across user-defined constructors when
  they are inline and using member initializer list.
* SymbolDatabase can now deduce iterator types from how they are specified in the
  library files.
* ValueFlow can evaluate class member functions that return known values.
* Improve duplicateValueTenary to not warn when used as an lvalue or when one
  branch has side effects
* Fix variableScope to not warn when variables are used in lambda functions
* Fix unassignedVariable warnings when using structured bindings
* Fix redundantInitialization warning when variable is used in a lambda
* Fix variableScope warnings when using if/while init-statement
* Improve lifetime analysis when returning variadic template expressions
* Detect more statements with constStatement
* Detect variableScope for more types
* Improvements to unreadVariable
* Detect more instances of C style casts
* Warn if the return value of new is discarded
* The pre-ValueFlow uninitialized checker now uses a different ID as legacyUninitvar
* Extended library format to exclude specific function argument values

Cppcheck-2.7
* Add support for container views.
* Various checker improvements.
* Fixed false positives.

Cppcheck-2.6
* Color output for diagnostics are added for unix-based platforms.
* Added symbolic analysis for ValueFlow. A simple delta is used to compute the
  difference between two unknown variable.
* Rules using the "define" tokenlist can also match #include as well.
* Library <function> tags can now use <container> tag, so free functions that
  accept containers such as std::size, std::empty, std::begin, std::end, etc. can
  specify the yields or action for the container.
* Library <smart-pointer> tag can specify a <unique> tag for smart pointers that
  have unique ownership.
* Fixed problems when --cppcheck-build-dir is used, that should now work better.
* htmlreport can now output author information (using git blame)
* More warnings about variables that is not const but can be const

Revision 1.19 / (download) - annotate - [select for diffs], Tue Oct 26 10:14:27 2021 UTC (2 years, 5 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2022Q2-base, pkgsrc-2022Q2, pkgsrc-2022Q1-base, pkgsrc-2022Q1, pkgsrc-2021Q4-base, pkgsrc-2021Q4
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored) to selected 1.4 (colored)

archivers: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Could not be committed due to merge conflict:
devel/py-traitlets/distinfo

The following distfiles were unfetchable (note: some may be only fetched
conditionally):

./devel/pvs/distinfo pvs-3.2-solaris.tgz
./devel/eclipse/distinfo eclipse-sourceBuild-srcIncluded-3.0.1.zip

Revision 1.18 / (download) - annotate - [select for diffs], Thu Oct 7 13:39:21 2021 UTC (2 years, 5 months ago) by nia
Branch: MAIN
Changes since 1.17: +1 -2 lines
Diff to previous 1.17 (colored) to selected 1.4 (colored)

devel: Remove SHA1 hashes for distfiles

Revision 1.17 / (download) - annotate - [select for diffs], Fri Jul 9 10:50:37 2021 UTC (2 years, 8 months ago) by markd
Branch: MAIN
CVS Tags: pkgsrc-2021Q3-base, pkgsrc-2021Q3
Changes since 1.16: +4 -1 lines
Diff to previous 1.16 (colored) to selected 1.4 (colored)

cppcheck: fix build with gcc-11

Revision 1.16 / (download) - annotate - [select for diffs], Mon Jun 29 13:06:51 2020 UTC (3 years, 8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2021Q2-base, pkgsrc-2021Q2, pkgsrc-2021Q1-base, pkgsrc-2021Q1, pkgsrc-2020Q4-base, pkgsrc-2020Q4, pkgsrc-2020Q3-base, pkgsrc-2020Q3
Changes since 1.15: +5 -5 lines
Diff to previous 1.15 (colored) to selected 1.4 (colored)

cppcheck: update to 2.1.

2.1

This is a minor release.

We have tweaked build scripts.

* When you use USE_Z3=yes, we will handle new versions of z3 better.
If you have an old z3 library and get compilation problems you will
need to add a z3_version.h in externals.

* The cmake scripts were updated.

There was a couple of bug fixes.

New check:

* for "expression % 1" the result is always 0.

2.0

Overview

The command line is not changed drastically. Your old cppcheck
scripts should work as before.

