* Sun Sep 19 2021 Christophe Giboudeaux <christophe@krop.fr>
- Add glibc 2.34 build fix:
* 0001-Fix-compilation-with-recent-glibc-where-SIGSTKSZ-is-.patch
* Sat Jul 17 2021 Dirk Müller <dmueller@suse.com>
- update to 2.5:
* checked that all features in c++11, c++14, c++17 are supported
* c++20 support is improved but not complete yet
* improved library files, better knowledge about APIs
* improved checks to detect more bugs
* fixed checks to avoid unwanted warnings
* suspicious container/iterator assignment in condition
* rethrow without current handled exception
- drop 0002-Another-gcc11-fix-3179.patch, 0001-Fix-gcc11-build-errors.patch: upstream
* Tue Jun 01 2021 Christophe Giboudeaux <christophe@krop.fr>
- Add GCC compatibility fixes:
* 0001-Fix-gcc11-build-errors.patch
* 0002-Another-gcc11-fix-3179.patch
* Mon May 10 2021 Stephan Kulow <coolo@suse.com>
- add fix-i586.patch to fix compilation on i586, where the test
case tests the wrong IntRange
* Wed Mar 24 2021 Dirk Müller <dmueller@suse.com>
- update to 2.4.1:
* fix for windows installer, no other changes
* Mon Mar 22 2021 Dirk Müller <dmueller@suse.com>
- update to 2.4:
* Detect one definition rule violations
* MISRA improvements
* ImportProject fixes
* Various bug hunting improvements
* Fixes when importing AST from clang
* Sat Dec 12 2020 Milan Savi? <milsav92@outlook.com>
- Update to version 2.3
Improved C++ parser:
* types
* wrong operands in ast
* better simplification of templates
Improved clang import, various fixes.
Improved value flow analysis
Fixed false positives
Improved configuration in library files
* boost.cfg
* googletest.cfg
* qt.cfg
* windows.cfg
* wxwidgets.cfg
Added several Misra rules:
* 6.1
* 6.2
* 7.2
* 7.4
* 9.2
* 10.2
* 15.4
Added platforms:
* elbrus e1c+
* pic
* pic8
* mips
- Update to version 2.2
New checks:
* incorrect usage of mutexes and lock guards
* Dereference end iterator
* Iterating a known empty container
* outOfBounds check for iterators to containers
Removed 'operator=' check that ensures reference to self is returned. That is not about safety.
Improved parser
* various ast fixes
Clang parser
* The Clang import feature in Cppcheck should be considered to be experimental for now. There are problems.
Improved bug hunting
* variable constraints
* handling of multidimension arrays
* function calls, execute functions that are in same TU
* improved handling of containers
* several improvements for uninitialized variables check
* improved analysis of for loops
* added a hash value for warnings that can be used for suppressions
Improved data flow
* one more heuristic for ternary operators
* improved data flow for containers
CLI:
* Fixed some addon execution problems when there are spaces etc
GUI:
* Fix handling of tags
* Exclude files
cppcheck-htmlreport:
* several result files can be combined into 1 output
Suppressions:
* comments can be added at end of suppression in suppressions file
* Mon Jul 13 2020 Matthias Eliasson <elimat@opensuse.org>
- Update to version 2.1
* We have tweaked build scripts.
* When you use USE_Z3=yes, we will handle new versions of z3 better. If you
have an old z3 library and get compilation problems you will need to add
a z3_version.h in externals.
* The cmake scripts was updated.
* There was a couple of bug fixes.
New check:
* for "expression % 1" the result is always 0.
- Run spec-cleaner
* Remove rpm groups
- Enable Z3 build flag
* Thu Mar 12 2020 Vladislav Savic <vladisav@gmx.com>
- Since cppcheck version 1.89 CFGDIR is replaced by FILESDIR and
cfg files are no longer kept in FILESDIR but in subfolder FILESDIR/cfg.
