SonarSource Rules
  • Products

    In-IDE

    Code Quality and Security in your IDE with SonarQube Ide

    IDE extension that lets you fix coding issues before they exist!

    Discover SonarQube for IDE

    SaaS

    Code Quality and Security in the cloud with SonarQube Cloud

    Setup is effortless and analysis is automatic for most languages

    Discover SonarQube Cloud

    Self-Hosted

    Code Quality and Security Self-Hosted with SonarQube Server

    Fast, accurate analysis; enterprise scalability

    Discover SonarQube Server
  • SecretsSecrets
  • ABAPABAP
  • AnsibleAnsible
  • ApexApex
  • AzureResourceManagerAzureResourceManager
  • CC
  • C#C#
  • C++C++
  • CloudFormationCloudFormation
  • COBOLCOBOL
  • CSSCSS
  • DartDart
  • DockerDocker
  • FlexFlex
  • GitHub ActionsGitHub Actions
  • GoGo
  • HTMLHTML
  • JavaJava
  • JavaScriptJavaScript
  • JSONJSON
  • JCLJCL
  • KotlinKotlin
  • KubernetesKubernetes
  • Objective CObjective C
  • PHPPHP
  • PL/IPL/I
  • PL/SQLPL/SQL
  • PythonPython
  • RPGRPG
  • RubyRuby
  • RustRust
  • ScalaScala
  • ShellShell
  • SwiftSwift
  • TerraformTerraform
  • TextText
  • TypeScriptTypeScript
  • T-SQLT-SQL
  • VB.NETVB.NET
  • VB6VB6
  • XMLXML
  • YAMLYAML
C++

C++ static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your C++ code

  • All rules 674
  • Vulnerability13
  • Bug139
  • Security Hotspot19
  • Code Smell503

  • Quick Fix 91
Filtered: 24 rules found
performance
    Impact
      Clean code attribute
        1. "std::format" should be used instead of standard output manipulators

           Code Smell
        2. Concatenated "std::format" outputs should be replaced by a single invocation

           Code Smell
        3. Use conditional suspension to resume current coroutine

           Code Smell
        4. rvalue reference members should not be copied accidentally

           Code Smell
        5. "std::string_view" and "std::span" parameters should be directly constructed from sequences

           Code Smell
        6. Empty class members should be marked as "[[no_unique_address]]"

           Code Smell
        7. Transparent function objects should be used with associative "std::string" containers

           Code Smell
        8. "emplace" should be prefered over "insert" with "std::set" and "std::unordered_set"

           Code Smell
        9. Unnecessary expensive copy should be avoided when using auto as a placeholder type

           Code Smell
        10. "try_emplace" should be used with "std::map" and "std::unordered_map"

           Code Smell
        11. Heterogeneous sorted containers should only be used with types that support heterogeneous comparison

           Bug
        12. Objects should not be created solely to be passed as arguments to functions that perform delegated object creation

           Code Smell
        13. "std::filesystem::path" should be used to represent a file path

           Code Smell
        14. Emplacement should be preferred when insertion creates a temporary with sequence containers

           Code Smell
        15. Return type of functions shouldn't be const qualified value

           Code Smell
        16. "std::endl" should not be used

           Code Smell
        17. Capture by reference in lambdas used locally

           Code Smell
        18. "std::move" should not inhibit optimizations

           Code Smell
        19. Template parameters should be preferred to "std::function" when configuring behavior at compile time

           Code Smell
        20. Special member function should not be defined unless a non standard behavior is required

           Code Smell
        21. Member data should be initialized in-class or in a constructor initialization list

           Code Smell
        22. Bit fields should not be used

           Code Smell
        23. The prefix increment/decrement form should be used

           Code Smell
        24. Pass by reference to const should be used for large input parameters

           Code Smell

        Transparent function objects should be used with associative "std::string" containers

        intentionality - efficient
        maintainability
        Code Smell
        • performance
        • since-c++14

        Why is this an issue?

        How can I fix it?

        More Info

        Transparent function objects are function-like types that support heterogeneous operations. There are essentially two kinds of such types: transparent comparators and transparent hashers. For instance, a transparent comparator for strings would support comparing a std::string with string-like types (such as char const* or std::string_view`).

        These transparent function objects are interesting for search-optimized containers such as std::set and std::map, including their multi and unordered variants. When transparent comparators/hashers are used, the containers enable additional overloads for many operations that support types different from their key_type.

        For example, std::set<std::string> is not using transparent comparators. Invoking many member functions with a non-std::string argument leads to, implicitly or explicitly, creating a temporary std::string object because the functions only support an argument of the key_type.

        // Given a container c with a non-transparent comparator:
        std::set<std::string> c = ...;
        
        // Calling "find" with a C-style string (char const*)
        auto it = c.find("Nemo");
        // is equivalent to
        auto it = c.find(std::string{"Nemo"});
        
        // Calling C++20 "contains" with a std::string_view sv
        // does not compile since conversion has to be explicit:
        //   if (c.contains(sv)) { ... }
        // It has to be rewritten like this:
        if (c.contains(std::string(sv))) { ... }
        

        Using heterogeneous comparison and hashing directly benefits the application performance since unnecessary temporaries can be avoided. An excellent and very common example of when transparent functions objects are beneficial is when the key_type is std::string.

        Starting from C++14, transparent function objects can enable additional overloads for these containers: std::set, std::map, std::unordered_set, std::unordered_map, std::multiset, std::multimap, std::unordered_multiset, and std::unordered_multimap.

        Depending on the C++ version and the container type, the overloads are available for these operations:

        • Lookup functions, such as: find, count, lower_bound, upper_bound, equal_range, contains.
        • Mutation functions, such as: erase, extract, insert, insert_or_assign.

        For this reason, this rule detects using std::string as the key for the associative container types mentioned previously when heterogeneous operations are disabled.

          Available In:
        • SonarQube IdeCatch issues on the fly,
          in your IDE
        • SonarQube CloudDetect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories
        • SonarQube ServerAnalyze code in your
          on-premise CI
          Developer Edition
          Available Since
          9.1

        © 2008-2025 SonarSource SA. All rights reserved.

        Privacy Policy | Cookie Policy | Terms of Use