本文详细介绍Cppcheck这一强大的C/C++静态代码分析工具。它能检测编译器可能忽略的潜在bug,如未使用的变量、越界访问、空指针引用等。文章通过实例展示如何安装并使用Cppcheck,帮助开发者提升代码质量。
cppcheck Tool for static C/C++ code analysis
描述
Cppcheck is a command-line tool that tries to detect bugs that your C/C++ compiler doesn't see. It is versatile, and can check non-standard code including
various compiler extensions, inline assembly code, etc. Its internal preprocessor can handle includes, macros, and several preprocessor commands. While
Cppcheck is highly configurable, you can start using it just by giving it a path to the source code.
用法
虚拟机里面安装命令:yum install cppcheck,使用方法:cppcheck --enable=all [files or paths],重点看error打印
提示
风格:
ubus.c:214]: (style) The scope of the variable 'ret' can be reduced.
ubus.c:219]: (style) Variable 'ret' is assigned a value that is never used.
gnss_hal.c:230]: (style) Variable 'bpos' is assigned a value that is never used.
ret变量没有使用
错误:
ubus.c:264]: (error) Common realloc mistake: 'main_object_methods' nulled but not freed upon failure
指针没有判断NULL,且没有地方进行free
service_ubus.c:185]: (error) Buffer is accessed out of bounds: data
buffer明显越界
upgrade_handler.c:106]: (error) Null pointer dereference: path
有访问空指针的风险
timing_pal.c:1480]: (error) Division by zero.
有除0的风险
扫一扫
1137
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
