forked from pool/cppcheck
c62715bad4
- update to 2.13.0 * newCheck passedByValueCallback for functions which take a parameter by value but are used as callbacks * newCheck returnImplicitInt for C functions without return type * newCheck iterateByValue for iterating by value in a range-based for loop when a const reference could be used - Drop patches werror-return-type.patch, eb076d87.patch, and CVE-2023-39070.patch which are part of upstream or fixed in a similar way. OBS-URL: https://build.opensuse.org/request/show/1134958 OBS-URL: https://build.opensuse.org/package/show/devel:tools/cppcheck?expand=0&rev=122
1082 lines
42 KiB
Plaintext
1082 lines
42 KiB
Plaintext
-------------------------------------------------------------------
|
|
Sun Dec 24 06:43:54 UTC 2023 - Christoph G <foss@grueninger.de>
|
|
|
|
- update to 2.13.0
|
|
* newCheck passedByValueCallback for functions which take a
|
|
parameter by value but are used as callbacks
|
|
* newCheck returnImplicitInt for C functions without return type
|
|
* newCheck iterateByValue for iterating by value in a range-based
|
|
for loop when a const reference could be used
|
|
- Drop patches werror-return-type.patch, eb076d87.patch, and
|
|
CVE-2023-39070.patch which are part of upstream or fixed in a
|
|
similar way.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 20 23:14:07 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- add CVE-2023-39070.patch (CVE-2023-39070, bsc#1215233)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 9 10:21:24 UTC 2023 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Replace disable-some-tests-about-char-signedness.patch with
|
|
upstream patch to fix tests on non-x86_64 (such as aarch64):
|
|
* eb076d87.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 19 14:21:21 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.12.1:
|
|
* Support importing projects with project-name
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 14 11:18:59 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.12.0:
|
|
* uselessOverride finds overriding functions that either
|
|
duplicate code from or delegate back to the base class
|
|
implementation
|
|
* knownPointerToBool finds pointer to bool conversions that are
|
|
always true or false
|
|
* truncLongCastAssignment and truncLongCastReturn check
|
|
additional types, including float/double/long double
|
|
* duplInheritedMember also reports duplicated member functions
|
|
* constParameter*/constVariable* checks find more instances of
|
|
pointers/references that can be const, e.g. when calling
|
|
library functions
|
|
* Write how many checkers was activated after a run
|
|
* Added --checkers-report that can be used to generate a report
|
|
in a file that shows what checkers was activated and disabled
|
|
* The qmake build system has been deprecated and will be
|
|
removed in a future version.
|
|
* Command-line option '--template
|
|
- update to 2.11:
|
|
* pop_back on empty container is UB
|
|
* Improve useStlAlgorithm check to handle many more conditions
|
|
in the loop for any_of, all_of and none_of algorithms
|
|
* ValueFlow can evaluate the return value of functions even
|
|
when conditionals are used
|
|
* ValueFlow will now forward the container sizes being returned
|
|
from a function
|
|
* ValueFlow can infer possible values from possible symbolic
|
|
values
|
|
* Improve valueflow after pushing to container
|
|
* The new option --check-level= has been added that controls
|
|
how much checking is made by Cppcheck. The default checking
|
|
level is "normal". If you feel that you can wait longer on
|
|
results you can use --check-level=exhaustive.
|
|
* It is no longer necessary to run "--check-config" to get
|
|
detailed "missingInclude" and "missingIncludeSystem"
|
|
messages. They will always be issued in the regular analysis
|
|
if "missingInclude" is enabled.
|
|
* "missingInclude" and "missingIncludeSystem" are reported with
|
|
"-j" is > 1 and processes are used in the backend (default in
|
|
non-Windows binaries)
|
|
* "missingInclude" and "missingIncludeSystem" will now cause
|
|
the "--error-exitcode" to be applied
|
|
* "--enable=information" will no longer implicitly enable
|
|
"missingInclude" starting with 2.16. Please enable it
|
|
explicitly if you require it.
|
|
* The `constParameter` and `constVariable` checks have been
|
|
split into 3 different IDs based on if the variable is a
|
|
pointer, a reference, or local. The different IDs will allow
|
|
users to suppress different const warning based on variable
|
|
type.
|
|
* `constParameter`
|
|
* `constParameterReference`
|
|
* `constParameterPointer`
|
|
* `constVariable`
|
|
* `constVariableReference`
|
|
* `constVariablePointer`
|
|
* More command-line parameters will now check if the given
|
|
integer argument is actually valid. Several other internal
|
|
string-to-integer conversions will now be error checked.
|
|
* scanning projects (with -j1) will now defer the analysis of
|
|
markup files until the whole code was processed
|
|
- add werror-return-type.patch to fix false warnings where
|
|
gcc can not properly detect the "noreturn" nature of the function
|
|
|
|
-------------------------------------------------------------------
|
|
Tue May 30 10:57:47 UTC 2023 - Manfred Schwarb <manfred99@gmx.ch>
|
|
|
|
- test suite quirks:
|
|
* Add patch disable-some-tests-about-char-signedness.patch, taken
|
|
from Debian, to disable test "TestCondition::alwaysTrueContainer"
|
|
which fails on "unsigned char" archs (arm, ppc)
|
|
* Run test suite with "-j1", as TestProcessExecutor test is flaky otherwise
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 29 12:13:06 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- switch on Tumbleweed temporarily to gcc 12 to avoid
|
|
"allocator_traits<A>::rebind_alloc<A::value_type> must be A"
|
|
(as mentioned on https://gcc.gnu.org/gcc-13/porting_to.html)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 15 20:23:58 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.10.3:
|
|
* SymbolDatabase: Fix handling of function pointer arguments
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 27 21:39:54 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.10.2:
|
|
* GUI: Set proper title for compliance report dialog
|
|
* GUI: Generate compliance report
|
|
* Tokenizer: tweaked simplification of function pointers
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 31 18:24:47 UTC 2023 - PragmaticLinux <info@pragmaticlinux.com>
|
|
|
|
- install files from the addons/ and platforms/ directories - boo#1207806
|
|
- correct shebang fix for htmlreport/cppcheck-htmlreport
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 30 12:07:50 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.10.0:
|
|
* Many improvements and fixes in checkers.
