Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: new static code checker in town :cppcheck

From: Evan Huus <eapache () gmail com>
Date: Wed, 8 Jan 2014 16:03:49 -0500
Yes, I've used it on-and-off for quite a while now. It can be quite
useful, though it does have a number of limitations. There is a shell
script in Wireshark trunk tools directory (tools/cppcheck/cppcheck.sh)
which will run cppcheck with a set of flags and other configurations
which I have found to be useful when analyzing Wireshark.

In general, I have found that between compiler warnings (our buildbot
runs GCC+Clang+MSVC+Coverity), and fuzz-testing (especially under
Valgrind), cppcheck doesn't add a whole lot of value. It's still worth
looking at occasionally of course.

Certain files (idl2wrs.c, lemon.c and others) are not actually part of
Wireshark proper, they are only used to generate code that ends up in
Wireshark, so I have never paid too much attention to warnings in
them.

On Wed, Jan 8, 2014 at 3:52 PM, Toralf Förster <toralf.foerster () gmx de> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

It discovers a flaw in X (http://lists.x.org/archives/xorg-announce/2014-January/002389.html) so I gave it a try to 
the current git tree of boinc. And b/c the tool claims at its home page that it doesn't produce false positive I 
think it is worth to report the output here, or ?


tfoerste@n22 ~/devel/wireshark $ cppcheck ./ --force --quiet
[echld/echld-int.h:293]: (error) Invalid number of character ({) when these macros are defined: '__cplusplus'.
[epan/dissectors/dcerpc/idl2wrs.c:3189]: (error) Buffer overrun possible for long command line arguments.
[epan/dissectors/dcerpc/idl2wrs.c:1829]: (error) Memory leak: ptmpstr
[epan/dissectors/dcerpc/idl2wrs.c:2402]: (error) Memory leak: ptmpstr
[epan/dissectors/dcerpc/idl2wrs.c:2698]: (error) Memory leak: ptmpstr

...

- --
MfG/Sincerely
Toralf Förster
pgp finger print:1A37 6F99 4A9D 026F 13E2 4DCF C4EA CDDE 0076 E94E
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iF4EAREIAAYFAlLNunAACgkQxOrN3gB26U4+zwD/YgwmMYTnhEq0YHBjCLFa0Jwv
hazTVe2xLlw8bGqM4JUA/3kV4hKX6D1q44LnlstRdQO24onYvQksYbZo913BkreF
=zpFP
-----END PGP SIGNATURE-----
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: