Software update

Cppcheck Open-Source 2.9 released

Update to cppcheck open-source.

Daniel Marjamäki
Aug 28, 2022
Software update Cppcheck open-source

We are happy to announce the release of Cppcheck Open-Source 2.9!

Cppcheck Open-Source 2.9 reintroduces checks for negative allocations and VLA sizes from version 1.87, allows configuration for pipe() buffer size, and enhances Windows exception handling output. It introduces options to disable specific exception handling features and improves detection of redundant std::string and container operations. A new match function for addons enhances pattern matching capabilities. The release also extends math function evaluation in ValueFlow, improves lifetime analysis, propagates condition values, and adds debug intrinsics for detailed analysis.

Release notes:

  • restored check for negative allocation (new[]) and negative VLA sizes from cppcheck 1.87 (LCppC backport)
  • replaced hardcoded check for pipe() buffer size by library configuration option (LCppC backport)
  • on Windows the callstack is now being written to the output specific via "--exception-handling"
  • make it possible to disable the various exception handling parts via the CMake options "NO_UNIX_SIGNAL_HANDLING", "NO_UNIX_BACKTRACE_SUPPORT" and "NO_WINDOWS_SEH"
  • detect more redundant calls of std::string::c_str(), std::string::substr(), and unnecessary copies of containers
  • Add a match function to addon similiar to Token::Match used internally by cppcheck:
    • | for either-or tokens(ie struct|class to match either struct or class)
    • !! to negate a token
    • It supports the %any%, %assign%, %comp%, %name%, %op%, %or%, %oror%, and %var% keywords
    • It supports (*), {*}, [*], and <*> to match links
    • @ can be added to bind the token to a name
    • ** can be used to match until a token
  • Add math functions which can be used in library function definition. This enables evaluation of more math functions in ValueFlow
  • Further improve lifetime analysis with this pointers
  • Propagate condition values from outer function calls
  • Add debug intrinsics debug_valueflow and debug_valuetype to show more detail including source backtraces

Similar posts

Software update

Cppcheck Premium 22.4.1 released

Cppcheck Premium 22.4.0 released with new CERT checks for improved code quality and security. Stay updated with the latest software release.

Daniel Marjamäki Apr 19, 2022
Software update

Cppcheck Open-Source 2.11 released

Cppcheck Open-Source 2.11 released with new checks and enhancements for ValueFlow analysis and GUI changes. Explore the latest features and...

Daniel Marjamäki Jun 23, 2023
Software update

Cppcheck Open-Source 2.10 released

Cppcheck Open-Source 2.10 released with significant improvements, new checks, and build changes. Learn about the latest features and updates in this...

Daniel Marjamäki Jan 28, 2023