|
|
* New check: use memset/memcpy instead of loop
|
|
CLI:
|
|
* if the file provided via "--file-list" cannot be opened it
|
|
will now error out
|
|
* add command-line option "--disable=" to individually disable
|
|
checks
|
|
GUI:
|
|
* Detect when installed version is old. There is setting in
|
|
Edit/Preferences to turn this on.
|
|
* Fix path issue with backslashes
|
|
* Cleanup *.ctu-info files after analysis
|
|
Build:
|
|
* the deprecated Makefile option SRCDIR is no longer accepted
|
|
* added CMake option BUILD_CORE_DLL to build lib as
|
|
cppcheck-core.dll with Visual Studio
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 7 22:39:58 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.9.3:
|
|
* various GUI and premium feature handling bugfixes
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Sep 17 16:28:54 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.9:
|
|
* restored check for negative allocation (new[]) and negative VLA sizes from
|
|
cppcheck 1.87 (LCppC backport)
|
|
* replaced hardcoded check for pipe() buffer size by library configuration
|
|
option (LCppC backport)
|
|
* on Windows the callstack is now being written to the output specific via
|
|
"--exception-handling"
|
|
* make it possible to disable the various exception handling parts via the
|
|
CMake options "NO_UNIX_SIGNAL_HANDLING", "NO_UNIX_BACKTRACE_SUPPORT" and
|
|
"NO_WINDOWS_SEH"
|
|
* detect more redundant calls of std::string::c_str(), std::string::substr(),
|
|
and unnecessary copies of containers
|
|
* Add a match function to addon similiar to Token::Match used internally by
|
|
cppcheck:
|
|
* | for either-or tokens(ie struct|class to match either struct or class)
|
|
* !! to negate a token
|
|
* It supports the %any%, %assign%, %comp%, %name%, %op%, %or%, %oror%, and %var% keywords
|
|
* It supports (*), {*}, [*], and <*> to match links
|
|
* @ can be added to bind the token to a name
|
|
* ** can be used to match until a token
|
|
* Add math functions which can be used in library function definition. This
|
|
enables evaluation of more math functions in ValueFlow
|
|
* Further improve lifetime analysis with this pointers
|
|
* Propagate condition values from outer function calls
|
|
* Add debug intrinsics debug_valueflow and debug_valuetype to show more
|
|
detail including source backtraces
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jul 17 16:14:50 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.8.2:
|
|
* do not allocate std::string when column is -1
|
|
* catch internal error during whole program analysis
|
|
* fix whole program analysis
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 7 21:17:15 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.8:
|
|
* Lifetime analysis can now track lifetime across user-defined constructors
|
|
when they are inline and using member initializer list.
|
|
* SymbolDatabase can now deduce iterator types from how they are specified in
|
|
the library files.
|
|
* ValueFlow can evaluate class member functions that return known values.
|
|
* Improve duplicateValueTenary to not warn when used as an lvalue or when one
|
|
branch has side effects
|
|
* Fix variableScope to not warn when variables are used in lambda functions
|
|
* Fix unassignedVariable warnings when using structured bindings
|
|
* Fix redundantInitialization warning when variable is used in a lambda
|
|
* Fix variableScope warnings when using if/while init-statement
|
|
* Improve lifetime analysis when returning variadic template expressions
|
|
* Detect more statements with constStatement
|
|
* Detect variableScope for more types
|
|
* Improvements to unreadVariable
|
|
* Detect more instances of C style casts
|
|
* Warn if the return value of new is discarded
|
|
* The pre-ValueFlow uninitialized checker now uses a different ID as legacyUninitvar
|
|
* Extended library format to exclude specific function argument values
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 19 13:30:47 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.7.5:
|
|
* Import Project: Fix problem with define value with space
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Mar 26 14:06:09 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.7.4:
|
|
* Fixes "undefined reference to `tinyxml2::"
|
|
* Replace tinyxml2_LIBRARY with tinyxml2_LIBRARIES
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Mar 20 19:22:39 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.7.1:
|
|
* Add support for container views. The view attribute has been added to the
|
|
<container> library tag to specify the class is a view. The lifetime
|
|
analysis has been updated to use this new attribute to find dangling
|
|
lifetime containers.
|
|
* Various checker improvements.
|
|
* Fixed false positives.
