Cppcheck Premium 25.8.4 Released

Discover the updates in Cppcheck Premium version 25.8.4!

The latest version of Cppcheck Premium, version 25.8.4, is now available. This release focuses on improving the accuracy and stability of MISRA C/C++, CERT C/C++, and HIS Metrics analysis — along with new secure coding checks and improved build support for macOS.

What’s New in 25.8.4

MISRA C/C++ Compliance

MISRA C 2012/2023/2025 Fixes

This update includes a wide range of fixes and refinements across the MISRA C rule sets, improving both precision and reliability.

Key fixes include:

• Rule 2.7: Fixed false positive for parenthesis-enclosed parameters

• Rule 5.6: Fixed false negative for tags not associated with typedef

• Rule 8.2: Fixed false negative for K&R function declarations

• Rule 8.12: Fixed false positive when enumerator is used in expression

• Rule 9.3: Fixed crash with long long array initialization

• Rule 10.3: Exception 2 now applies correctly to both 2012 and 2023 versions

• Rule 10.8: Fixed false positive with UINT32_C macro usage

• Rule 11.2: Fixed false negative for cast expressions like (int16_t *)sp

• Rule 11.4: Improved symbol name reporting for macro usage

• Rule 12.1: Fixed false negative for sizeof x + y expressions

• Rule 14.1: Fixed false negative for unreachable while loop code

• Rule 16.1: Fixed false positive for for-loop inside case statement

• Dir 4.4: Fixed false positive for comments containing @ symbols

MISRA C++ 2023 Fixes

Cppcheck Premium 25.8.4 also refines several MISRA C++ 2023 checks, improving consistency and accuracy for modern C++ codebases.

• Rule 8.0.1: Fixed false negative for a == 0 && b == 0

• Rule 8.2.2: Fixed crash in Android framework with std::make_index_sequence

• Rule 8.2.7: Fixed false positive for const char arrays

• Rule 8.20.1: Fixed false positive for non-wrapping sizeof expressions

• Rule 18.4.1: Fixed false positive for assignment operators resembling move-assignment

• Rule 21.6.3: Fixed false negative for placement new and destructor calls

• Rule 22.3.1: Fixed false positive when assuming constant values from function calls

CERT C/C++ Secure Coding

New CERT Checks

Cppcheck Premium 25.8.4 introduces six new CERT rules to strengthen security and code robustness:

• DCL05-C: Use typedefs of non-pointer types only

• DCL06-C: Use meaningful symbolic constants

• ERR34-C: Detect errors when converting strings to numbers

• EXP30-C: Reuses MISRA C 13.2 functionality for operator precedence

• MSC41-C: Never hard-code sensitive information

• STR30-C: Reuses MISRA C functionality for string handling

CERT Bug Fixes

Numerous fixes and improvements have been made across existing CERT checks, including better null pointer handling, crash prevention, and more accurate detection of common coding issues. Highlights include:

• ARR39-C: Fixed crash with unary operators

• CTR53-CPP: Fixed false negative for loops from end() to begin()

• EXP34-C: Improved handling of null pointers and argv validation

• EXP35-C: Fixed false negatives and crash conditions in struct array handling

• EXP54-CPP: Improved pointer-after-delete and initializer list checks

• OOP55-CPP: Improved static pointer initialization detection

• STR53-CPP: Fixed false negative for accessing std::string::front() on empty strings

HIS Metrics

Bug Fixes

Several metrics-related fixes improve calculation accuracy:

• Cyclomatic Complexity: Fixed count being one too low

• LEVEL Metric: Fixed overestimation for else-if statements

• STMT Metric: Corrected calculation for constructors with initializer lists

Compliance Reporting

• Improved error handling and reporting

• Fixed non-zero return codes when inline suppressions are used

Infrastructure and Build System

Build Improvements

• macOS Support: Added macOS-26 release package