* Wed Mar 04 2020 Martin Pluskal <mpluskal@suse.com>
- Use cmake macros
* Wed Mar 04 2020 Danny Al-Gaaf <opensuse@bisect.de>
- Update to version 1.90
* alias to vector element invalid after vector is changed
* improved value flow analysis for struct members
* improved value flow analysis for pointer alias
* CERT: Added ENV33-C: Do not call system()
* MISRA: added rules 2.7, 3.2, 4.2, 14.2, 21.1, 21.12
- update to version 1.89
* The default warning message format was changed. The new format
is similar to GCC. If you want to get warnings in the old
format, add --template=cppcheck1 to the command line.
* improved value flow analysis for pointer aliases
* improved checking for uninitialized variables/structs
* better checking of smart pointers
* better checking of global variables
* Added Cppcheck annotations cppcheck_low(VALUE) and
cppcheck_high(VALUE)
* shadow variables; warn when argument is shadowed
* warn if local reference variable can be const
* Added API01-C: Avoid laying out strings in memory directly
before sensitive data
* Added MSC24-C: Do not use deprecated or obsolescent functions
* Added STR11-C: Do not specify the bound of a character array
initialized with a string literal
* MISRA: added rules 17.2, 18.4, 18.7
* Mon Jul 01 2019 Martin Li?ka <mliska@suse.cz>
- Update to version 1.88:
* Comparing pointers that point to different objects
* Address of local variable 'x' is accessed at non-zero index
* STL usage: unnecessary search before insertion
* Duplicate expression for condition and assignment: if (x==3) x=3;
* Better handling of C++14 and C++17
* New command line option --addon used to run addons directly from Cppcheck.
* Some advanced options are only available in GUI:
- Update to version 1.87:
* --project can now import Cppcheck GUI projects.
* Condition is always true when array address is compared with 0.
* function argument expression calculation has known result (#8830)
* Better lifetime checking (using pointer/reference that points at deleted object)
* Improved whole program analysis
* Better handling of language extension var@address.
* Many improvements in parser to handle templates, type aliases, etc better
* New addon for checking naming conventions. Naming conventions are configured in json file.
* Thu Jan 03 2019 Nemanja V <nafsub@outlook.com>
- Workaround for CMake lacking a CFGDIR variable.
* Patch was submitted (https://github.com/danmar/cppcheck/pull/1554)
and accepted so this change should be reverted and replaced with a CMake compile definition
- DCFGDIR=\"%{_datadir}/%{name}\" once a new upstream version is released.
* Thu Dec 27 2018 Martin Pluskal <mpluskal@suse.com>
- Small packaging enhancements
* Thu Dec 20 2018 Christoph G <foss@grueninger.de>
- Use Python 3 instad of Python 2
- Switch to CMake as the used build system, otherwise Python 3
could not be detected by plain make
* Wed Dec 19 2018 Christoph G <foss@grueninger.de>
- Update to 1.86
* Many fixes in the template simplifier
* Several fixes in the abstract syntax tree.
Checking improvements:
* New check: passing address of char to function that expects a
strz
* New check: shadow variables
* Improved lifetime checking
* Improved STL iterators checking
* Improved data flow analysis
New libraries:
* zlib
* googletest
Addons:
* misra.py: Fixes for suppressions and exclusions
* namingng.py: New addon to check naming conventions. Rules are
specified in json file.
* Thu Oct 18 2018 mvetter@suse.com
- Update to 1.85:
Changes from 1.83:
Command line:
- fixes in parser
- Improved loading of platform files.
GUI:
- few minor improvements in user interface
- Code preview
- Added MISRA addon integration
- Platform can be selected in project settings
- Fixed issue when loading xml results file
Addons:
- We are now officially releasing our MISRA addon. So far it supports MISRA C 2012.
Changes from 1.85:
General:
- We are modernizing the Cppcheck code. Support for MSVC 2010 and GCC 4.4 is dropped.