Compiling: There is a new dependency Z3. When compiling with the
Makefile it is highly recommended to use "USE_Z3=yes".

Improved clang-tidy integration

Several fixes to;

    improve parsing detect more bugs with existing checks fix false
    alarms

Clang import

Clang is a C/C++ compiler that has a very robust and well made
parser.

Cppcheck will always use its internal parser by default. However
there is now an option to use the Clang parser instead.

It is recommended that you use the default internal Cppcheck parser
unless you notice that it fails to parse your code properly (syntax
errors, strange false alarms).  Bug hunting

There is a new "soundy" analysis in Cppcheck that should detect
most bugs. You should expect false alarms, however the false alarms
will not be overwhelming.

This new "soundy" analysis is not intended to replace normal Cppcheck
analysis. There are use cases where false alarms can not be tolerated.

We have added 1 checker and that checks for division by zero:

    It detects all "integer division by zero" bugs in the Juliet
    test suite.

    It detects all "division by zero" bugs in the ITC test suite.

    There was 28 division by zero CVEs published in 2019 for C/C++
    open source projects, and we could quickly see that 21 of the
    bugs are found by Cppcheck. There is no CVE bug that we know
    Cppcheck fails to diagnose. But there are 7 CVEs that would
    require additional investigation to establish if it is really
    detected or not.

You can read more about this analysis in the "Bug hunting" chapter
in the manual.

Revision 1.15 / (download) - annotate - [select for diffs], Thu Apr 16 21:50:35 2020 UTC (3 years, 11 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2020Q2-base, pkgsrc-2020Q2
Changes since 1.14: +5 -5 lines
Diff to previous 1.14 (colored) to selected 1.4 (colored)

cppcheck: update to 1.90.

Based on wip/cppcheck by Apurva Nandan.

Cppcheck-1.90 has been released.

New check:
* alias to vector element invalid after vector is changed

Improved checking:
* improved value flow analysis for struct members
* improved value flow analysis for pointer alias

CERT:
* Added ENV33-C: Do not call system()

MISRA:
* Added rule 2.7
* Added rule 3.2
* Added rule 4.2
* Added rule 14.2
* Added rule 21.1
* Added rule 21.12

Addons:
* Add --recursive option. You can check dump files recursively.

Revision 1.14 / (download) - annotate - [select for diffs], Tue Oct 25 01:24:02 2016 UTC (7 years, 5 months ago) by kamil
Branch: MAIN
CVS Tags: pkgsrc-2020Q1-base, pkgsrc-2020Q1, pkgsrc-2019Q4-base, pkgsrc-2019Q4, pkgsrc-2019Q3-base, pkgsrc-2019Q3, pkgsrc-2019Q2-base, pkgsrc-2019Q2, pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3, pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1, pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-2017Q2-base, pkgsrc-2017Q2, pkgsrc-2017Q1-base, pkgsrc-2017Q1, pkgsrc-2016Q4-base, pkgsrc-2016Q4
Changes since 1.13: +5 -5 lines
Diff to previous 1.13 (colored) to selected 1.4 (colored)

Update cppcheck from 1.75 to 1.76.1

Upstream changelog
==================
Cppcheck-1.76.1 has been released.

It has a bugfix to avoid hang.

Cppcheck-1.76 has been released.

General changes:
- Completed CWE mapping
- Support opening project files of external build systems, including CMake and Visual Studio (CLI: --project)
- XML format version 1 is deprecated and will be removed in 1.81

Removed checks:

New checks:

Checking improvements:
- Improved checking for conditions that are always true/false
- Improved format string checking: Support more functions, support %h and %hh
- Improved std.cfg, windows.cfg and qt.cfg; added wxwidgets.cfg
- Improved ValueFlow analysis
- Improved SymbolDatabase accuracy
- Improved Preprocessor (simplecpp)
- Support base class methods in Library

GUI:
- Support opening project files from GUI
- Added .desktop file

Additionally, lots of false positives and bugs have been fixed and several existing checks have been improved.

