SonarSource Rules
  • Products

    In-IDE

    Code Quality and Security in your IDE with SonarQube Ide

    IDE extension that lets you fix coding issues before they exist!

    Discover SonarQube for IDE

    SaaS

    Code Quality and Security in the cloud with SonarQube Cloud

    Setup is effortless and analysis is automatic for most languages

    Discover SonarQube Cloud

    Self-Hosted

    Code Quality and Security Self-Hosted with SonarQube Server

    Fast, accurate analysis; enterprise scalability

    Discover SonarQube Server
  • SecretsSecrets
  • ABAPABAP
  • AnsibleAnsible
  • ApexApex
  • AzureResourceManagerAzureResourceManager
  • CC
  • C#C#
  • C++C++
  • CloudFormationCloudFormation
  • COBOLCOBOL
  • CSSCSS
  • DartDart
  • DockerDocker
  • FlexFlex
  • GitHub ActionsGitHub Actions
  • GoGo
  • HTMLHTML
  • JavaJava
  • JavaScriptJavaScript
  • JSONJSON
  • JCLJCL
  • KotlinKotlin
  • KubernetesKubernetes
  • Objective CObjective C
  • PHPPHP
  • PL/IPL/I
  • PL/SQLPL/SQL
  • PythonPython
  • RPGRPG
  • RubyRuby
  • RustRust
  • ScalaScala
  • ShellShell
  • SwiftSwift
  • TerraformTerraform
  • TextText
  • TypeScriptTypeScript
  • T-SQLT-SQL
  • VB.NETVB.NET
  • VB6VB6
  • XMLXML
  • YAMLYAML
C++

C++ static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your C++ code

  • All rules 674
  • Vulnerability13
  • Bug139
  • Security Hotspot19
  • Code Smell503

  • Quick Fix 91
Filtered: 51 rules found
misra-c++2008
    Impact
      Clean code attribute
        1. The name "main" should not be used for any function other than the global "main" function

           Code Smell
        2. Pointer and reference parameters should be "const" if the corresponding object is not modified

           Code Smell
        3. A variable which is not modified shall be const qualified

           Code Smell
        4. "abort", "exit", "getenv" and "system" from <stdlib.h> should not be used

           Bug
        5. "offsetof" macro should not be used

           Code Smell
        6. There shall be at most one occurrence of the # or ## operators in a single macro definition

           Code Smell
        7. In the definition of a function-like macro, each instance of a parameter shall be enclosed in parentheses, unless it is used as the operand of # or ##

           Code Smell
        8. #include directives in a file should only be preceded by other preprocessor directives or comments

           Code Smell
        9. Functions should not be defined with a variable number of arguments

           Code Smell
        10. Evaluation of the operand to the sizeof operator shall not contain side effects

           Bug
        11. Switch statement conditions should not have essentially boolean type

           Code Smell
        12. The comma operator, "&&", and "||" should not be overloaded

           Code Smell
        13. Switch labels should not be nested inside non-switch blocks

           Code Smell
        14. A loop-control-variable other than the loop-counter which is modified in statement shall have type bool

           Code Smell
        15. The loop-counter should be modified by one of: --, ++, -=n, or +=n; where n remains constant for the duration of the loop

           Code Smell
        16. The unary "&" operator should not be overloaded

           Code Smell
        17. A cast shall not remove any const or volatile qualification from the type of a pointer or reference

           Code Smell
        18. If a function has internal linkage then all re-declarations shall include the static storage class specifer

           Code Smell
        19. Objects or functions with external linkage shall be declared in a header file

           Code Smell
        20. Functions should not be declared at block scope

           Code Smell
        21. The first operand of a conditional operator should have type bool

           Code Smell
        22. The condition of an if-statement and the condition of an iteration-statement shall have type bool

           Code Smell
        23. Assembly language should be encapsulated and isolated

           Code Smell
        24. Each operand of the ! operator, the logical && or the logical || operators shall have type bool

           Bug
        25. A cast should not convert a pointer type to an integral type

           Code Smell
        26. An object with integral type or pointer to void type shall not be converted to an object with pointer type

           Code Smell
        27. An object with pointer type shall not be converted to an unrelated pointer type, either directly or indirectly

           Code Smell
        28. The identifiers used for the parameters in a re-declaration or override of a function shall be identical to those in the declaration

           Code Smell
        29. using-directives and using-declarations (excluding class scope or function scope using-declarations) shall not be used in header files

           Code Smell
        30. A loop-control-variable other than the loop-counter shall not be modified within condition or expression

           Code Smell
        31. The loop-counter shall not be modified within condition or statement

           Code Smell
        32. If loop-counter is not modified by -- or ++, then, within condition, the loop-counter shall only be used as an operand to <=, <, > or >=

           Code Smell
        33. A for loop shall contain a single loop-counter which shall not have floating type

           Code Smell
        34. Every switch statement shall have at least one case-clause

           Code Smell
        35. All "if ... else if" constructs shall be terminated with an "else "clause

           Code Smell
        36. An `if ( condition )` construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement

           Code Smell
        37. The statement forming the body of a "switch", "while", "do {...} while" or "for" statement shall be a compound statement

           Code Smell
        38. C-style casts (other than void casts) and functional notation casts (other than explicit constructor calls) shall not be used

           Code Smell
        39. A pointer to a virtual base class shall only be cast to a pointer to a derived class by means of dynamic_cast

           Bug
        40. When an array is declared, its size shall either be stated explicitly or defined implicitly by initialization

           Bug
        41. C libraries should not be used

           Code Smell
        42. Destructors should not throw exceptions

           Bug
        43. Condition-specific "catch" handlers should not be used after the ellipsis (catch-all) handler

           Bug
        44. Handlers in a single try-catch or function-try-block for a derived class and some or all of its bases should be ordered most-derived-first

           Bug
        45. Exception classes should be caught by reference

           Bug
        46. Handlers of a function-try-block implementation of a class constructor or destructor shall not reference non-static members from this class or its bases

           Bug
        47. Control should not be transferred into a complex logic block using a "goto" or a "switch" statement

           Code Smell
        48. An exception object should not have pointer type

           Bug
        49. Parameters in an overriding virtual function shall either use the same default arguments as the function they override, or else shall not specify any default arguments

           Code Smell
        50. Multiple declarations for an identifier in the same namespace shall not straddle a using-declaration for that identifier

           Bug
        51. Header files should not contain unnamed namespaces

           Code Smell

        An object with pointer type shall not be converted to an unrelated pointer type, either directly or indirectly

        intentionality - complete
        maintainability
        Code Smell
        • misra-c++2008
        • suspicious

        Why is this an issue?

        More Info

        This rule is a strict implementation of a MISRA (Motor Industry Software Reliability Association) rule. MISRA defines best practices for developing safety-critical software. You can learn more about this rule in the MISRA documents referenced below.

          Available In:
        • SonarQube IdeCatch issues on the fly,
          in your IDE
        • SonarQube CloudDetect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories
        • SonarQube ServerAnalyze code in your
          on-premise CI
          Developer Edition
          Available Since
          9.1

        © 2008-2025 SonarSource SA. All rights reserved.

        Privacy Policy | Cookie Policy | Terms of Use