facebook pixelCodiga Analysis C / C++ Rules, severity critical
BACK TO LIST

C / C++ rules

C and C++ are really performant languages and can be very error-prone. We all had core dumps and made pointer arithmetic errors! Thankfully, Codiga has hundreds of static analysis rules to flag potential errors in your C/C++ code, automate code reviews and merge with confidence.

arrayIndexOutOfBounds

Safety
Critical

Array accessed out of bounds

assignBoolToPointer

Security
Critical

Boolean value assigned to pointer.

autoVariables

Safety
Critical

Address of local auto-variable assigned to a function parameter.

autovarInvalidDeallocation

Safety
Critical

Deallocation of an global variable results in undefined behaviour.

bufferAccessOutOfBounds

Safety
Critical

Buffer is accessed out of bounds: Ltrans[temp].addr

comparePointers

Safety
Critical

Subtracting pointers that point to different objects

containerOutOfBoundsIndexExpression

Safety
Critical

Out of bounds access of variable

coutCerrMisusage

Error prone
Critical

Invalid usage of output stream: '<< std::cout'.

ctuArrayIndex

Safety
Critical

Detect array access out of bounds

ctunullpointer

Safety
Critical

Null pointer dereference: base

ctuPointerArith

Safety
Critical

Pointer arithmetic overflow

ctuuninitvar

Safety
Critical

Using argument that is uninitialized

danglingLifetime

Safety
Critical

Non-local variable use pointer to local variable

danglingTemporaryLifetime

Safety
Critical

Using object to temporary.

danglingTempReference

Safety
Critical

Using reference to dangling temporary.

deallocret

Safety
Critical

Returning/dereferencing value after it is deallocated / released

deallocuse

Safety
Critical

Dereferencing variable after it is deallocated / released

derefInvalidIterator

Error prone
Critical

Possible dereference of an invalid iterator

doubleFree

Safety
Critical

Memory freed twice

eraseDereference

Error prone
Critical

Value used after being erased

floatConversionOverflow

Safety
Critical

Float conversation overflow

integerOverflow

Safety
Critical

Integer overflow

invalidContainer

Error prone
Critical

Invalid container

invalidContainerLoop

Safety
Critical

Calling 'erase' while iterating the container is invalid.

invalidFunctionArg

Safety
Critical

Invalid function argument

invalidFunctionArgBool

Security
Critical

Invalid boolean argument

invalidFunctionArgStr

Safety
Critical

Invalid string argument

invalidLifetime

Safety
Critical

Invalid use of scope/variable lifetime

invalidScanfFormatWidth

Safety
Critical

scanf call overwrite the memory allocated for the string

IOWithoutPositioning

Error prone
Critical

I/O operations without positioning

iterators3

Safety
Critical

Same iterator is used with different scopes

leakNoVarFunctionCall

Best practice
Critical

Allocation failed

leakReturnValNotUsed

Best practice
Critical

return value of function not stored

memleak

Safety
Critical

Memory leak: table.array

memleakOnRealloc

Safety
Critical

Common realloc mistake: value nulled but not freed upon failure

mismatchAllocDealloc

Design
Critical

Mismatching allocation and deallocation

nullPointer

Safety
Critical

Possible null pointer dereference

nullPointerArithmetic

Safety
Critical

Overflow in pointer arithmetic

operatorEqMissingReturnStatement

Safety
Critical

No 'return' statement in non-void function causes undefined behavior.

pointerArithBool

Safety
Critical

Converting pointer arithmetic result to bool. The bool is always true unless there is undefined behaviour.

readWriteOnlyFile

Safety
Critical

Read operation on a file that was opened only for writing.

resourceLeak

Safety
Critical

Resource leak

returnDanglingLifetime

Safety
Critical

Returning pointer to local variable that will be invalid when returning.

returnReference

Safety
Critical

Reference to local variable returned.

returnTempReference

Security
Critical

Reference to temporary returned.

selfInitialization

Security
Critical

Member variable is initialized by itself.

shiftNegative

Safety
Critical

Shifting by a negative value is undefined behaviour

shiftTooManyBits

Safety
Critical

Shifting 64-bit value by 64 bits is undefined behaviour.

shiftTooManyBitsSigned

Safety
Critical

Shifting signed 32-bit value by 31 bits is implementation-defined behaviour.

sprintfOverlappingData

Safety
Critical

Undefined behavior: Variable is used as parameter and destination in sprintf().

stlcstr

Safety
Critical

Dangerous usage of c_str(). The value returned by c_str() is invalid after this call.

stlOutOfBounds

Safety
Critical

Out of bounds acess to a container

stringLiteralWrite

Code style
Critical

Modifying string literal directly or indirectly is undefined behaviour.

strPlusChar

Safety
Critical

Unusual pointer arithmetic.

throwInNoexceptFunction

Safety
Critical

Exception thrown in function declared not to throw exceptions.

uninitdata

Security
Critical

Memory is allocated but not initialized

uninitStructMember

Security
Critical

Uninitialized struct member

uninitvar

Safety
Critical

Uninitialized variable

useClosedFile

Safety
Critical

Used file that is not opened.

va_end_missing

Safety
Critical

va\_list 'argument\_list' was opened but not closed by va\_end().

va_list_usedBeforeStarted

Safety
Critical

va\_list 'cpy' used before va\_start() was called.

va_start_subsequentCalls

Safety
Critical

va\_start() or va\_copy() called subsequently on 'argptr' without va\_end() in between.

virtualDestructor

Design
Critical

Class which is inherited does not have a virtual destructor.

writeReadOnlyFile

Error prone
Critical

Write operation on a file that was opened only for reading.

wrongPrintfScanfArgNum

Safety
Critical

mismatch printf parameters

zerodiv

Safety
Critical

Division by zero.

missingReturn

Safety
Critical

Missing return statement