Revision 1.13 / (download) - annotate - [select for diffs], Mon Sep 19 11:05:53 2016 UTC (7 years, 6 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2016Q3-base, pkgsrc-2016Q3
Changes since 1.12: +5 -5 lines
Diff to previous 1.12 (colored) to selected 1.4 (colored)

Updated cppcheck to 1.75.

pkgsrc change: switch from qt4 to qt5 for GUI option.

Cppcheck-1.75 has been released

General changes:
- Replaced internal preprocessor by the brand-new preprocessor 'simplecpp'
- Improved Windows installer: Install a copy of the license instead of asking to accept it
- The Windows x64 binaries are now compiled with profile guided optimization, resulting in a speedup of 11%
- Improved manual, especially the chapter about Libraries
- Improved CWE mapping
- --append is deprecated and will be removed in 1.80

New checks:
- Detect passed by value for non-const variables and print message only if type size justifies optimization

Checking improvements:
- Implemented support for trailing return types (C++11)
- Improved support for digit separators (C++14)
- Improved support for enum types in buffer overflow checking
- Better handling of volatile variables when checking for redundant assignments
- Properly support integer suffixes i64 and ui64
- Support function arguments with default value in Libraries
- Always set file0 attribute of error messages to identify the source file cppcheck was checking

Additionally, lots of false positives and bugs have been fixed and several existing checks have been improved.

Cppcheck-1.74 has been released

General changes:
- Improved CWE mapping of messages
- Git pre-commit hook checks only added or modified files

Checking improvements:
- Replaced simplification of enums by keeping and parsing them in the SymbolDatabase
- Added support to Library for specifying the parameter used by allocating/deallocating functions
- Improved support for integers defined in Libraries
- Improved accuracy of ValueType analysis
- Improved accuracy of VarID assignment, especially when dealing with structs and unions
- Improved performance of VarID assignment, checking for struct member usage, buffer overrun checking and several simplifications
- Added support for lots functions to windows.cfg and posix.cfg
- Better support for operator overloads
- Detect buffer overflows when %c is used with a width
- Improved checking for sizeof() taken of wrong type
- Support char literals when checking for conditions being always true or false
- Reimplemented check for usage of boolean results used in bitwise operations based on ValueType
- Improved checking for c_str() usage

Additionally, lots of false positives and bugs have been fixed and several existing checks have been improved.

Cppcheck-1.73 has been released

General changes:
- CWE mapping of messages
- Translated manual to Japanese language

Removed checks:
- Checks for variables hiding enums or typedefs have been removed

New checks:

Checking improvements:
- Improved ValueType a lot, use it in more checks
- Improved VarId support for template constructors, namespaces and references as class members
- Improved libraries, especially gnu.cfg, posix.cfg and windows.cfg
- Improved simplification of enums and templates
- Better distinguishing between possible and known null pointer dereferenciations
- Assume integers to be signed by default
- better support for cplusplus macro in preprocessor
- Preprocessor directives for addons
- New tools: times-vs.py, reduce.py

GUI:
- Detect Geany and QtCreator
- Make statistics dialog shown when checking is finished optional

Additionally, lots of false positives and bugs have been fixed and several existing checks have been improved.

Cppcheck-1.72 has been released.

General changes:
- Added platform files to customize characteristics of different target platforms
- Added setting to configure the default sign of integral variables and bit size of type 'char'
- Added option -E (only preprocess the code)
- Option --dump now outputs data for each configurations, not only the last one
- Several qmake project files have been removed

Removed checks:
- Check for unnecessary forward declaration has been removed

New checks:
- Warn about shifting negative values
- Detect statements with undefined execution order (pre-C++11 code)
- Added a generic check to discourage usage of specific functions, replacing CheckNonReentrantFunctions and CheckObsoleteFunctions

Checking improvements:
- Several improvmenets to ValueFlow analysis
- Improved ValueType handling, refactored several checks to make use of it
- Improved memory leak checking
- Improved Container specification in Library files, rewrote some checks based on it
- Improved handling of character literals
- Improved checking for non-interlocked accesses
- Properly support <cstdint> types in namespace std
- Added some validation mechamisms to avoid crashs

GUI:
- Improved Library editor
- Support "Enter" key in results tree
- Properly detect editors on 64-Bit Windows
- Added Japanese translation
- Allow opening project file without extra parameter from command line

Additionally, lots of false positives and bugs have been fixed and several existing checks have been improved.

