Rulesets for cppcheck

2019-03-11 00:52发布

问题:

Cppcheck allows you to create your own rules files, but I don't know how much of cppcheck's functionality is exposed.

Is anyone working on a set that would enforce JSF or MISRA rules?

回答1:

You won't be able to implement all MISRA/JSF rules and directives as cppcheck rules, mostly only the straightforward ones restricting certain C language features and constructions or that are style-related (some that come to mind: spaces before/after ./->, # of arguments on a single line, use of unions to provide different methods of accessing memory, presence of unsigned/signed before char, etc).

User Ira Baxter pretty much nailed it in a comment on another question touching cppcheck: not everything can be represented/simplified as a pattern. Relying on patterns for custom rules makes it difficult to handle and detect higher level issues, related for example to types (e.g. sizeof() on types; you would have to parse and collect tokens (typedefs, enums) used as a type representation), inheritance (e.g. classes, incl. derived ones, used both as virtual and non-virtual), and scope. Those need to be hard-coded into cppcheck (you could always fork cppcheck...)

In any case, have you touched MISRA (or JSF) rules? Is this a requirement for a project? If not, you could grab a copy of the MISRA guidelines (you already have the JSF ones) and check the ones you can implement using PCRE patterns. If it is a requirement, I suggest you "invest" in a commercial product that does check for MISRA/JSF guidelines and use both tools.

A final note: you don't need all the MISRA/JSF rules, and many tools leave a small percentage of those out.



回答2:

From what I can tell, looking through the documentation, It looks pretty exposed. http://cppcheck.sourceforge.net/manual.pdf .



回答3:

Cppcheck has MISRA support. Here is an overview about the supported rules: supported MISRA rules