Cppcheck library config files

[john borland]

I have always found the cppcheck to be a bit of a hidden gem. I have talked to developers who have been using cppcheck for years and they have no idea about it. So if you are reading this and you have no idea what a cppcheck library config file is you should read the manual and check out the list of libraries cppcheck has config files for https://github.com/danmar/cppcheck/tree/main/cfg

My question is this is it only the value ranges in the library config files that are used in the Bug-hunting (“Soundy” analysis)? When reading https://cppcheck.sourceforge.io/reference-cfg-format.pdf I don't see anything about what things in the library config files apply only to the bug-hunting analysis vs the open source cppcheck checks.

[Daniel Marjamäki]

As far as I know all the information in the cfg files are used by open source Cppcheck checkers. There is no info that applies only to bug hunting as far as I know.

The bug-hunting is more about how the analysis is made. In bug hunting it is assumed that function parameters can have any value that the type allows (i.e. that a 16-bit unsigned integral parameter can have any value in the range 0 - 0xffff unless specified otherwise) . Similarly it is assumed that functions can return any value.

The bug hunting is on the way out more or less anyway because as I understand the CERT standards they have the same philosophy as our bug hunting.

If we for instance look here:

https://wiki.sei.cmu.edu/confluence/display/c/ARR30-C.+Do+not+form+or+use+out-of-bounds+pointers+or+array+subscripts

The first non-compliant code example shown is only dangerous if we assume that f can be called with a negative value. There is no concrete indication that the parameter can be negative.