|
|
- drop fix-i586.patch (obsolete)
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Dec 18 08:34:22 UTC 2021 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.6.3:
|
|
* Fix execution of executable addons from GUI
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Dec 5 20:41:11 UTC 2021 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.6.2:
|
|
* New checks in core cppcheck:
|
|
* missing return in function
|
|
* writing overlapping data, detect undefined behavior
|
|
* compared value is out of possible type range
|
|
* Copy elision optimization can't be applied for return std::move(local)
|
|
* file can not be opened for read and write access at the same
|
|
time on different streams
|
|
* Various improvements
|
|
- drop 0001-Fix-compilation-with-recent-glibc-where-SIGSTKSZ-is-.patch (upstream)
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Sep 19 09:10:14 UTC 2021 - Christophe Giboudeaux <christophe@krop.fr>
|
|
|
|
- Add glibc 2.34 build fix:
|
|
* 0001-Fix-compilation-with-recent-glibc-where-SIGSTKSZ-is-.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Jul 17 13:10:26 UTC 2021 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.5:
|
|
* checked that all features in c++11, c++14, c++17 are supported
|
|
* c++20 support is improved but not complete yet
|
|
* improved library files, better knowledge about APIs
|
|
* improved checks to detect more bugs
|
|
* fixed checks to avoid unwanted warnings
|
|
* suspicious container/iterator assignment in condition
|
|
* rethrow without current handled exception
|
|
- drop 0002-Another-gcc11-fix-3179.patch, 0001-Fix-gcc11-build-errors.patch: upstream
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 1 09:00:08 UTC 2021 - Christophe Giboudeaux <christophe@krop.fr>
|
|
|
|
- Add GCC compatibility fixes:
|
|
* 0001-Fix-gcc11-build-errors.patch
|
|
* 0002-Another-gcc11-fix-3179.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 10 06:49:08 UTC 2021 - Stephan Kulow <coolo@suse.com>
|
|
|
|
- add fix-i586.patch to fix compilation on i586, where the test
|
|
case tests the wrong IntRange
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 24 08:12:09 UTC 2021 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.4.1:
|
|
* fix for windows installer, no other changes
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 22 21:23:13 UTC 2021 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.4:
|
|
* Detect one definition rule violations
|
|
* MISRA improvements
|
|
* ImportProject fixes
|
|
* Various bug hunting improvements
|
|
* Fixes when importing AST from clang
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Dec 12 15:28:36 UTC 2020 - Milan Savić <milsav92@outlook.com>
|
|
|
|
- Update to version 2.3
|
|
|
|
Improved C++ parser:
|
|
* types
|
|
* wrong operands in ast
|
|
* better simplification of templates
|
|
Improved clang import, various fixes.
|
|
Improved value flow analysis
|
|
Fixed false positives
|
|
Improved configuration in library files
|
|
* boost.cfg
|
|
* googletest.cfg
|
|
* qt.cfg
|
|
* windows.cfg
|
|
* wxwidgets.cfg
|
|
Added several Misra rules:
|
|
* 6.1
|
|
* 6.2
|
|
* 7.2
|
|
* 7.4
|
|
* 9.2
|
|
* 10.2
|
|
* 15.4
|
|
Added platforms:
|
|
* elbrus e1c+
|
|
* pic
|
|
* pic8
|
|
* mips
|
|
|
|
- Update to version 2.2
|
|
|
|
New checks:
|
|
* incorrect usage of mutexes and lock guards
|
|
* Dereference end iterator
|
|
* Iterating a known empty container
|
|
* outOfBounds check for iterators to containers
|
|
Removed 'operator=' check that ensures reference to self is returned. That is not about safety.
|
|
Improved parser
|
|
* various ast fixes
|
|
Clang parser
|
|
* The Clang import feature in Cppcheck should be considered to be experimental for now. There are problems.
|
|
Improved bug hunting
|
|
* variable constraints
|
|
* handling of multidimension arrays
|
|
* function calls, execute functions that are in same TU
|
|
* improved handling of containers
|
|
* several improvements for uninitialized variables check
|
|
* improved analysis of for loops
|
|
* added a hash value for warnings that can be used for suppressions
|
|
Improved data flow
|
|
* one more heuristic for ternary operators
|
|
* improved data flow for containers
|
|
CLI:
|
|
* Fixed some addon execution problems when there are spaces etc
|
|
GUI:
|
|
* Fix handling of tags
|
|
* Exclude files
|
|
cppcheck-htmlreport:
|
|
* several result files can be combined into 1 output
|
|
Suppressions:
|
|
* comments can be added at end of suppression in suppressions file
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 13 21:16:05 UTC 2020 - Matthias Eliasson <elimat@opensuse.org>
|
|
|
|
- Update to version 2.1
|
|
* We have tweaked build scripts.
|
|
* When you use USE_Z3=yes, we will handle new versions of z3 better. If you
|
|
have an old z3 library and get compilation problems you will need to add
|
|
a z3_version.h in externals.
|
|
* The cmake scripts was updated.
|
|
* There was a couple of bug fixes.
|
|
New check:
|
|
* for "expression % 1" the result is always 0.
|
|
- Run spec-cleaner
|
|
* Remove rpm groups
|
|
- Enable Z3 build flag
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 12 12:54:24 UTC 2020 - Vladislav Savic <vladisav@gmx.com>
|
|
|
|
- Since cppcheck version 1.89 CFGDIR is replaced by FILESDIR and
|
|
cfg files are no longer kept in FILESDIR but in subfolder FILESDIR/cfg.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 4 12:17:56 UTC 2020 - Martin Pluskal <mpluskal@suse.com>
|
|
|
|
- Use cmake macros
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 4 11:32:52 UTC 2020 - Danny Al-Gaaf <opensuse@bisect.de>
|
|
|
|
- Update to version 1.90
|
|
* alias to vector element invalid after vector is changed
|
|
* improved value flow analysis for struct members
|
|
* improved value flow analysis for pointer alias
|
|
* CERT: Added ENV33-C: Do not call system()
|
|
* MISRA: added rules 2.7, 3.2, 4.2, 14.2, 21.1, 21.12
|
|
|
|
- update to version 1.89
|
|
* The default warning message format was changed. The new format
|
|
is similar to GCC. If you want to get warnings in the old
|
|
format, add --template=cppcheck1 to the command line.