Cppcheck-1.71 has been released

General changes:
- The deprecated options --suppressions and --exitcode-suppressions have been removed
- .hh and .hxx files are now treated as C++ files
- Improved documentation (readmes and manuals)
- Internal errors (for example syntax error) are now suppressable

Removed checks:
- Check for unnecessary qualification has been removed

Checking improvements:
- Support range-based for-loops (C++11)
- Better support for C++11 style initialization
- Better support for lambdas (C++11)
- Support digit separators (C++14)
- Added determination of the type of an expression (ValueType)
- Support case ranges (GCC extension)
- Improved AST generation and added validation
- Improved value flow analysis
- Improved checking for unitialized arrays
- Improved VarId assignment for member variables
- Rewrote checking of char variables
- Known variable simplification has been removed partially in favour of value flow analysis

GUI:
- Added library editor
- Improved display of inconclusive messages
- Added option to enforce parsing as C or C++ code
- Show file that included a header in details view
- Added "Recheck all files" button, "Recheck files " renamed to "Rechecked modified files"

Additionally, lots of false positives and bugs have been fixed and several existing checks have been improved.

Cppcheck-1.70 has been released

General changes:
- New version of .cfg file format, adding support for namespaces and declaring several functions at once
- Support building x64 installer for Windows; Both x64 and x86 builds are now provided
- Warn about deprecated options --suppressions and --exitcode-suppressions. They will be removed in future
- Added debugging option --debug-normal, which prints out debug output before second stage simplification

New checks:
- Warn about modifying string literals
- Detect declaration of variable length arrays with negative size
- Warn about implicit type conversion from int to long
- Warn about redundant code in conditions like (y || (!y && z))
- Detect conditions with known result
- Race condition: non-interlocked access after InterlockedDecrement()
- Detect unused 'goto' labels

Removed checks:
- Do no longer warn about a bug in scanf implementation of ancient glibc versions
- Multifile analysis (added in 1.69) has been removed because it did not work
- Removed ExecutionPath checker, which has been superseeded by ValueFlow analysis

Improvements:
- Support hexadecimal floating point numbers (C99)
- Support [[deprecated]] (C++14)
- Improved handling of sizeof()
- Improved handling of reserved keywords
- Better handling of C declaration specifiers; support complex/_Complex (C99)
- Better handling of ternary operator in ValueFlow analysis
- Lots of improvements to .cfg files, especially std.cfg, which now supports namespace std
- Improved performance and memory usage of Preprocessor
- Improved performance of matchcompiler
- Reduced Disk IO when ignoring paths
- Removed several obsolete simplifications
- Added python addons: naming.py, threadsafety.py and cert.py

GUI:
- Support printing
- Added item "Open containing folder" to context menu

Additionally, lots of false positives and bugs have been fixed and several existing checks have been improved.

Revision 1.12 / (download) - annotate - [select for diffs], Tue Nov 3 03:27:20 2015 UTC (8 years, 4 months ago) by agc
Branch: MAIN
CVS Tags: pkgsrc-2016Q2-base, pkgsrc-2016Q2, pkgsrc-2016Q1-base, pkgsrc-2016Q1, pkgsrc-2015Q4-base, pkgsrc-2015Q4
Changes since 1.11: +2 -1 lines
Diff to previous 1.11 (colored) to selected 1.4 (colored)

Add SHA512 digests for distfiles for devel category

Issues found with existing distfiles:
	distfiles/eclipse-sourceBuild-srcIncluded-3.0.1.zip
	distfiles/fortran-utils-1.1.tar.gz
	distfiles/ivykis-0.39.tar.gz
	distfiles/enum-1.11.tar.gz
	distfiles/pvs-3.2-libraries.tgz
	distfiles/pvs-3.2-linux.tgz
	distfiles/pvs-3.2-solaris.tgz
	distfiles/pvs-3.2-system.tgz
No changes made to these distinfo files.

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.

