Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

Secrets
ABAP
Ansible
Apex
AzureResourceManager
C
C#
C++
CloudFormation
COBOL
CSS
Dart
Docker
Flex
GitHub Actions
Go
HTML
Java
JavaScript
JSON
JCL
Kotlin
Kubernetes
Objective C
PHP
PL/I
PL/SQL
Python
RPG
Ruby
Rust
Scala
Shell
Swift
Terraform
Text
TypeScript
T-SQL
VB.NET
VB6
XML
YAML

C static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your C code

Filtered: 27 rules found

unpredictable

Impact

Clean code attribute

Arguments evaluation order should not be relied on
Bug
Keywords shall not be used as macros identifiers
Code Smell
Dereferenced null pointers should not be bound to references
Code Smell
Header guards should be followed by a matching "#define" macro
Code Smell
"memcmp" should only be called with pointers to trivially copyable types with no padding
Bug
Stack allocated memory and non-owned memory should not be freed
Bug
The "<stdlib.h>" functions "bsearch" and "qsort" should not be used
Bug
Floating-point arithmetic should be used appropriately
Bug
There shall be no occurrence of "undefined" or "critical unspecified behaviour"
Bug
An "object pointer type" shall not be cast to an integral type other than "std::uintptr_t" or "std::intptr_t"
Code Smell
The pointers returned by the C++ Standard Library functions "localeconv", "getenv", "setlocale" or "strerror" must only be used as if they have pointer to const-qualified type
Bug
Reads and writes on the same file stream shall be separated by a positioning operation
Bug
Local variables shall not have static storage duration
Code Smell
The pointer returned by the C++ Standard Library functions "asctime", "ctime", "gmtime", "localtime", "localeconv", "getenv", "setlocale" or "strerror" must not be used following a subsequent call to the same function
Bug
The "defined" preprocessor operator shall be used appropriately
Bug
The value of an object must not be read before it has been set
Bug
The built-in unary "-" operator should not be applied to an expression of unsigned type
Bug
The built-in relational operators ">", ">=", "<" and "<=" shall not be applied to objects of pointer type, except where they point to elements of the same array
Bug
Subtraction between pointers shall only be applied to pointers that address elements of the same array
Bug
Pointer arithmetic shall not form an invalid pointer
Bug
Operations on a memory location shall be sequenced appropriately
Bug
A function or object with external linkage should be "introduced" in a "header file"
Code Smell
The source code used to implement an "entity" shall appear only once
Bug
The "one-definition rule" shall not be violated
Bug
All "declarations" of a variable or function shall have the same type
Bug
A line whose first token is "#" shall be a valid preprocessing directive
Bug
An object or subobject must not be copied to an overlapping object
Bug

"memcmp" should only be called with pointers to trivially copyable types with no padding

intentionality - logical

reliability

Bug

unpredictable

The function memcmp only returns meaningful results for objects of trivially copyable types without padding. This includes scalar types, arrays, and trivially copyable classes.

Why is this an issue?

How can I fix it?

More Info

memcmp compares the raw memory representation of two objects (what the standard calls their object representation). When objects are not trivially copyable or contain padding, they could have different raw memory representations even though they store identical values. So the result of memcmp is not meaningful.

Padding refers to the insertion of additional bits into a structure or class to ensure proper alignment of its members in memory.

Trivially copyable types include:

scalar types
trivially copyable classes
arrays of these types

A class is trivially copyable when:

all its non-static data members and base classes are trivially copyable types,
it has no virtual functions or base classes,
its destructor is trival,
and one or more of the following special member functions is trivial, and the rest are deleted: copy constructor, move constructor, copy assignment operator, and move assignment operator.

Note: a default implementation is always considered trivial, both when it is explicit (with = default) or implicit (if the special member function is omitted).

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

Developer Edition
Available Since
9.1

In-IDE

SaaS

Self-Hosted