|
|
* improved value flow analysis for pointer aliases
|
|
* improved checking for uninitialized variables/structs
|
|
* better checking of smart pointers
|
|
* better checking of global variables
|
|
* Added Cppcheck annotations cppcheck_low(VALUE) and
|
|
cppcheck_high(VALUE)
|
|
* shadow variables; warn when argument is shadowed
|
|
* warn if local reference variable can be const
|
|
* Added API01-C: Avoid laying out strings in memory directly
|
|
before sensitive data
|
|
* Added MSC24-C: Do not use deprecated or obsolescent functions
|
|
* Added STR11-C: Do not specify the bound of a character array
|
|
initialized with a string literal
|
|
* MISRA: added rules 17.2, 18.4, 18.7
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 1 08:22:46 UTC 2019 - Martin Liška <mliska@suse.cz>
|
|
|
|
- Update to version 1.88:
|
|
* Comparing pointers that point to different objects
|
|
* Address of local variable 'x' is accessed at non-zero index
|
|
* STL usage: unnecessary search before insertion
|
|
* Duplicate expression for condition and assignment: if (x==3) x=3;
|
|
* Better handling of C++14 and C++17
|
|
* New command line option --addon used to run addons directly from Cppcheck.
|
|
* Some advanced options are only available in GUI:
|
|
|
|
- Update to version 1.87:
|
|
* --project can now import Cppcheck GUI projects.
|
|
* Condition is always true when array address is compared with 0.
|
|
* function argument expression calculation has known result (#8830)
|
|
* Better lifetime checking (using pointer/reference that points at deleted object)
|
|
* Improved whole program analysis
|
|
* Better handling of language extension var@address.
|
|
* Many improvements in parser to handle templates, type aliases, etc better
|
|
* New addon for checking naming conventions. Naming conventions are configured in json file.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 3 18:13:49 UTC 2019 - Nemanja V <nafsub@outlook.com>
|
|
|
|
- Workaround for CMake lacking a CFGDIR variable.
|
|
* Patch was submitted (https://github.com/danmar/cppcheck/pull/1554)
|
|
and accepted so this change should be reverted and replaced with a CMake compile definition
|
|
-DCFGDIR=\"%{_datadir}/%{name}\" once a new upstream version is released.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Dec 27 10:03:28 UTC 2018 - Martin Pluskal <mpluskal@suse.com>
|
|
|
|
- Small packaging enhancements
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Dec 20 13:40:09 UTC 2018 - Christoph G <foss@grueninger.de>
|
|
|
|
- Use Python 3 instad of Python 2
|
|
- Switch to CMake as the used build system, otherwise Python 3
|
|
could not be detected by plain make
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 19 21:31:18 UTC 2018 - Christoph G <foss@grueninger.de>
|
|
|
|
- Update to 1.86
|
|
* Many fixes in the template simplifier
|
|
* Several fixes in the abstract syntax tree.
|
|
Checking improvements:
|
|
* New check: passing address of char to function that expects a
|
|
strz
|
|
* New check: shadow variables
|
|
* Improved lifetime checking
|
|
* Improved STL iterators checking
|
|
* Improved data flow analysis
|
|
New libraries:
|
|
* zlib
|
|
* googletest
|
|
Addons:
|
|
* misra.py: Fixes for suppressions and exclusions
|
|
* namingng.py: New addon to check naming conventions. Rules are
|
|
specified in json file.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Oct 18 08:43:15 UTC 2018 - mvetter@suse.com
|
|
|
|
- Update to 1.85:
|
|
Changes from 1.83:
|
|
Command line:
|
|
- fixes in parser
|
|
- Improved loading of platform files.
|
|
GUI:
|
|
- few minor improvements in user interface
|
|
- Code preview
|
|
- Added MISRA addon integration
|
|
- Platform can be selected in project settings
|
|
- Fixed issue when loading xml results file
|
|
Addons:
|
|
- We are now officially releasing our MISRA addon. So far it supports MISRA C 2012.
|
|
Changes from 1.85:
|
|
General:
|
|
- We are modernizing the Cppcheck code. Support for MSVC 2010 and GCC 4.4 is dropped.
|
|
You now need a compiler that is at least as good as MSVC 2013 or GCC 4.6.
|
|
Checking improvements:
|
|
- New check: Suggest STL algorithms instead of hard-coded for loops
|
|
- New check: Warn about ineffective algorithms (same iterator passed)
|
|
- New check: Mismatching iterators used together in operators
|
|
- Container (STL/Qt/WxWidgets/etc) access out of bounds
|
|
- Improved the checkers that warns about same/opposite expressions, track variable values better.