Revision 1.11 / (download) - annotate - [select for diffs], Fri May 8 19:35:33 2015 UTC (8 years, 10 months ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base, pkgsrc-2015Q3, pkgsrc-2015Q2-base, pkgsrc-2015Q2
Changes since 1.10: +4 -4 lines
Diff to previous 1.10 (colored) to selected 1.4 (colored)

Update cppcheck to 1.69. Patch from Jonathan Buschmann in PR pkg/49885.

General changes:
- Added flag --platform=native, when it is used type sizes and behaviour of
  host system are used
- Backward compatibility for Libary files is now working. Future cppcheck
  versions will be able to use libraries written for previous versions
- Windows 32 bit builds now set /LARGEADDRESSAWARE, so that they can use up to
  4 GiB

New checks:
- Detect bad bitmask checks (usage of | where & should be used)
- Suggest usage of "explicit" for constructors with a single parameter
- Suggest usage of make_shared/make_unique
- Warn about usage of malloc with auto_ptr
- Detect redundant pointer operations like &*ptr

Improvements:
- Support std::array (C++11)
- Detect same expressions in both branches of a ternary operator
- New <container>-tags in libraries to configure STL (and similar) container
  types
- Several improvements to ValueFlow analysis (for example support for default
  function arguments)
- Improved buffer overrun and memory leak checking
- Removed a bunch of redundant checking code
- Removed several simplifications
- Stronger matching of library functions
- Lots of additions to std.cfg and posix.cfg
- New library for Microsoft SAL (microsoft_sal.cfg)
- Improved C++11 template parsing (">>" as closing brackets, variadic
  templates)
- Added statistics to htmlreport

GUI:
- Fixed language selection

Additionally, lots of false positives and bugs have been fixed and several
existing checks have been improved.

Revision 1.10 / (download) - annotate - [select for diffs], Wed Jan 14 21:48:10 2015 UTC (9 years, 2 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q1-base, pkgsrc-2015Q1
Changes since 1.9: +4 -5 lines
Diff to previous 1.9 (colored) to selected 1.4 (colored)

Update to 1.68 from Jonathan Buschmann in PR 49570.


== Cppcheck-1.68 ==

General changes:

New checks:
- Multifile checking for buffer overruns and uninitialized variables

Improvements:
- Libraries are now able to contain platform specific types
- Improved handling of function overloads
- Improved handling of integer literal suffixes
- Improved stability of template parsing
- Improved accuracy of ValueFlow analysis
- Improved checking of pointer overflow
- Support noexcept(false)
- Support attribute((noreturn))
- A bunch of additions to several Libraries, especially posix.cfg and qt.cfg

Additionally, lots of false positives and bugs have been fixed and several existing checks have been improved.

== Cppcheck-1.67 ==

General changes:
- Library files have now a 'format' attribute. Format version 1 is assumed by default
- Cppcheck does no longer abort checking if unhandled characters (Non-ASCII) are found

New checks:
- Check for unused return values
- Detect shift by too many bits, signed integer overflow and dangerous sign conversion
- Recommend usage of expm1(), log1p(), erfc()
- Division by sizeof() as parameter to memset/memcpy/memmove/etc. as they expect a size in bytes
- Several new va_arg related checks:
-- Wrong parameter passed to va_start()
-- Reference passed to va_start()
-- Missing va_end()
-- Using va_list before it is opened
-- Subsequent calls to va_start/va_copy()
- Initialization by itself in initializer list
- Dead pointer usage when pointer alias local variable that has gone out of scope


Improvements:
- Support uniform initialization syntax (C++11)
- Much improvements to value flow analysis
- Improved AST creation (support placement new, C++-style casts, templates, operator new[], ...)
- Improved lambda support
- Support GCC extension attriute((used)) and MSVC extension __declspec(property)
- Better support for static member variables, inherited variables and namespaces
- Improved typedef support where multiple variables are declared at once
- Avoid checking code multiple times by calculating a checksum. Duplicate preprocessor configurations are eliminated by this.
- Support C++03/C 'auto' keyword
- HTML report: display 'verbose' message using clickable expandable divs

Revision 1.9 / (download) - annotate - [select for diffs], Sun Aug 10 08:21:46 2014 UTC (9 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q4-base, pkgsrc-2014Q4, pkgsrc-2014Q3-base, pkgsrc-2014Q3
Changes since 1.8: +2 -2 lines
Diff to previous 1.8 (colored) to selected 1.4 (colored)

Add upstream bug report URL.