You now need a compiler that is at least as good as MSVC 2013 or GCC 4.6.
Checking improvements:
- New check: Suggest STL algorithms instead of hard-coded for loops
- New check: Warn about ineffective algorithms (same iterator passed)
- New check: Mismatching iterators used together in operators
- Container (STL/Qt/WxWidgets/etc) access out of bounds
- Improved the checkers that warns about same/opposite expressions, track variable values better.
- Variable scope: warn about references also
Graphical user interface:
- You can specify undefines in the project file dialog
- Fixed configuration of suppressions
- Windows: Fixed issue of wrong/no theme being applied to UI elements
Misra:
- support per file excludes from cppcheck
- support per file suppressions from cppcheck
- summary will now summarize results for all files again
- a few false positives were fixed
Version: 2.12.1-bp155.2.3.1
* Wed Dec 20 2023 Dirk Müller <dmueller@suse.com>
- add CVE-2023-39070.patch (CVE-2023-39070, bsc#1215233)
* Thu Nov 09 2023 Guillaume GARDET <guillaume.gardet@opensuse.org>
- Replace disable-some-tests-about-char-signedness.patch with
upstream patch to fix tests on non-x86_64 (such as aarch64):
* eb076d87.patch
* Tue Sep 19 2023 Dirk Müller <dmueller@suse.com>
- update to 2.12.1:
* Support importing projects with project-name
* Thu Sep 14 2023 Dirk Müller <dmueller@suse.com>
- update to 2.12.0:
* uselessOverride finds overriding functions that either
duplicate code from or delegate back to the base class
implementation
* knownPointerToBool finds pointer to bool conversions that are
always true or false
* truncLongCastAssignment and truncLongCastReturn check
additional types, including float/double/long double
* duplInheritedMember also reports duplicated member functions
* constParameter*/constVariable* checks find more instances of
pointers/references that can be const, e.g. when calling
library functions
* Write how many checkers was activated after a run
* Added --checkers-report that can be used to generate a report
in a file that shows what checkers was activated and disabled
* The qmake build system has been deprecated and will be
removed in a future version.
* Command-line option '--template
- update to 2.11:
* pop_back on empty container is UB
* Improve useStlAlgorithm check to handle many more conditions
in the loop for any_of, all_of and none_of algorithms
* ValueFlow can evaluate the return value of functions even
when conditionals are used
* ValueFlow will now forward the container sizes being returned
from a function
* ValueFlow can infer possible values from possible symbolic
values
* Improve valueflow after pushing to container
* The new option --check-level= has been added that controls
how much checking is made by Cppcheck. The default checking
level is "normal". If you feel that you can wait longer on
results you can use --check-level=exhaustive.
* It is no longer necessary to run "--check-config" to get
detailed "missingInclude" and "missingIncludeSystem"
messages. They will always be issued in the regular analysis
if "missingInclude" is enabled.
* "missingInclude" and "missingIncludeSystem" are reported with
"-j" is > 1 and processes are used in the backend (default in
non-Windows binaries)
* "missingInclude" and "missingIncludeSystem" will now cause
the "--error-exitcode" to be applied
* "--enable=information" will no longer implicitly enable
"missingInclude" starting with 2.16. Please enable it
explicitly if you require it.
* The `constParameter` and `constVariable` checks have been
split into 3 different IDs based on if the variable is a
pointer, a reference, or local. The different IDs will allow
users to suppress different const warning based on variable
type.
* `constParameter`
* `constParameterReference`
* `constParameterPointer`
* `constVariable`
* `constVariableReference`
* `constVariablePointer`
* More command-line parameters will now check if the given
integer argument is actually valid. Several other internal
string-to-integer conversions will now be error checked.