|
|
- Variable scope: warn about references also
|
|
Graphical user interface:
|
|
- You can specify undefines in the project file dialog
|
|
- Fixed configuration of suppressions
|
|
- Windows: Fixed issue of wrong/no theme being applied to UI elements
|
|
Misra:
|
|
- support per file excludes from cppcheck
|
|
- support per file suppressions from cppcheck
|
|
- summary will now summarize results for all files again
|
|
- a few false positives were fixed
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Feb 18 10:40:07 UTC 2018 - aloisio@gmx.com
|
|
|
|
- Update to version 1.82
|
|
Bug fixes:
|
|
* Better handling of namespaces
|
|
* Fixed false positives
|
|
* Fixed parsing of compile databases
|
|
* Fixed parsing of visual studio projects
|
|
Enhancements
|
|
* New check; Detect mistakes when there are multiple strcmp() in
|
|
condition
|
|
Example:
|
|
if (strcmp(password,"A")==0 || strcmp(password,"B")==0 || strcmp(password,"C"))
|
|
There is a missing '==0', and therefore this condition is
|
|
always true except when password is "C".
|
|
* New check; pointer calculation result can't be NULL unless
|
|
there is overflow
|
|
Example:
|
|
someType **list_p = ...;
|
|
if ((list_p + 1) == NULL)
|
|
The result for '(list_p + 1)' can't be NULL unless there is
|
|
overflow (UB).
|
|
* New check; public interface of classes should be safe - detect
|
|
possible division by zero
|
|
Example:
|
|
class Fred {
|
|
public:
|
|
void setValue(int mul, int div) {
|
|
value = mul / div; // <- unsafe
|
|
}
|
|
...
|
|
This check does not consider how Fred::setValue() is really
|
|
called.
|
|
If you agree that the public interface of classes should
|
|
always be safe; it should be allowed to call all public
|
|
methods with arbitrary arguments, then this checker will be
|
|
useful.
|
|
* Fixed a few false negatives
|
|
* More information in the cfg files
|
|
|
|
version 1.81
|
|
CPPCHECK:
|
|
* New warning: Check if condition after an early return is
|
|
overlapping and therefore always false.
|
|
* Improved knowledge about C/C++ standard, windows, posix,
|
|
wxwidgets, gnu
|
|
* Better handling of Visual Studio projects
|
|
GUI:
|
|
* Compile: Qt5 is now needed to build the GUI
|
|
* Compile: New qmake flag HAVE_QCHART
|
|
* Project: You can now run cppcheck-addons
|
|
* Project: We have integrated clang-tidy
|
|
* Results view: Reload last results (if cppcheck build dir is
|
|
used) when GUI is started
|
|
* Results view: Tag the warnings with custom keywords
|
|
(bug/todo/not important/etc..)
|
|
* Results view: Shows when warning first appeared (since date)
|
|
* Results view: Suppress warnings through right-click menu
|
|
* Statistics: Added charts (shown if Qt charts module is enabled
|
|
during build)
|
|
|
|
version 1.80
|
|
Checking improvements:
|
|
* Added platform for Atmel AVR 8 bit microcontrollers (avr8)
|
|
* Better 'callstacks' in cppcheck messages
|
|
* Improved gnu.cfg, posix.cfg, wxwidgets.cfg and std.cfg, added
|
|
motif.cfg
|
|
* Various improvements to AST, ValueFlow analysis and template
|
|
parsing
|
|
Command line changes:
|
|
* Deprecated command line argument *-append has been removed
|
|
* New command line argument *-plist-output to create .plist
|
|
files
|
|
* New command line argument *-output-file to print output to
|
|
file directly
|
|
* Check OpenCL files (.cl)
|
|
GUI:
|
|
* Support export of statistics to PDF
|
|
* Several small usability improvements
|
|
|
|
* Additionally, lots of false positives and bugs have been fixed
|
|
and several existing checks have been improved.
|
|
|
|
version 1.79
|
|
General changes:
|
|
* C++ code in C files is rejected now (use *-language=c++ to
|
|
enforce checking the code as C++)
|
|
* Write function access type to XML dump
|
|
Checking improvements:
|
|
* Improved configuration extraction in preprocessor
|
|
* Improved accuracy of AST
|
|
* Improved template parsing
|
|
* Improved support for (STL) containers in SymbolDatabase
|
|
* Improved support for C++11's 'auto' type
|
|
* Experimental support for uninitialized variables in ValueFlow
|
|
analysis
|
|
* Added qt.cfg and sfml.cfg, improved several existing .cfg files
|
|
GUI:
|
|
* Use CFGDIR macro
|
|
|
|
* Additionally, lots of false positives and bugs have been fixed
|
|
and several existing checks have been improved.