Revision 1.8 / (download) - annotate - [select for diffs], Thu Aug 7 11:35:10 2014 UTC (9 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.7: +5 -4 lines
Diff to previous 1.7 (colored) to selected 1.4 (colored)

Update to 1.66:

Cppcheck-1.66 has been released.

New checks:
- Compare pointer with '\0'
- Assigning boolean expression to floating point variables

Improvements:
- Much improved AST
- Much improved ValueFlow analysis
- ValueFlow and AST now used by much more checks, improving checking
accuracy and performance
- Checking for self assignment now supports more complex expressions
- Returning references to literals or references to calculation
results is detected
- Enhanced support for commutative operators in duplicate expression
checking
- Improved template/enum parsing
- Much improved htmlreport
- Definition of POD types in .cfg files
- Definition of minsize for buffer arguments in .cfg files for
buffer overflow checking
- Fixed handling of #error: Do not report them if -f and -D are
used together
- New .cfg file for AVR platform
- Generate xml dump of AST/ValueFlow/SymbolDatabase/TokenList if
--dump is given
- Improved performance in several cases
- Windows Builds: Now compiled with VS2013, linked against Qt 5.3.1

GUI:
- Platform settings are being saved now
- Improved handling of (invalid) .cfg files
- Use Win32W as default platform on Windows

Additionally, a large number of false positives and crashs has been
fixed.


Cppcheck-1.65 has been released.

General changes:

    Cppcheck requires a C++11 compiler supporting the common subset
    of features supported by GCC 4.4, Visual Studio 2010 and Clang
    2.9
    Problems with packaging and windows installer introduced in
    last release were fixed

Improvements:

    Much improved support of complex combinations of function
    pointers, arrays and references
    Better handling of syntax errors
    Better detection of stack variables passed to free()
    Much improved value flow analysis
    More robust error detection in several checks due to usage of
    AST
    Better handling of unknown Macros in function declarations
    Allocation/Deallocation functions can be extend across different
    .cfg files
    Better handling of some C++11 language features like enum class,
    in-class member initializers
    Detect calling (std::)abs() with bool argument

New checks:

    Check for noexcept and __attribute__((nothrow)) correctness
    Check for unhandled exceptions when exception specifiers are
    used
    Access to empty STL containers
    Repositioning operation on a file opened in append mode
    Find nested redundant if-statements (was experimental before)

Additionally, a large number of false positives and crashs has been
fixed.

cppcheck-1.64 has been released.

Value Flow

A new value flow analysis has been added. It is generic so the same
analysis can be reused by various checkers - previously many checkers
have had their own value flow and control flow analysis. The new
value flow analysis performs context sensitive cross-function
analysis. All checkers that uses this will automatically have
cross-function context sensitive value flow analysis. The new
analysis is gradually introduced in the checkers - the old analysis
in a checker is kept until it is redundant.

The new value flow analysis is so far used to detect:

    division by zero
    null pointer dereference
    array index out of bounds
    invalid function argument

Other Improvements

    Improved configurations for gtk, posix, sdl, std, windows
    Warn when using negative allocation size
    Check 2nd parameter for memset


Cppcheck-1.63 has been released.

Maintainers:
The .cfg files are needed by cppcheck. Either put them in a subfolder
cfg
where the binary is. Otherwise compile cppcheck with CFGDIR to
specify an
arbitrary path where you put the .cfg files.

New check:
* Using pointer addition result in condition 'if (p+1)' - either
a dereference
is forgotten or it depends on UB (the result is only 0 if there is
overflow,
which is UB).

