SonarSource Rules
  • Products

    In-IDE

    Code Quality and Security in your IDE with SonarQube Ide

    IDE extension that lets you fix coding issues before they exist!

    Discover SonarQube for IDE

    SaaS

    Code Quality and Security in the cloud with SonarQube Cloud

    Setup is effortless and analysis is automatic for most languages

    Discover SonarQube Cloud

    Self-Hosted

    Code Quality and Security Self-Hosted with SonarQube Server

    Fast, accurate analysis; enterprise scalability

    Discover SonarQube Server
  • SecretsSecrets
  • ABAPABAP
  • AnsibleAnsible
  • ApexApex
  • AzureResourceManagerAzureResourceManager
  • CC
  • C#C#
  • C++C++
  • CloudFormationCloudFormation
  • COBOLCOBOL
  • CSSCSS
  • DartDart
  • DockerDocker
  • FlexFlex
  • GitHub ActionsGitHub Actions
  • GoGo
  • HTMLHTML
  • JavaJava
  • JavaScriptJavaScript
  • JSONJSON
  • JCLJCL
  • KotlinKotlin
  • KubernetesKubernetes
  • Objective CObjective C
  • PHPPHP
  • PL/IPL/I
  • PL/SQLPL/SQL
  • PythonPython
  • RPGRPG
  • RubyRuby
  • RustRust
  • ScalaScala
  • SwiftSwift
  • TerraformTerraform
  • TextText
  • TypeScriptTypeScript
  • T-SQLT-SQL
  • VB.NETVB.NET
  • VB6VB6
  • XMLXML
  • YAMLYAML
C

C static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your C code

  • All rules 315
  • Vulnerability13
  • Bug76
  • Security Hotspot19
  • Code Smell207

  • Quick Fix 19
Filtered: 16 rules found
unused
    Impact
      Clean code attribute
        1. Non-empty statements should change control flow or have at least one side-effect

           Bug
        2. Unused type declarations should be removed

           Code Smell
        3. Functions that are not used in a project should be removed

           Code Smell
        4. Forward declarations should not be redundant

           Code Smell
        5. Declarations should not be empty

           Code Smell
        6. Conditionally executed code should be reachable

           Bug
        7. Values should not be uselessly incremented

           Bug
        8. Related "if/else if" statements should not have the same condition

           Bug
        9. Unused assignments should be removed

           Code Smell
        10. All code should be reachable

           Bug
        11. Unused local variables should be removed

           Code Smell
        12. Sections of code should not be commented out

           Code Smell
        13. Unused function parameters should be removed

           Code Smell
        14. Unused functions and methods should be removed

           Code Smell
        15. Empty statements should be removed

           Code Smell
        16. Unused labels should be removed

           Code Smell

        Unused assignments should be removed

        intentionality - logical
        maintainability
        Code Smell
        • cwe
        • symbolic-execution
        • cert
        • unused

        Unused assignments should be removed.

        Why is this an issue?

        What is the potential impact?

        How can I fix it?

        More Info

        Computing or retrieving a value only to then immediately overwrite it or throw it away indicates a serious logic error in the code.

        Assigning a value to a local variable that is not read by any subsequent instruction is called a dead store. The following code snippet depicts a few dead stores.

        int foo() {
          int x = 0; // Noncompliant: dead store, next line overwrites x
          x = 100; // Noncompliant: dead store, next line overwrites x
          x = 200;
          int y = 0;
          y += 9001; // Noncompliant: dead store, y is never used
          int z = 300; // Noncompliant: dead store, next line overwrites z
          z = 400;
          return x + z * 2;
        }
        

        Even if the unnecessary operations do not do any harm in terms of the program’s correctness, they are—​at best—​a waste of computing resources. In most cases, these operations have their intended use but it is not expressed correctly in the code. Therefore, unused values and superfluous code should be removed to prevent logic errors.

          Available In:
        • SonarQube IdeCatch issues on the fly,
          in your IDE
        • SonarQube CloudDetect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories
        • SonarQube ServerAnalyze code in your
          on-premise CI
          Developer Edition
          Available Since
          9.1

        © 2008-2025 SonarSource SA. All rights reserved.

        Privacy Policy | Cookie Policy | Terms of Use