|
|
|
|
version 1.78
|
|
General changes:
|
|
* Reduced memory usage by up to 10% by reducing size of token
|
|
list
|
|
New checks:
|
|
* Mismatching argument names between function declaration and
|
|
definition
|
|
* Detect classes which have a copy constructor but no copy
|
|
operator and vice versa
|
|
Checking improvements:
|
|
* Improved matching of overloaded functions
|
|
* Improved ValueType analysis, especially related to allocations
|
|
with "new" and C++11's "auto"
|
|
* Improved support for C++11 brace initialization
|
|
* Improved ValueFlow analysis
|
|
* Improved template parsing
|
|
* Improved detection of memory leaks
|
|
* Improved nullpointer checking when nullptr and NULL are used
|
|
* Detect array out of bounds across compilation units
|
|
* Extended windows.cfg, posix.cfg and std.cfg
|
|
|
|
* Additionally, lots of false positives and bugs have been fixed
|
|
and several existing checks have been improved.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 21 10:28:21 UTC 2017 - mpluskal@suse.com
|
|
|
|
- Use qmake macros
|
|
- Run spec-cleaner
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 21 08:09:22 UTC 2017 - fvogt@suse.com
|
|
|
|
- Update to version 1.77:
|
|
* Added flag --cppcheck-build-dir to allow incremental analysis and inter-file checking
|
|
* Improved --project support for Visual Studio solutions
|
|
* Detect pointer overflow
|
|
* Detect usage of variable after std::move or std::forward
|
|
* Warn about number and char literals in boolean expressions
|
|
* Improved checking for variables modified but not used again
|
|
* Libraries: Added support to specify <returnValue>
|
|
* Improved ValueFlow, especially related to function return values and casts
|
|
* Improved simplification of Null values to allow more accurate checking
|
|
* Several improvements to windows.cfg, posix.cfg, gnu.cfg and std.cfg
|
|
* Reimplemented check for using iterators of mismatching containers... read more
|
|
- Always build Qt5 GUI
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Feb 20 18:58:43 UTC 2016 - crrodriguez@opensuse.org
|
|
|
|
- Build the GUI against QT5 in newish products.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 15 13:00:50 UTC 2015 - Adam Mizerski <adam@mizerski.pl>
|
|
|
|
- update to 1.70
|
|
* General changes:
|
|
- New version of .cfg file format, adding support for
|
|
namespaces and declaring several functions at once
|
|
- Support building x64 installer for Windows; Both x64 and x86
|
|
builds are now provided
|
|
- Warn about deprecated options --suppressions and
|
|
--exitcode-suppressions. They will be removed in future
|
|
- Added debugging option --debug-normal, which prints out debug
|
|
output before second stage simplification
|
|
* New checks:
|
|
- Warn about modifying string literals
|
|
- Detect declaration of variable length arrays with negative
|
|
size
|
|
- Warn about implicit type conversion from int to long
|
|
- Warn about redundant code in conditions like (y || (!y && z))
|
|
- Detect conditions with known result
|
|
- Race condition: non-interlocked access after
|
|
InterlockedDecrement()
|
|
- Detect unused 'goto' labels
|
|
* Removed checks:
|
|
- Do no longer warn about a bug in scanf implementation of
|
|
ancient glibc versions
|
|
- Multifile analysis (added in 1.69) has been removed because
|
|
it did not work
|
|
- Removed ExecutionPath checker, which has been superseeded by
|
|
ValueFlow analysis
|
|
* Improvements:
|
|
- Support hexadecimal floating point numbers (C99)
|
|
- Support [[deprecated]] (C++14)
|
|
- Improved handling of sizeof()
|
|
- Improved handling of reserved keywords
|
|
- Better handling of C declaration specifiers; support
|
|
complex/_Complex (C99)
|
|
- Better handling of ternary operator in ValueFlow analysis
|
|
- Lots of improvements to .cfg files, especially std.cfg, which
|
|
now supports namespace std
|
|
- Improved performance and memory usage of Preprocessor
|
|
- Improved performance of matchcompiler
|
|
- Reduced Disk IO when ignoring paths
|
|
- Removed several obsolete simplifications
|
|
- Added python addons: naming.py, threadsafety.py and cert.py
|
|
* GUI:
|
|
- Support printing
|
|
- Added item "Open containing folder" to context menu
|
|
* Additionally, lots of false positives and bugs have been fixed
|
|
and several existing checks have been improved.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 15 13:48:34 UTC 2015 - Adam Mizerski <adam@mizerski.pl>
|
|
|
|
- update do 1.69
|
|
* General changes:
|
|
- Added flag --platform=native, when it is used type sizes and
|
|
behaviour of host system are used
|
|
- Backward compatibility for Libary files is now working.
|
|
Future cppcheck versions will be able to use libraries
|
|
written for previous versions
|
|
- Windows 32 bit builds now set /LARGEADDRESSAWARE, so that
|
|
they can use up to 4 GiB
|
|
* New checks:
|
|
- Detect bad bitmask checks (usage of | where & should be used)
|
|
- Suggest usage of "explicit" for constructors with a single
|
|
parameter
|
|
- Suggest usage of make_shared/make_unique
|
|
- Warn about usage of malloc with auto_ptr
|
|
- Detect redundant pointer operations like &*ptr
|
|
* Improvements:
|
|
- Support std::array (C++11)
|
|
- Detect same expressions in both branches of a ternary
|
|
operator
|
|
- New <container>-tags in libraries to configure STL (and
|
|
similar) container types
|
|
- Several improvements to ValueFlow analysis (for example
|
|
support for default function arguments)
|
|
- Improved buffer overrun and memory leak checking
|
|
- Removed a bunch of redundant checking code
|
|
- Removed several simplifications
|
|
- Stronger matching of library functions
|
|
- Lots of additions to std.cfg and posix.cfg
|
|
- New library for Microsoft SAL (microsoft_sal.cfg)
|
|
- Improved C++11 template parsing (">>" as closing brackets,
