Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

Secrets
ABAP
Ansible
Apex
AzureResourceManager
C
C#
C++
CloudFormation
COBOL
CSS
Dart
Docker
Flex
GitHub Actions
Go
HTML
Java
JavaScript
JSON
JCL
Kotlin
Kubernetes
Objective C
PHP
PL/I
PL/SQL
Python
RPG
Ruby
Rust
Scala
Shell
Swift
Terraform
Text
TypeScript
T-SQL
VB.NET
VB6
XML
YAML

C++ static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your C++ code

Filtered: 58 rules found

misra-c++2023

Impact

Clean code attribute

The character handling functions from "<cctype>" and "<cwctype>" shall not be used
Code Smell
The "goto" statement should not be used
Code Smell
An "integer-literal" of type "long long" shall not use a single "L" or "l" in any suffix
Code Smell
A non-"transient lambda" shall not implicitly capture "this"
Code Smell
"Global variables" shall not be used
Code Smell
An object shall not be accessed outside of its lifetime
Bug
A function declared with the "[[noreturn]]" attribute shall not return
Bug
"std::vector" should not be specialized with "bool"
Code Smell
Variables of array type should not be declared
Code Smell
The "setlocale" and "std::locale::global" functions shall not be called
Code Smell
"Unscoped enumerations" should not be declared
Code Smell
Functions with "limited visibility" should be "used" at least once
Code Smell
An "explicit type conversion" shall not be an "expression statement"
Bug
"Advanced memory management" shall not be used
Code Smell
Reads and writes on the same file stream shall be separated by a positioning operation
Bug
Line-splicing shall not be used in "//" comments
Bug
A pointer to an incomplete "class" type shall not be deleted
Bug
All variables should be initialized
Code Smell
The result of "std::remove", "std::remove_if", "std::unique" and "empty" shall be "used"
Bug
An object shall not be used while in a "potentially moved-from state"
Code Smell
"Forwarding references" and "std::forward" shall be used together
Code Smell
A comparison of a "potentially virtual" pointer to member function shall only be with "nullptr"
Bug
Variables should be captured explicitly in a non-"transient lambda"
Code Smell
Local variables shall not have static storage duration
Code Smell
The macro "offsetof" shall not be used
Code Smell
The standard "header file" "<csetjmp>" shall not be used
Code Smell
The "#" and "##" preprocessor operators should not be used
Code Smell
The "#include" directive shall be followed by either a "<filename>" or ""filename"" sequence
Bug
A "noexcept" function should not attempt to propagate an exception to the calling function
Bug
An exception of "class" type shall be caught by "const" reference or reference
Bug
Handlers for a "function-try-block" of a constructor or destructor shall not refer to non-static members from their class or its bases
Bug
An "empty throw" shall only occur within the "compound-statement" of a "catch handler"
Code Smell
An exception object shall not have pointer type
Bug
Classes should not be inherited virtually
Code Smell
A named bit-field with "signed integer type" shall not have a length of one bit
Bug
The "union" keyword shall not be used
Code Smell
The value of an object must not be read before it has been set
Bug
A "declaration" should not declare more than one variable or member variable
Code Smell
There should be no unnamed namespaces in "header files"
Code Smell
The identifier "main" shall not be used for a function other than the global function "main"
Code Smell
The "goto" statement shall jump to a label declared later in the function body
Code Smell
All "if ... else if" constructs shall be terminated with an "else" statement
Code Smell
The "address-of" operator shall not be overloaded
Code Smell
A cast should not convert a pointer type to an integral type
Code Smell
A cast shall not remove any "const" or "volatile" qualification from the type accessed via a pointer or by reference
Code Smell
C-style casts and "functional notation" casts shall not be used
Code Smell
A virtual base class shall only be cast to a derived class by means of "dynamic_cast"
Bug
The "declaration" of an object should contain no more than two levels of pointer indirection
Code Smell
"nullptr" shall be the only form of the "null-pointer-constant"
Code Smell
The names of the "standard signed integer types" and "standard unsigned integer types" should not be used
Code Smell
A line whose first token is "#" shall be a valid preprocessing directive
Bug
All identifiers used in the controlling expression of "#if" or "#elif" preprocessing directives shall be defined prior to evaluation
Bug
Tokens that look like a preprocessing directive shall not occur within a macro argument
Bug
Function-like macros shall not be defined
Code Smell
"#include" directives should only be preceded by preprocessor directives or comments
Code Smell
Unsigned "integer literals" shall be appropriately suffixed
Code Smell
The value returned by a function shall be "used"
Code Smell
Variables with "limited visibility" should be "used" at least once
Code Smell

The names of the "standard signed integer types" and "standard unsigned integer types" should not be used

intentionality - clear

maintainability

reliability

Code Smell

pitfall
misra-c++2023
misra-advisory

Why is this an issue?

More Info

This rule is part of MISRA C++:2023.

MISRA Rule 6.9.2

Category: Advisory

Analysis Type: Decidable,Single Translation Unit

Amplification

This rule applies to the names of integral types constructed using the keywords char, short, int, long, signed and unsigned (ignoring any cv-qualification). It does not apply to the use of plain char.

Rationale

It is implementation-defined how much storage is required for any object of the standard signed integer types or standard unsigned integer types. When the amount of storage being used is important, the use of types having specified widths makes it clear how much storage is being reserved for each object.

The C++ Standard Library header file [1] <cstdint> often provides a suitable set of integer types having specified widths. If a project defines its own type aliases, it is good practice to use static_assert to validate any size assumptions. For example:

using torque_t = unsigned short;

static_assert( sizeof( torque_t ) >= 2 );

Notes:

Compliance with this rule does not prevent integer promotion, which is influenced by the implemented size of int and the type used for an alias. For example, an expression of type int16_t will only be promoted if the aliased type has a rank lower than that of int. The presence or absence of integer promotion may have an influence on overload resolution.
Strong typing, which may be provided by class or enum types, is more robust than the use of type aliases to represent specific width types.

Exception

The names of the standard signed integer types and standard unsigned integer types may be used to define a type alias.
The name int may be used for:
The parameter to a postfix operator, which must use that type; and
The return type of main; and
The argc parameter to main.

Example

#include <cstdint>

int           x = 0;                     // Non-compliant - use of int
int32_t       y = 0;                     // Compliant
int_least32_t z = 0;                     // Compliant

using torque_t = int;                    // Compliant by exception #1
torque_t w = 0;

class C
{
public:
  C  operator++( int );                  // Compliant by exception #2.1
};

int main() { }                           // Compliant by exception #2.2
int main( int argc, char * argv[] ) { }  // Compliant by exception #2.2 and #2.3

Glossary

[1] Header file

A header file is considered to be any file that is included during preprocessing (for example via the #include directive), regardless of its name or suffix.

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

In-IDE

SaaS

Self-Hosted