Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.


cppcheck / News: Recent posts


Cppcheck-1.65 has been released.

General changes:

  • Cppcheck requires a C++11 compiler supporting the common subset of features supported by GCC 4.4, Visual Studio 2010 and Clang 2.9
  • Problems with packaging and windows installer introduced in last release were fixed


  • Much improved support of complex combinations of function pointers, arrays and references
  • Better handling of syntax errors
  • Better detection of stack variables passed to free()
  • Much improved value flow analysis
  • More robust error detection in several checks due to usage of AST
  • Better handling of unknown Macros in function declarations
  • Allocation/Deallocation functions can be extend across different .cfg files
  • Better handling of some C++11 language features like enum class, in-class member initializers
  • Detect calling (std::)abs() with bool argument... read more
Posted by Daniel Marjamäki 2014-05-10


cppcheck-1.64 has been released.

Value Flow

A new value flow analysis has been added. It is generic so the same analysis can be reused by various checkers - previously many checkers have had their own value flow and control flow analysis. The new value flow analysis performs context sensitive cross-function analysis. All checkers that uses this will automatically have cross-function context sensitive value flow analysis. The new analysis is gradually introduced in the checkers - the old analysis in a checker is kept until it is redundant.... read more

Posted by Daniel Marjamäki 2014-03-02


Cppcheck-1.63 has been released.

The .cfg files are needed by cppcheck. Either put them in a subfolder cfg
where the binary is. Otherwise compile cppcheck with CFGDIR to specify an
arbitrary path where you put the
.cfg files.

New check:
* Using pointer addition result in condition 'if (p+1)' - either a dereference
is forgotten or it depends on UB (the result is only 0 if there is overflow,
which is UB).... read more

Posted by Daniel Marjamäki 2014-01-04


New checks
* Divide with variable and then compare to see if variable is 0
* Duplicated inherited member

Improved checking:
* handling of >> in templates
* format string checking
* comparing bool result with integer
* standard isgreater()/islower() functions
* standard math functions
* reassigning struct members

xml-version 2 is now handled

Posted by Daniel Marjamäki 2013-10-12


New checks:
* arithmetical usage of inf/nan result
* suspicious usage of comma in return statement
* sizeof(void)

Improved checking:
* better simplification of strlen
* improved handling of array member variables 'x[y].z..'
* Specific improvements in checks for buffer overruns, format strings, uninitialized variables

Command line:
* Using both --max-configs and -D. Normally when -D is used, Cppcheck will only check the given configuration. By using --max-configs also, you can tell Cppcheck to check more configurations.
* Added --library and --check-library.... read more

Posted by Daniel Marjamäki 2013-08-03


Cppcheck 1.60.1 has been released.

A bug in compiled patterns was fixed.

Posted by Daniel Marjamäki 2013-06-02


new checks:
* dereference iterator and then checking it in condition: 'if (std::isalpha(*i) && i != str.end()) { }'
* calling pure virtual function from constructor/destructor
* assert() condition calls function with side effects

improved checking:
* improved struct member leaks checking
* improved handling of variable initialisation in 'reassignment of variable (first assignment is redundant)' check
* better 'Prefer prefix ++/-- operators' checking for iterators
* handle more complicated patterns in checkIncorrectStringCompare... read more

Posted by Daniel Marjamäki 2013-06-01


cppcheck-1.59 has been released

Commandline/Settings changes:
* New option to enable warnings but not style messages: --enable=warning
* Cppcheck used to skip includes where the header filename is enclosed in <>. You can now include these headers also by using -I. It is still not required to include these headers so feel free to try it and then include the headers that give you the best results. The biggest problem with including many headers is that analysis gets slow.... read more

Posted by Daniel Marjamäki 2013-03-29


Cppcheck-1.58 has been released.

Commandline/Settings changes:
- Added --include to the cppcheck command line client. This forces inclusion of the given file. This can for instance be used instead of --append and will then allow you to use #define etc also.
- The threads handling has been improved. Using -jN now works in windows also.