* scanning projects (with -j1) will now defer the analysis of
markup files until the whole code was processed
- add werror-return-type.patch to fix false warnings where
gcc can not properly detect the "noreturn" nature of the function
* Tue May 30 2023 Manfred Schwarb <manfred99@gmx.ch>
- test suite quirks:
* Add patch disable-some-tests-about-char-signedness.patch, taken
from Debian, to disable test "TestCondition::alwaysTrueContainer"
which fails on "unsigned char" archs (arm, ppc)
* Run test suite with "-j1", as TestProcessExecutor test is flaky otherwise
* Wed Mar 29 2023 Dirk Müller <dmueller@suse.com>
- switch on Tumbleweed temporarily to gcc 12 to avoid
"allocator_traits<A>::rebind_alloc<A::value_type> must be A"
(as mentioned on https://gcc.gnu.org/gcc-13/porting_to.html)
* Wed Mar 15 2023 Dirk Müller <dmueller@suse.com>
- update to 2.10.3:
* SymbolDatabase: Fix handling of function pointer arguments
* Mon Feb 27 2023 Dirk Müller <dmueller@suse.com>
- update to 2.10.2:
* GUI: Set proper title for compliance report dialog
* GUI: Generate compliance report
* Tokenizer: tweaked simplification of function pointers
Version: 2.10-bp155.1.5
* Tue Jan 31 2023 PragmaticLinux <info@pragmaticlinux.com>
- install files from the addons/ and platforms/ directories - boo#1207806
- correct shebang fix for htmlreport/cppcheck-htmlreport
* Mon Jan 30 2023 Dirk Müller <dmueller@suse.com>
- update to 2.10.0:
* Many improvements and fixes in checkers.
* New check: use memset/memcpy instead of loop
CLI:
* if the file provided via "--file-list" cannot be opened it
will now error out
* add command-line option "--disable=" to individually disable
checks
GUI:
* Detect when installed version is old. There is setting in
Edit/Preferences to turn this on.
* Fix path issue with backslashes
* Cleanup *.ctu-info files after analysis
Build:
* the deprecated Makefile option SRCDIR is no longer accepted
* added CMake option BUILD_CORE_DLL to build lib as
cppcheck-core.dll with Visual Studio
* Wed Dec 07 2022 Dirk Müller <dmueller@suse.com>
- update to 2.9.3:
* various GUI and premium feature handling bugfixes
* Sat Sep 17 2022 Dirk Müller <dmueller@suse.com>
- update to 2.9:
* restored check for negative allocation (new[]) and negative VLA sizes from
cppcheck 1.87 (LCppC backport)
* replaced hardcoded check for pipe() buffer size by library configuration
option (LCppC backport)
* on Windows the callstack is now being written to the output specific via
"--exception-handling"
* make it possible to disable the various exception handling parts via the
CMake options "NO_UNIX_SIGNAL_HANDLING", "NO_UNIX_BACKTRACE_SUPPORT" and
"NO_WINDOWS_SEH"
* detect more redundant calls of std::string::c_str(), std::string::substr(),
and unnecessary copies of containers
* Add a match function to addon similiar to Token::Match used internally by
cppcheck:
* | for either-or tokens(ie struct|class to match either struct or class)
* !! to negate a token
* It supports the %any%, %assign%, %comp%, %name%, %op%, %or%, %oror%, and %var% keywords
* It supports (*), {*}, [*], and <*> to match links
* @ can be added to bind the token to a name
* ** can be used to match until a token
* Add math functions which can be used in library function definition. This
enables evaluation of more math functions in ValueFlow
* Further improve lifetime analysis with this pointers
* Propagate condition values from outer function calls
* Add debug intrinsics debug_valueflow and debug_valuetype to show more
detail including source backtraces
Version: 1.82-bp150.2.5
* Sun Feb 18 2018 aloisio@gmx.com
- Update to version 1.82
Bug fixes:
* Better handling of namespaces
* Fixed false positives
* Fixed parsing of compile databases
* Fixed parsing of visual studio projects
Enhancements
* New check; Detect mistakes when there are multiple strcmp() in
condition
Example:
if (strcmp(password,"A")==0 || strcmp(password,"B")==0 || strcmp(password,"C"))
There is a missing '==0', and therefore this condition is
always true except when password is "C".