Improved checks:
* Leaks - ignoring return value of allocation function
* Uninitialized vars - check how uninitialized malloc data is used
* Rewritten 'calculation in sizeof' using syntax tree
* Rewritten 'clarify calculation' using syntax tree
* Rewritten 'logical disjunction' using syntax tree
* Rewritten 'duplicate expressions' using syntax tree
* Rewritten 'invalidFunctionUsage' that uses the *.cfg files

GUI:
* Library files can be enabled in the project dialog
* Suppressions can be specified in the project dialog

Other:
* Cppcheck is now continuosly scanning all the source code in the
debian archive.
Results: http://cppcheck.sourceforge.net/devinfo/daca2-report/daca2.html
* Fixes of templates handling, hangs, crashes and false positives

 cppcheck-1.62

New checks
* Divide with variable and then compare to see if variable is 0
* Duplicated inherited member

Improved checking:
* handling of >> in templates
* format string checking
* comparing bool result with integer
* standard isgreater()/islower() functions
* standard math functions
* reassigning struct members

Htmlreport
xml-version 2 is now handled

New checks:
* arithmetical usage of inf/nan result
* suspicious usage of comma in return statement
* sizeof(void)

Improved checking:
* better simplification of strlen
* improved handling of array member variables 'x[y].z..'
* Specific improvements in checks for buffer overruns, format
strings, uninitialized variables

Command line:
* Using both --max-configs and -D. Normally when -D is used, Cppcheck
will only check the given configuration. By using --max-configs
also, you can tell Cppcheck to check more configurations.
* Added --library and --check-library.

Graphical user interface:
* Somewhat improved response when stopping checking

Cppcheck core:
* Extending checking with configuration files. Cppcheck has internal
knowledge for standard C/C++ functions. Knowledge for libraries
and environments can be specified using configuration files.
* Rules: added <tokenlist> that allow you to check 'raw' code and
'normal' code. In the 'raw' code, the comments and #include are
already taken care of, but the #define statements can be analysed.

Revision 1.7 / (download) - annotate - [select for diffs], Sun Jul 14 17:33:59 2013 UTC (10 years, 8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q2-base, pkgsrc-2014Q2, pkgsrc-2014Q1-base, pkgsrc-2014Q1, pkgsrc-2013Q4-base, pkgsrc-2013Q4, pkgsrc-2013Q3-base, pkgsrc-2013Q3
Changes since 1.6: +4 -4 lines
Diff to previous 1.6 (colored) to selected 1.4 (colored)

Update to 1.60.1:

This release fixes a bug in compiled patterns.

Revision 1.6 / (download) - annotate - [select for diffs], Fri Apr 5 15:14:03 2013 UTC (10 years, 11 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2
Changes since 1.5: +4 -4 lines
Diff to previous 1.5 (colored) to selected 1.4 (colored)

Changes 1.59:

Commandline/Settings changes:
 * New option to enable warnings but not style messages: --enable=warning
 * Cppcheck used to skip includes where the header filename is enclosed in <>. You can now include these headers also by using -I. It is still not required to include these headers so feel free to try it and then include the headers that give you the best results. The biggest problem with including many headers is that analysis gets slow.

New checks:
 * New POSIX checks: pipe() buffer size, redundant calls of set/get user id, too big value passed to usleep(), buffer overflow when using write()
 * Storing getc() return value in char variable and comparing to EOF.
 * Detect redundant bitand operations
 * Find suspicious equality comparisons like: if(a == 0) a == 1;
 * Warn about using malloc() for classes containing virtual methods, std::-objects or constructors
 * Portability check that warns when using NULL as argument to variadic function. It has undefined behaviour on some implementations.

Improvements:
 * Improved lookup for functions and types
 * Switched to TinyXml2 as XML library
 * Improved checking for uninitialized struct members, variable scopes that can be reduced and unused functions

GUI:
 * Remember last path in open file dialog
 * Added command line parameter to open a results file
 * Bug in statistic calculation fixed

Additionally, lots of false positives and bugs have been fixed and several existing checks have been improved.