|
|
variadic templates)
|
|
- Added statistics to htmlreport
|
|
* GUI:
|
|
- Fixed language selection
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 8 11:04:07 UTC 2015 - danny.al-gaaf@bisect.de
|
|
|
|
- update to 1.68:
|
|
* New checks:
|
|
- Multifile checking for buffer overruns and uninitialized
|
|
variables
|
|
* Improvements:
|
|
- Libraries are now able to contain platform specific types
|
|
- Improved handling of function overloads
|
|
- Improved handling of integer literal suffixes
|
|
- Improved stability of template parsing
|
|
- Improved accuracy of ValueFlow analysis
|
|
- Improved checking of pointer overflow
|
|
- Support noexcept(false)
|
|
- Support __attribute__((noreturn))
|
|
- A bunch of additions to several Libraries, especially
|
|
posix.cfg and qt.cfg
|
|
* Additionally, lots of false positives and bugs have been fixed
|
|
and several existing checks have been improved.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 22 05:00:02 UTC 2014 - danny.al-gaaf@bisect.de
|
|
|
|
- update to 1.67:
|
|
* General changes:
|
|
- Library files have now a 'format' attribute. Format version
|
|
1 is assumed by default
|
|
- Cppcheck does no longer abort checking if unhandled
|
|
characters (Non-ASCII) are found
|
|
* New checks:
|
|
- Check for unused return values
|
|
- Detect shift by too many bits, signed integer overflow and
|
|
dangerous sign conversion
|
|
- Recommend usage of expm1(), log1p(), erfc()
|
|
- Division by sizeof() as parameter to memset/memcpy/
|
|
memmove/etc. as they expect a size in bytes
|
|
- Several new va_arg related checks:
|
|
-- Wrong parameter passed to va_start()
|
|
-- Reference passed to va_start()
|
|
-- Missing va_end()
|
|
-- Using va_list before it is opened
|
|
-- Subsequent calls to va_start/va_copy()
|
|
- Initialization by itself in initializer list
|
|
- Dead pointer usage when pointer alias local variable that
|
|
has gone out of scope
|
|
* Improvements:
|
|
- Support uniform initialization syntax (C++11)
|
|
- Much improvements to value flow analysis
|
|
- Improved AST creation (support placement new, C++-style
|
|
casts, templates, operator new[], ...)
|
|
- Improved lambda support
|
|
- Support GCC extension __attriute__((used)) and MSVC
|
|
extension __declspec(property)
|
|
- Better support for static member variables, inherited
|
|
variables and namespaces
|
|
- Improved typedef support where multiple variables are
|
|
declared at once
|
|
- Avoid checking code multiple times by calculating a checksum.
|
|
Duplicate preprocessor configurations are eliminated by this.
|
|
- Support C++03/C 'auto' keyword
|
|
- HTML report: display 'verbose' message using clickable
|
|
expandable divs
|
|
* Additionally, lots of false positives and bugs have been fixed
|
|
and several existing checks have been improved.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 1 21:03:35 UTC 2014 - danny.al-gaaf@bisect.de
|
|
|
|
- update to 1.66:
|
|
* new checks added:
|
|
- Compare pointer with '\0'
|
|
- Assigning boolean expression to floating point variables
|
|
* Improvements:
|
|
- Much improved AST
|
|
- Much improved ValueFlow analysis
|
|
- ValueFlow and AST now used by much more checks, improving
|
|
checking accuracy and performance
|
|
- Checking for self assignment now supports more complex
|
|
expressions
|
|
- Returning references to literals or references to calculation
|
|
results is detected
|
|
- Enhanced support for commutative operators in duplicate
|
|
expression checking
|
|
- Improved template/enum parsing
|
|
- Much improved htmlreport
|
|
- Definition of POD types in .cfg files
|
|
- Definition of minsize for buffer arguments in .cfg files
|
|
for buffer overflow checking
|
|
- Fixed handling of #error: Do not report them if -f and -D
|
|
are used together
|
|
- New .cfg file for AVR platform
|
|
- Generate xml dump of AST/ValueFlow/SymbolDatabase/TokenList
|
|
if --dump is given
|
|
- Improved performance in several cases
|
|
|
|
-------------------------------------------------------------------
|
|
Sun May 11 20:56:06 UTC 2014 - danny.al-gaaf@bisect.de
|
|
|
|
- update to 1.65:
|
|
* General changes:
|
|
- Cppcheck requires a C++11 compiler supporting the common
|
|
subset of features supported by GCC 4.4, Visual Studio 2010
|
|
and Clang 2.9
|
|
* Improvements:
|
|
- Much improved support of complex combinations of function
|
|
pointers, arrays and references
|
|
- Better handling of syntax errors
|
|
- Better detection of stack variables passed to free()
|
|
- Much improved value flow analysis
|
|
- More robust error detection in several checks due to usage
|
|
of AST
|
|
- Better handling of unknown Macros in function declarations
|
|
- Allocation/Deallocation functions can be extend across
|
|
different .cfg files
|
|
- Better handling of some C++11 language features like enum
|
|
class, in-class member initializers
|
|
- Detect calling (std::)abs() with bool argument
|
|
* New checks:
|
|
- Check for noexcept and __attribute__((nothrow)) correctness
|
|
- Check for unhandled exceptions when exception specifiers
|
|
are used
|
|
- Access to empty STL containers
|
|
- Repositioning operation on a file opened in append mode
|
|
- Find nested redundant if-statements (was experimental before)
|
|
* Additionally, a large number of false positives and crashs
|
|
has been fixed.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu May 1 21:46:42 UTC 2014 - danny.al-gaaf@bisect.de
|
|
|
|
- update to 1.64
|
|
* See http://sourceforge.net/p/cppcheck/news/ for changes.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 13 09:05:19 UTC 2014 - adam@mizerski.pl
|
|
|
|
- Bundle config files.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jan 10 20:18:57 UTC 2014 - adam@mizerski.pl
|
|
|
|
- update to 1.63
|
|
* See http://sourceforge.net/p/cppcheck/news/ for changes.