* New check; pointer calculation result can't be NULL unless
there is overflow
Example:
someType **list_p = ...;
if ((list_p + 1) == NULL)
The result for '(list_p + 1)' can't be NULL unless there is
overflow (UB).
* New check; public interface of classes should be safe - detect
possible division by zero
Example:
class Fred {
public:
void setValue(int mul, int div) {
value = mul / div; // <- unsafe
}
...
This check does not consider how Fred::setValue() is really
called.
If you agree that the public interface of classes should
always be safe; it should be allowed to call all public
methods with arbitrary arguments, then this checker will be
useful.
* Fixed a few false negatives
* More information in the cfg files
version 1.81
CPPCHECK:
* New warning: Check if condition after an early return is
overlapping and therefore always false.
* Improved knowledge about C/C++ standard, windows, posix,
wxwidgets, gnu
* Better handling of Visual Studio projects
GUI:
* Compile: Qt5 is now needed to build the GUI
* Compile: New qmake flag HAVE_QCHART
* Project: You can now run cppcheck-addons
* Project: We have integrated clang-tidy
* Results view: Reload last results (if cppcheck build dir is
used) when GUI is started
* Results view: Tag the warnings with custom keywords
(bug/todo/not important/etc..)
* Results view: Shows when warning first appeared (since date)
* Results view: Suppress warnings through right-click menu
* Statistics: Added charts (shown if Qt charts module is enabled
during build)
version 1.80
Checking improvements:
* Added platform for Atmel AVR 8 bit microcontrollers (avr8)
* Better 'callstacks' in cppcheck messages
* Improved gnu.cfg, posix.cfg, wxwidgets.cfg and std.cfg, added
motif.cfg
* Various improvements to AST, ValueFlow analysis and template
parsing
Command line changes:
* Deprecated command line argument *-append has been removed
* New command line argument *-plist-output to create .plist
files
* New command line argument *-output-file to print output to
file directly
* Check OpenCL files (.cl)
GUI:
* Support export of statistics to PDF
* Several small usability improvements
* Additionally, lots of false positives and bugs have been fixed
and several existing checks have been improved.
version 1.79
General changes:
* C++ code in C files is rejected now (use *-language=c++ to
enforce checking the code as C++)
* Write function access type to XML dump
Checking improvements:
* Improved configuration extraction in preprocessor
* Improved accuracy of AST
* Improved template parsing
* Improved support for (STL) containers in SymbolDatabase
* Improved support for C++11's 'auto' type
* Experimental support for uninitialized variables in ValueFlow
analysis
* Added qt.cfg and sfml.cfg, improved several existing .cfg files
GUI:
* Use CFGDIR macro
* Additionally, lots of false positives and bugs have been fixed
and several existing checks have been improved.
version 1.78
General changes:
* Reduced memory usage by up to 10% by reducing size of token
list
New checks:
* Mismatching argument names between function declaration and
definition
* Detect classes which have a copy constructor but no copy
operator and vice versa
Checking improvements:
* Improved matching of overloaded functions
* Improved ValueType analysis, especially related to allocations
with "new" and C++11's "auto"
* Improved support for C++11 brace initialization
* Improved ValueFlow analysis
* Improved template parsing
* Improved detection of memory leaks
* Improved nullpointer checking when nullptr and NULL are used
* Detect array out of bounds across compilation units
* Extended windows.cfg, posix.cfg and std.cfg
* Additionally, lots of false positives and bugs have been fixed
and several existing checks have been improved.
