SonarSource Rules
  • Products

    In-IDE

    Code Quality and Security in your IDE with SonarQube Ide

    IDE extension that lets you fix coding issues before they exist!

    Discover SonarQube for IDE

    SaaS

    Code Quality and Security in the cloud with SonarQube Cloud

    Setup is effortless and analysis is automatic for most languages

    Discover SonarQube Cloud

    Self-Hosted

    Code Quality and Security Self-Hosted with SonarQube Server

    Fast, accurate analysis; enterprise scalability

    Discover SonarQube Server
  • SecretsSecrets
  • ABAPABAP
  • AnsibleAnsible
  • ApexApex
  • AzureResourceManagerAzureResourceManager
  • CC
  • C#C#
  • C++C++
  • CloudFormationCloudFormation
  • COBOLCOBOL
  • CSSCSS
  • DartDart
  • DockerDocker
  • FlexFlex
  • GitHub ActionsGitHub Actions
  • GoGo
  • HTMLHTML
  • JavaJava
  • JavaScriptJavaScript
  • JSONJSON
  • JCLJCL
  • KotlinKotlin
  • KubernetesKubernetes
  • Objective CObjective C
  • PHPPHP
  • PL/IPL/I
  • PL/SQLPL/SQL
  • PythonPython
  • RPGRPG
  • RubyRuby
  • RustRust
  • ScalaScala
  • SwiftSwift
  • TerraformTerraform
  • TextText
  • TypeScriptTypeScript
  • T-SQLT-SQL
  • VB.NETVB.NET
  • VB6VB6
  • XMLXML
  • YAMLYAML
C

C static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your C code

  • All rules 315
  • Vulnerability13
  • Bug76
  • Security Hotspot19
  • Code Smell207

  • Quick Fix 19
Filtered: 16 rules found
unused
    Impact
      Clean code attribute
        1. Non-empty statements should change control flow or have at least one side-effect

           Bug
        2. Unused type declarations should be removed

           Code Smell
        3. Functions that are not used in a project should be removed

           Code Smell
        4. Forward declarations should not be redundant

           Code Smell
        5. Declarations should not be empty

           Code Smell
        6. Conditionally executed code should be reachable

           Bug
        7. Values should not be uselessly incremented

           Bug
        8. Related "if/else if" statements should not have the same condition

           Bug
        9. Unused assignments should be removed

           Code Smell
        10. All code should be reachable

           Bug
        11. Unused local variables should be removed

           Code Smell
        12. Sections of code should not be commented out

           Code Smell
        13. Unused function parameters should be removed

           Code Smell
        14. Unused functions and methods should be removed

           Code Smell
        15. Empty statements should be removed

           Code Smell
        16. Unused labels should be removed

           Code Smell

        Sections of code should not be commented out

        intentionality - clear
        maintainability
        Code Smell
        Quick FixIDE quick fixes available with SonarLint
        • based-on-misra
        • unused

        Why is this an issue?

        More Info

        Commented-out code distracts the focus from the actual executed code. It creates a noise that increases maintenance code. And because it is never executed, it quickly becomes out of date and invalid.

        Commented-out code should be deleted and can be retrieved from source control history if required.

        Exceptions

        This rule does not apply to code documentation using Doxygen, QDoc, markdown, or HTML tags.

          Available In:
        • SonarQube IdeCatch issues on the fly,
          in your IDE
        • SonarQube CloudDetect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories
        • SonarQube ServerAnalyze code in your
          on-premise CI
          Developer Edition
          Available Since
          9.1

        © 2008-2025 SonarSource SA. All rights reserved.

        Privacy Policy | Cookie Policy | Terms of Use