- NULL pointers: Improved checking of default function argument values.... read more

Posted by Daniel Marjamäki 2013-01-12


Cppcheck-1.57 has been released

Commandline/Settings changes:

* Support for Java and C# code has been removed.
* New option --language= (alias: -x=) to enforce treating code as a specific language


* Support GCC binary number syntax (0b...)
* Fixed search order for include paths
* Several error messages have been improved to be more understandable and consistent
* Rewrote enum parsing
* Simplification of well-known math.h functions
* Check for variable being assigned a value never used handles now also reassignments
* Fixed several false negatives in buffer overrun check
* Detect more inadequate comparisons of boolean variables
* Better detection of mismatching and assignments and comparisons with bitwise operations ... read more

Posted by Daniel Marjamäki 2012-11-04


Cppcheck-1.56 has been released.

Commandline/Settings changes:
- Code is considered to be C++11 or C11 compatible by default, added new standards to --std= option: c89, c11, c++03
- '--inconclusive' has been made "official" and shown in help dialog

- Uninstanciated templates are no longer removed from token list
- Support 'using namespace std;' - 'std ::' added to C++ standard library types when 'using namespace std;' is found
- Several error messages have been improved to be more understandable and consistent
- Checking of preprocessor configurations that are considered invalid, because the macro used in #if is also used in the code, is now skipped.... read more

Posted by Daniel Marjamäki 2012-09-01

cppcheck 1.56 pre-release

We have released a 1.56 pre - release.

There are still known bugs that we intend to fix.

But if you still want to download and test this then feel free to do it. If you see some problem then please report it so we can try to fix it before we release the real 1.56.

The pre-release is available here:

Posted by Daniel Marjamäki 2012-08-26


Cppcheck can now analyse source files that are UTF-16 encoded

Faster checking. Some projects, for instance sqlite, is much quicker now. The difference when checking other projects is not big.

Removed deprecated command line options -s, --style, -a, --all, --auto-dealloc, --test-2-pass.

Improved C code analysis. Better analysis of unknown types etc.

New check: comparison of modulo results that are always true/false. For instance: if (x % 5 == 5)... read more

Posted by Daniel Marjamäki 2012-06-30


Command line:
* Added --relative-path

Improved checks to detect more bugs:
* improved checking for buffer overruns on dynamically allocated memory (#3569)
* when variable is compared against a value in condition, the variable value is known in the conditional block.
* null pointer checking - handle more standard functions and improved checking of loops
- more standard functions are checked (#1171, #410)
- improved checking of loops (#1927)
- dangerous conditions (#3518)
* detect more bugs related to std::find and string::find usage (#3162)
* detect more sign extension problems (#3637)
* detect redundant .c_str() for strings (#1079)
* invalid pointer cast from float* to double* (#1255)
* more strict about int vs. bool (#1877)
* Preprocessor: extract more configurations => more code is checked
* Unused functions - fixed false negatives for functions that returns reference
* Better checking of sizeof
* Improved "unused private function" checking... read more

Posted by Daniel Marjamäki 2012-04-25


No major new features. No major changes to the command line flags.

We have fixed many problems such as false positives, segmentation faults, etc.

We improved existing checks to detect more errors:
* type checking for format string parameters
* uninitialized variables
* bad std::string usage
* buffer overflow checking
* iterator used on different containers
* doublefree of pointer
* null pointers
* bad usage of isdigit/isgraph/isalpha/etc
* wrong usage of std::find
* more deprecated functions... read more

Posted by Daniel Marjamäki 2012-02-11


New checks

* wrong value passed to isgraph
* missuse of std::cout
* some warnings when sizeof is used on pointer variable
* endless loop because of unsigned comparison
* better check for missing break in switch (redundant strcpy)
* using && instead of & in expression
* wrong usage of printf/scanf/etc (format string and parameters mismatch)
* useless calls of STL functions (wrong usage)
* detect suspicicous use of semicolon after if/for/while (--inconclusive)
* added checking of readlink() usage
* boolean comparison with string literals... read more

Posted by Daniel Marjamäki 2011-12-10


New checks:
* actual initialization order of member variables is not the same as the written order. Use --inconclusive and --enable=style to enable this check.
* when first comparison is true, the 2nd comparison is always true. Example: '(x>5 && x!=1)'. Use --enable=style to enable this check.

we fixed many false positives and false negatives in existing checks.