* Tue Mar 21 2017 mpluskal@suse.com
- Use qmake macros
- Run spec-cleaner
* Tue Mar 21 2017 fvogt@suse.com
- Update to version 1.77:
* Added flag --cppcheck-build-dir to allow incremental analysis and inter-file checking
* Improved --project support for Visual Studio solutions
* Detect pointer overflow
* Detect usage of variable after std::move or std::forward
* Warn about number and char literals in boolean expressions
* Improved checking for variables modified but not used again
* Libraries: Added support to specify <returnValue>
* Improved ValueFlow, especially related to function return values and casts
* Improved simplification of Null values to allow more accurate checking
* Several improvements to windows.cfg, posix.cfg, gnu.cfg and std.cfg
* Reimplemented check for using iterators of mismatching containers... read more
- Always build Qt5 GUI
* Sat Feb 20 2016 crrodriguez@opensuse.org
- Build the GUI against QT5 in newish products.
* Tue Sep 15 2015 Adam Mizerski <adam@mizerski.pl>
- update to 1.70
* General changes:
- New version of .cfg file format, adding support for
namespaces and declaring several functions at once
- Support building x64 installer for Windows; Both x64 and x86
builds are now provided
- Warn about deprecated options --suppressions and
- -exitcode-suppressions. They will be removed in future
- Added debugging option --debug-normal, which prints out debug
output before second stage simplification
* New checks:
- Warn about modifying string literals
- Detect declaration of variable length arrays with negative
size
- Warn about implicit type conversion from int to long
- Warn about redundant code in conditions like (y || (!y && z))
- Detect conditions with known result
- Race condition: non-interlocked access after
InterlockedDecrement()
- Detect unused 'goto' labels
* Removed checks:
- Do no longer warn about a bug in scanf implementation of
ancient glibc versions
- Multifile analysis (added in 1.69) has been removed because
it did not work
- Removed ExecutionPath checker, which has been superseeded by
ValueFlow analysis
* Improvements:
- Support hexadecimal floating point numbers (C99)
- Support [[deprecated]] (C++14)
- Improved handling of sizeof()
- Improved handling of reserved keywords
- Better handling of C declaration specifiers; support
complex/_Complex (C99)
- Better handling of ternary operator in ValueFlow analysis
- Lots of improvements to .cfg files, especially std.cfg, which
now supports namespace std
- Improved performance and memory usage of Preprocessor
- Improved performance of matchcompiler
- Reduced Disk IO when ignoring paths
- Removed several obsolete simplifications
- Added python addons: naming.py, threadsafety.py and cert.py
* GUI:
- Support printing
- Added item "Open containing folder" to context menu
* Additionally, lots of false positives and bugs have been fixed
and several existing checks have been improved.
* Fri May 15 2015 Adam Mizerski <adam@mizerski.pl>
- update do 1.69
* General changes:
- Added flag --platform=native, when it is used type sizes and
behaviour of host system are used
- Backward compatibility for Libary files is now working.
Future cppcheck versions will be able to use libraries
written for previous versions
- Windows 32 bit builds now set /LARGEADDRESSAWARE, so that
they can use up to 4 GiB
* New checks:
- Detect bad bitmask checks (usage of | where & should be used)
- Suggest usage of "explicit" for constructors with a single
parameter
- Suggest usage of make_shared/make_unique
- Warn about usage of malloc with auto_ptr
- Detect redundant pointer operations like &*ptr
* Improvements:
- Support std::array (C++11)
- Detect same expressions in both branches of a ternary
operator
- New <container>-tags in libraries to configure STL (and
similar) container types
- Several improvements to ValueFlow analysis (for example
support for default function arguments)
- Improved buffer overrun and memory leak checking
- Removed a bunch of redundant checking code
- Removed several simplifications
- Stronger matching of library functions
- Lots of additions to std.cfg and posix.cfg
- New library for Microsoft SAL (microsoft_sal.cfg)
- Improved C++11 template parsing (">>" as closing brackets,
variadic templates)
- Added statistics to htmlreport
* GUI:
- Fixed language selection
* Thu Jan 08 2015 danny.al-gaaf@bisect.de
- update to 1.68:
* New checks:
- Multifile checking for buffer overruns and uninitialized
variables
* Improvements:
- Libraries are now able to contain platform specific types
- Improved handling of function overloads
- Improved handling of integer literal suffixes
- Improved stability of template parsing
- Improved accuracy of ValueFlow analysis
- Improved checking of pointer overflow
- Support noexcept(false)
- Support __attribute__((noreturn))
- A bunch of additions to several Libraries, especially
posix.cfg and qt.cfg
* Additionally, lots of false positives and bugs have been fixed
and several existing checks have been improved.