Revision 1.5 / (download) - annotate - [select for diffs], Thu Nov 29 13:52:51 2012 UTC (11 years, 4 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2013Q1-base, pkgsrc-2013Q1, pkgsrc-2012Q4-base, pkgsrc-2012Q4
Changes since 1.4: +4 -4 lines
Diff to previous 1.4 (colored)

Update to 1.57

* Drop cmake support (upstream does not cmake anymore)
* To build GUI, qmake is needed

Changelog:
* Bug fixes
* Many improvements
* Improve translations

Revision 1.4 / (download) - annotate - [selected], Sun May 29 11:52:12 2011 UTC (12 years, 10 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2012Q3-base, pkgsrc-2012Q3, pkgsrc-2012Q2-base, pkgsrc-2012Q2, pkgsrc-2012Q1-base, pkgsrc-2012Q1, pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2
Changes since 1.3: +4 -4 lines
Diff to previous 1.3 (colored)

Update to 1.48. Ok reed except for the cmake dependency :)

Release notes for 1.48

There are no major new features in 1.48. There are more and better
checks.

New check: Wrong usage of ! operator in conditions.  Example: if
(!x == 0) {

New check: Use "throw" without arguments to rethrow exceptions.

New check: Comparison of substring with string literal will
always/never match because size doesn't match.

New check: Postfix increment of boolean

New check: Clarify condition with parantheses (when there are
assignment + comparison) Example: if (a = b > 0) {


Release notes for 1.47

It is now possible to exclude files and folders from the analysis.
Use -i on the command line (i=ignore).

Custom rules can now be created using regular expressions. To read
more about creating custom rules, see
http://sourceforge.net/projects/cppcheck/files/Articles/

A new XML format is launched. To use this format, the --xml-version=2
is used. The new xml format is incompatible with the xml format
used in previous versions. The old XML format will still be used
unless --xml-version=2 is given, so your existing scripts, tools
and plugins should still work.

New check: sizeof used on array variable that is a function parameter.
The expected bahaviour is most likely that the sizeof result is
the size of the array, but the actual sizeof result is the size of
the pointer.

New check: catching exception by value. It is better to catch by
reference for various reasons.

New check: memset calls filling 0 bytes. The given size might be
wrong.

Revision 1.3 / (download) - annotate - [select for diffs], Wed Dec 15 13:01:38 2010 UTC (13 years, 3 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4
Changes since 1.2: +4 -4 lines
Diff to previous 1.2 (colored) to selected 1.4 (colored)

Update to 1.46.1:

Release notes for 1.46

This release has improvements and bug fixes.

We fixed 153 tickets, and that is a somewhat "usual" number for a Cppcheck release.

The report has been improved. New severities were added to make the messages more informational. The possible severities are now:
 * error
 * warning
 * style
 * performance

This has no effect on the command line flags nor the xml report. The command line flags and the xml report is fully compatible with previous versions.

These are the new checks that were added:
 * detect dangerous usage of string::c_str()
 * warn for unused variable when only doing malloc/free
 * warn when assert has side effects
 * warn for mutual exclusion over ||. The condition is always false. Example: 'if (x != 1 || x != 4)'

More details about all the fixed tickets can be found here:
http://sourceforge.net/apps/trac/cppcheck/milestone/1.46


Release notes for 1.46.1

Fix segmentation fault.

Revision 1.2 / (download) - annotate - [select for diffs], Sun May 2 10:54:40 2010 UTC (13 years, 10 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2010Q3-base, pkgsrc-2010Q3, pkgsrc-2010Q2-base, pkgsrc-2010Q2
Changes since 1.1: +4 -4 lines
Diff to previous 1.1 (colored) to selected 1.4 (colored)

Update to 1.42:

This release fixes a crash with the --errorlist option.

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Tue Feb 2 16:35:46 2010 UTC (14 years, 1 month ago) by reed
Branch: TNF
CVS Tags: pkgsrc-base, pkgsrc-2010Q1-base, pkgsrc-2010Q1
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored) to selected 1.4 (colored)

new package: cppcheck

cppcheck is a tool for static C/C++ code analysis intended to
complement the checking of the compiler.  It checks for memory
leaks, mismatching allocation-deallocation, buffer overrun, unused
functions, coding style, and much more.

Revision 1.1 / (download) - annotate - [select for diffs], Tue Feb 2 16:35:46 2010 UTC (14 years, 1 month ago) by reed
Branch: MAIN
Diff to selected 1.4 (colored)

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>