For details, see this list of fixed tickets:

Posted by Daniel Marjamäki 2011-10-08


There was many fixes of false positives and serious problems like crashes, hangs, etc.

New checks:

* Check for std::auto_ptr misuse (related to strict ownership)
* Read array and then immediately check if the array index is within limits
* assign pointer to int/long
* assign bool to pointer
* duplicate "break" statements in switch
* matching "if" and "else if" conditions when using bitwise and
* matching assigment and condition when using bitwise and
* test if unsigned value is less than zero

Posted by Daniel Marjamäki 2011-08-14


Many bug fixes and improvements.

2 more checks were added:
* strcmp condition is always true
* using sizeof with constant

Posted by Daniel Marjamäki 2011-06-12


Release notes for 1.48

There are no major new features in 1.48. There are more and better checks.

New check: Wrong usage of ! operator in conditions.
Example: if (!x == 0) {

New check: Use "throw" without arguments to rethrow exceptions.

New check: Comparison of substring with string literal will always/never match because size doesn't match.

New check: Postfix increment of boolean

New check: Clarify condition with parantheses (when there are assignment + comparison)
Example: if (a = b > 0) {... read more

Posted by Daniel Marjamäki 2011-04-09


Release notes for 1.47

It is now possible to exclude files and folders from the analysis. Use -i on the command line (i=ignore).

Custom rules can now be created using regular expressions. To read more about creating custom rules, see

A new XML format is launched. To use this format, the --xml-version=2 is used. The new xml format is incompatible with the xml format used in previous versions. The old XML format will still be used unless --xml-version=2 is given, so your existing scripts, tools and plugins should still work.... read more

Posted by Daniel Marjamäki 2011-02-06


Release notes for 1.46

This release has improvements and bug fixes.

We fixed 153 tickets, and that is a somewhat "usual" number for a Cppcheck release.

The report has been improved. New severities were added to make the messages more informational. The possible severities are now:
* error
* warning
* style
* performance

This has no effect on the command line flags nor the xml report. The command line flags and the xml report is fully compatible with previous versions.... read more

Posted by Daniel Marjamäki 2010-12-12



* project file

Command line:

* report: use system dependent path separator
* --enable: the except* is not available anymore
* --enable: the "unusedFunctions" was renamed to "unusedFunction"


* New check: Initialization of a variable by itself
* New check: dangerous usage of scanf
* More checking for obsolete and dangerous functions
* Optimisations
* C++0x updates: enums, strings... read more

Posted by Daniel Marjamäki 2010-10-03


I broke out the headers checking into a separate project. Its primary purpose is to detect unnecessary includes.

The headers checking was among the first Cppcheck checks. It has been disabled for years because it doesn't work with the Cppcheck data.
Adapting the Cppcheck data for the headers checking would be complicated and it would involve disabling the Preprocessor - and that is not acceptable. Therefore it was broken out into a separate project.... read more

Posted by Daniel Marjamäki 2010-07-26


* command line: a -D command was added
* GUI: minor updates

New checks:
* (style) Redundant assignment (missing break in a switch block)
* (style) Empty catch blocks
* (error) Usage of iterator pointing to invalid memory after reserve
* (error) Detect common realloc-mistake that can cause memory leaks.

Improved checks:
* Memory leaks
* Buffer overruns
* Mismatching allocation / deallocation
* Bad iterators
* Uninitialized variables
* Null pointer dereference
* Unused variable

Posted by Daniel Marjamäki 2010-07-10