* Wed Oct 22 2014 danny.al-gaaf@bisect.de
- update to 1.67:
* General changes:
- Library files have now a 'format' attribute. Format version
1 is assumed by default
- Cppcheck does no longer abort checking if unhandled
characters (Non-ASCII) are found
* New checks:
- Check for unused return values
- Detect shift by too many bits, signed integer overflow and
dangerous sign conversion
- Recommend usage of expm1(), log1p(), erfc()
- Division by sizeof() as parameter to memset/memcpy/
memmove/etc. as they expect a size in bytes
- Several new va_arg related checks:
- - Wrong parameter passed to va_start()
- - Reference passed to va_start()
- - Missing va_end()
- - Using va_list before it is opened
- - Subsequent calls to va_start/va_copy()
- Initialization by itself in initializer list
- Dead pointer usage when pointer alias local variable that
has gone out of scope
* Improvements:
- Support uniform initialization syntax (C++11)
- Much improvements to value flow analysis
- Improved AST creation (support placement new, C++-style
casts, templates, operator new[], ...)
- Improved lambda support
- Support GCC extension __attriute__((used)) and MSVC
extension __declspec(property)
- Better support for static member variables, inherited
variables and namespaces
- Improved typedef support where multiple variables are
declared at once
- Avoid checking code multiple times by calculating a checksum.
Duplicate preprocessor configurations are eliminated by this.
- Support C++03/C 'auto' keyword
- HTML report: display 'verbose' message using clickable
expandable divs
* Additionally, lots of false positives and bugs have been fixed
and several existing checks have been improved.
* Mon Sep 01 2014 danny.al-gaaf@bisect.de
- update to 1.66:
* new checks added:
- Compare pointer with '\0'
- Assigning boolean expression to floating point variables
* Improvements:
- Much improved AST
- Much improved ValueFlow analysis
- ValueFlow and AST now used by much more checks, improving
checking accuracy and performance
- Checking for self assignment now supports more complex
expressions
- Returning references to literals or references to calculation
results is detected
- Enhanced support for commutative operators in duplicate
expression checking
- Improved template/enum parsing
- Much improved htmlreport
- Definition of POD types in .cfg files
- Definition of minsize for buffer arguments in .cfg files
for buffer overflow checking
- Fixed handling of #error: Do not report them if -f and -D
are used together
- New .cfg file for AVR platform
- Generate xml dump of AST/ValueFlow/SymbolDatabase/TokenList
if --dump is given
- Improved performance in several cases
* Sun May 11 2014 danny.al-gaaf@bisect.de
- update to 1.65:
* General changes:
- Cppcheck requires a C++11 compiler supporting the common
subset of features supported by GCC 4.4, Visual Studio 2010
and Clang 2.9
* Improvements:
- Much improved support of complex combinations of function
pointers, arrays and references
- Better handling of syntax errors
- Better detection of stack variables passed to free()
- Much improved value flow analysis
- More robust error detection in several checks due to usage
of AST
- Better handling of unknown Macros in function declarations
- Allocation/Deallocation functions can be extend across
different .cfg files
- Better handling of some C++11 language features like enum
class, in-class member initializers
- Detect calling (std::)abs() with bool argument
* New checks:
- Check for noexcept and __attribute__((nothrow)) correctness
- Check for unhandled exceptions when exception specifiers
are used
- Access to empty STL containers
- Repositioning operation on a file opened in append mode
- Find nested redundant if-statements (was experimental before)
* Additionally, a large number of false positives and crashs
has been fixed.
