Discover the updates in Cppcheck Premium version 25.8.4!
The latest version of Cppcheck Premium, version 25.8.4, is now available. This release focuses on improving the accuracy and stability of MISRA C/C++, CERT C/C++, and HIS Metrics analysis — along with new secure coding checks and improved build support for macOS.
This update includes a wide range of fixes and refinements across the MISRA C rule sets, improving both precision and reliability.
Key fixes include:
Rule 2.7: Fixed false positive for parenthesis-enclosed parameters
Rule 5.6: Fixed false negative for tags not associated with typedef
Rule 8.2: Fixed false negative for K&R function declarations
Rule 8.12: Fixed false positive when enumerator is used in expression
Rule 9.3: Fixed crash with long long array initialization
Rule 10.3: Exception 2 now applies correctly to both 2012 and 2023 versions
Rule 10.8: Fixed false positive with UINT32_C macro usage
Rule 11.2: Fixed false negative for cast expressions like (int16_t *)sp
Rule 11.4: Improved symbol name reporting for macro usage
Rule 12.1: Fixed false negative for sizeof x + y expressions
Rule 14.1: Fixed false negative for unreachable while loop code
Rule 16.1: Fixed false positive for for-loop inside case statement
Dir 4.4: Fixed false positive for comments containing @ symbols
Cppcheck Premium 25.8.4 also refines several MISRA C++ 2023 checks, improving consistency and accuracy for modern C++ codebases.
Rule 8.0.1: Fixed false negative for a == 0 && b == 0
Rule 8.2.2: Fixed crash in Android framework with std::make_index_sequence
Rule 8.2.7: Fixed false positive for const char arrays
Rule 8.20.1: Fixed false positive for non-wrapping sizeof expressions
Rule 18.4.1: Fixed false positive for assignment operators resembling move-assignment
Rule 21.6.3: Fixed false negative for placement new and destructor calls
Rule 22.3.1: Fixed false positive when assuming constant values from function calls
Cppcheck Premium 25.8.4 introduces six new CERT rules to strengthen security and code robustness:
DCL05-C: Use typedefs of non-pointer types only
DCL06-C: Use meaningful symbolic constants
ERR34-C: Detect errors when converting strings to numbers
EXP30-C: Reuses MISRA C 13.2 functionality for operator precedence
MSC41-C: Never hard-code sensitive information
STR30-C: Reuses MISRA C functionality for string handling
Numerous fixes and improvements have been made across existing CERT checks, including better null pointer handling, crash prevention, and more accurate detection of common coding issues. Highlights include:
ARR39-C: Fixed crash with unary operators
CTR53-CPP: Fixed false negative for loops from end() to begin()
EXP34-C: Improved handling of null pointers and argv validation
EXP35-C: Fixed false negatives and crash conditions in struct array handling
EXP54-CPP: Improved pointer-after-delete and initializer list checks
OOP55-CPP: Improved static pointer initialization detection
STR53-CPP: Fixed false negative for accessing std::string::front() on empty strings
Several metrics-related fixes improve calculation accuracy:
Cyclomatic Complexity: Fixed count being one too low
LEVEL Metric: Fixed overestimation for else-if statements
STMT Metric: Corrected calculation for constructors with initializer lists
Improved error handling and reporting
Fixed non-zero return codes when inline suppressions are used
macOS Support: Added macOS-26 release package