SonarSource Rules
  • Products

    In-IDE

    Code Quality and Security in your IDE with SonarQube Ide

    IDE extension that lets you fix coding issues before they exist!

    Discover SonarQube for IDE

    SaaS

    Code Quality and Security in the cloud with SonarQube Cloud

    Setup is effortless and analysis is automatic for most languages

    Discover SonarQube Cloud

    Self-Hosted

    Code Quality and Security Self-Hosted with SonarQube Server

    Fast, accurate analysis; enterprise scalability

    Discover SonarQube Server
  • SecretsSecrets
  • ABAPABAP
  • AnsibleAnsible
  • ApexApex
  • AzureResourceManagerAzureResourceManager
  • CC
  • C#C#
  • C++C++
  • CloudFormationCloudFormation
  • COBOLCOBOL
  • CSSCSS
  • DartDart
  • DockerDocker
  • FlexFlex
  • GitHub ActionsGitHub Actions
  • GoGo
  • HTMLHTML
  • JavaJava
  • JavaScriptJavaScript
  • JSONJSON
  • JCLJCL
  • KotlinKotlin
  • KubernetesKubernetes
  • Objective CObjective C
  • PHPPHP
  • PL/IPL/I
  • PL/SQLPL/SQL
  • PythonPython
  • RPGRPG
  • RubyRuby
  • RustRust
  • ScalaScala
  • SwiftSwift
  • TerraformTerraform
  • TextText
  • TypeScriptTypeScript
  • T-SQLT-SQL
  • VB.NETVB.NET
  • VB6VB6
  • XMLXML
  • YAMLYAML
C

C static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your C code

  • All rules 315
  • Vulnerability13
  • Bug76
  • Security Hotspot19
  • Code Smell207

  • Quick Fix 19
Filtered: 16 rules found
unused
    Impact
      Clean code attribute
        1. Non-empty statements should change control flow or have at least one side-effect

           Bug
        2. Unused type declarations should be removed

           Code Smell
        3. Functions that are not used in a project should be removed

           Code Smell
        4. Forward declarations should not be redundant

           Code Smell
        5. Declarations should not be empty

           Code Smell
        6. Conditionally executed code should be reachable

           Bug
        7. Values should not be uselessly incremented

           Bug
        8. Related "if/else if" statements should not have the same condition

           Bug
        9. Unused assignments should be removed

           Code Smell
        10. All code should be reachable

           Bug
        11. Unused local variables should be removed

           Code Smell
        12. Sections of code should not be commented out

           Code Smell
        13. Unused function parameters should be removed

           Code Smell
        14. Unused functions and methods should be removed

           Code Smell
        15. Empty statements should be removed

           Code Smell
        16. Unused labels should be removed

           Code Smell

        Related "if/else if" statements should not have the same condition

        intentionality - logical
        reliability
        Bug
        • cert
        • unused
        • pitfall

        Why is this an issue?

        More Info

        A chain of if/else if statements is evaluated from top to bottom. At most, only one branch will be executed: the first one with a condition that evaluates to true.

        Therefore, duplicating a condition automatically leads to dead code. Usually, this is due to a copy/paste error. At best, it’s simply dead code and at worst, it’s a bug that is likely to induce further bugs as the code is maintained, and obviously it could lead to unexpected behavior.

        Noncompliant code example

        if (param == 1)
          openWindow();
        else if (param == 2)
          closeWindow();
        else if (param == 1)  // Noncompliant
          moveWindowToTheBackground();
        

        Compliant solution

        if (param == 1)
          openWindow();
        else if (param == 2)
          closeWindow();
        else if (param == 3)
          moveWindowToTheBackground();
        
          Available In:
        • SonarQube IdeCatch issues on the fly,
          in your IDE
        • SonarQube CloudDetect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories
        • SonarQube ServerAnalyze code in your
          on-premise CI
          Developer Edition
          Available Since
          9.1

        © 2008-2025 SonarSource SA. All rights reserved.

        Privacy Policy | Cookie Policy | Terms of Use