* Thu May 01 2014 danny.al-gaaf@bisect.de
- update to 1.64
* See http://sourceforge.net/p/cppcheck/news/ for changes.
* Mon Jan 13 2014 adam@mizerski.pl
- Bundle config files.
* Fri Jan 10 2014 adam@mizerski.pl
- update to 1.63
* See http://sourceforge.net/p/cppcheck/news/ for changes.
- spec cleanups:
* Used format_spec_file service for general cleanup.
* Everything compiles with %optflags now.
* Added SRCDIR=build CFGDIR=cfg HAVE_RULES=yes options as suggested
in the readme.txt
* Added cppcheck.1 man page creation.
* Cleaned up BuildRequires tags.
* Added missing Requires: python* tags.
* Removed unneded "python ./setup.py install".
* Added COPYING to installed docs.
* Updated homepage URL.
* Thu Apr 11 2013 dalgaaf@suse.de
- update to 1.59:
* Commandline/Settings changes:
- New option to enable warnings but not style messages:
- -enable=warning
- Cppcheck used to skip includes where the header filename
is enclosed in <>. You can now include these headers also by
using -I.
* New checks:
- New POSIX checks: pipe() buffer size, redundant calls of
set/get user id, too big value passed to usleep(), buffer
overflow when using write()
- Storing getc() return value in char variable and comparing
to EOF.
- Detect redundant bitand operations
- Find suspicious equality comparisons like: if(a == 0) a == 1;
- Warn about using malloc() for classes containing virtual
methods, std::-objects or constructors
- Portability check that warns when using NULL as argument to
variadic function. It has undefined behaviour on some
implementations.
* Improvements:
- Improved lookup for functions and types
- Switched to TinyXml2 as XML library
- Improved checking for uninitialized struct members,
variable scopes that can be reduced and unused functions
* GUI:
- Remember last path in open file dialog
- Added command line parameter to open a results file
- Bug in statistic calculation fixed
* Fri Feb 08 2013 highwaystar.ru@gmail.com
- update to 1.58
* Commandline/Settings changes:
- Added --include to the cppcheck command line client. This forces
inclusion of the given file. This can for instance be used
instead of --append and will then allow you to use #define etc also.
- The threads handling has been improved. Using -jN now works in
windows also.
* Improvements:
- NULL pointers: Improved checking of default function
argument values.
* Wed Dec 26 2012 mrdocs@opensuse.org
- update to 1.57
* Many bug fixes and additions
* Now requires Qt 4.8.3+
* Complete versioned change log from 1.53-1.57:
https://sourceforge.net/news/?group_id=195752
* Sat Mar 10 2012 jslaby@suse.de
- update to 1.53
* 1.53: improved existing checks to detect more errors
* 1.52: added new checks
* 1.51: added new checks and fixed many false positives and false
negatives
* Sun Aug 28 2011 asn@cryptomilk.org
- update to 1.50
* Check for std::auto_ptr misuse (related to strict ownership).
* Read array and then immediately check if the array index is
within limits.
* Assign pointer to int/long.
* Assign bool to pointer.
* Duplicate "break" statements in switch.
* Matching "if" and "else if" conditions when using bitwise and.
* Matching assigment and condition when using bitwise and test if
unsigned value is less than zero
* Mon Aug 08 2011 mrdocs@opensuse.org
- version bump to 1.49
- full change log
http://raw.github.com/danmar/cppcheck/master/Changelog
* Mon Apr 11 2011 asn@cryptomilk.org
- update to 1.48