|
|
- spec cleanups:
|
|
* Used format_spec_file service for general cleanup.
|
|
* Everything compiles with %optflags now.
|
|
* Added SRCDIR=build CFGDIR=cfg HAVE_RULES=yes options as suggested
|
|
in the readme.txt
|
|
* Added cppcheck.1 man page creation.
|
|
* Cleaned up BuildRequires tags.
|
|
* Added missing Requires: python* tags.
|
|
* Removed unneded "python ./setup.py install".
|
|
* Added COPYING to installed docs.
|
|
* Updated homepage URL.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Apr 11 09:30:47 UTC 2013 - dalgaaf@suse.de
|
|
|
|
- update to 1.59:
|
|
* Commandline/Settings changes:
|
|
- New option to enable warnings but not style messages:
|
|
--enable=warning
|
|
- Cppcheck used to skip includes where the header filename
|
|
is enclosed in <>. You can now include these headers also by
|
|
using -I.
|
|
* New checks:
|
|
- New POSIX checks: pipe() buffer size, redundant calls of
|
|
set/get user id, too big value passed to usleep(), buffer
|
|
overflow when using write()
|
|
- Storing getc() return value in char variable and comparing
|
|
to EOF.
|
|
- Detect redundant bitand operations
|
|
- Find suspicious equality comparisons like: if(a == 0) a == 1;
|
|
- Warn about using malloc() for classes containing virtual
|
|
methods, std::-objects or constructors
|
|
- Portability check that warns when using NULL as argument to
|
|
variadic function. It has undefined behaviour on some
|
|
implementations.
|
|
* Improvements:
|
|
- Improved lookup for functions and types
|
|
- Switched to TinyXml2 as XML library
|
|
- Improved checking for uninitialized struct members,
|
|
variable scopes that can be reduced and unused functions
|
|
* GUI:
|
|
- Remember last path in open file dialog
|
|
- Added command line parameter to open a results file
|
|
- Bug in statistic calculation fixed
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 8 07:46:59 UTC 2013 - highwaystar.ru@gmail.com
|
|
|
|
- update to 1.58
|
|
* Commandline/Settings changes:
|
|
- Added --include to the cppcheck command line client. This forces
|
|
inclusion of the given file. This can for instance be used
|
|
instead of --append and will then allow you to use #define etc also.
|
|
- The threads handling has been improved. Using -jN now works in
|
|
windows also.
|
|
|
|
* Improvements:
|
|
- NULL pointers: Improved checking of default function
|
|
argument values.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 26 04:11:57 UTC 2012 - mrdocs@opensuse.org
|
|
|
|
- update to 1.57
|
|
* Many bug fixes and additions
|
|
* Now requires Qt 4.8.3+
|
|
* Complete versioned change log from 1.53-1.57:
|
|
https://sourceforge.net/news/?group_id=195752
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Mar 10 20:10:56 CET 2012 - jslaby@suse.de
|
|
|
|
- update to 1.53
|
|
* 1.53: improved existing checks to detect more errors
|
|
* 1.52: added new checks
|
|
* 1.51: added new checks and fixed many false positives and false
|
|
negatives
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Aug 28 11:45:37 UTC 2011 - asn@cryptomilk.org
|
|
|
|
- update to 1.50
|
|
* Check for std::auto_ptr misuse (related to strict ownership).
|
|
* Read array and then immediately check if the array index is
|
|
within limits.
|
|
* Assign pointer to int/long.
|
|
* Assign bool to pointer.
|
|
* Duplicate "break" statements in switch.
|
|
* Matching "if" and "else if" conditions when using bitwise and.
|
|
* Matching assigment and condition when using bitwise and test if
|
|
unsigned value is less than zero
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Aug 8 03:54:42 UTC 2011 - mrdocs@opensuse.org
|
|
- version bump to 1.49
|
|
- full change log
|
|
http://raw.github.com/danmar/cppcheck/master/Changelog
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Apr 11 08:46:59 UTC 2011 - asn@cryptomilk.org
|
|
|
|
- update to 1.48
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 6 13:48:46 CET 2011 - asn@cynapses.org
|
|
|
|
- Added a seperate package for the gui.
|
|
- Added cppcheck-htmlreport.
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Oct 3 22:58:13 UTC 2010 - adam@mizerski.pl
|
|
|
|
- update to 1.45
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Aug 22 17:03:39 UTC 2010 - mrdocs@opensuse.org
|
|
|
|
- Updated to 1.44
|
|
- take over maintership
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 1 21:04:39 UTC 2010 - bitshuffler #suse@irc.freenode.org
|
|
|
|
- Updated to 1.43
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 26 19:04:25 UTC 2009 - bitshuffler #suse@irc.freenode.org
|
|
|
|
- Updated to 1.38
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 30 19:21:51 UTC 2009 - bitshuffler #suse@irc.freenode.org
|
|
|
|
- Updated to 1.37
|
|
|
|
-------------------------------------------------------------------
|
|
Sat May 16 03:32:31 CEST 2009 - bitshuffler #suse@irc.freenode.org
|
|
|
|
- Updated to 1.32
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 15 03:32:31 CEST 2009 - bitshuffler #suse@irc.freenode.org
|
|
|
|
- Updated to 1.31
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 11 03:32:31 CEST 2009 - bitshuffler #suse@irc.freenode.org
|
|
|
|
- Updated to 1.30
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 10 03:32:31 CEST 2009 - bitshuffler #suse@irc.freenode.org
|
|
|
|
- Initial RPM
|