Questions tagged [klocwork]

Klocwork Insight is a static source code analysis tool for C, C++, Java and C#.

97 questions

votes

1 answer

Have you ever compared the static analysis tools Klocwork and Findbugs?

We are using Klocwork as a static analysis tool. Klocwork is a commercial tool and has many advantages but also has limitations like false-positives. I wonder who has ever compared Klocwork with other open source tools such as Findbugs. Generally,…

asked Aug 19 '13 at 01:08

500004dolkong

votes

3 answers

Can Klocwork (or other tools) be aware of types, typedefs and #define directives?

I have been looking for tools to help detect errors that prevent a program from running properly as 64-bit code. Most recently, I've been toying with Klocwork and its custom checkers feature, which lets me navigate the source code as a tree using…

c++ static-analysis klocwork

asked Jun 22 '11 at 16:21

Henry Merriam

votes

1 answer

Odd Klockwork finding (Buffer overflow)

I can't figure this out. I have the following code: #define SIZE 1000 #define MEMORY 0x10000000 unsigned char table[SIZE]; int i; for(i=0;i

c static-analysis klocwork

asked Aug 24 '11 at 05:52

Makis

12,468
10
62
71

votes

1 answer

Unvalidated integer value is received from std::stoi

Below piece of code throws Unvalidated integer value is received from std::stoi klocwork error. If *it contains invalid range or non integer value then catch block will be executed. But we are getting klocwork error in second for loop as tainted…

c++ klocwork

asked Feb 06 '18 at 13:14

Arun

2,247
3
28
51

votes

3 answers

How can I ask klocwork to ignore a directory while executing the kwinject command?

I am trying to run the kwinject command. The problem is that one of my Makefiles compiles a directory that I do not want to scan, so, is there a way to exclude these files? I have tried with kwinject --ignore-files…

makefile klocwork

asked Feb 24 '17 at 17:34

Lost

votes

1 answer

Freeing non heap memory

static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = { .forwarding = 0, .hop_limit = IPV6_DEFAULT_HOPLIMIT, .mtu6 = IPV6_MIN_MTU, }; static int __net_init addrconf_init_net(struct net *net) { struct…

c memory-leaks linux-kernel structure klocwork

asked Jun 28 '12 at 00:45

shunty

votes

1 answer

static analysis checks fails to find trivial C++ issue

I encountered a surprising False Negative in our C++ Static Analysis tool. We use Klocwork (Currently 2021.1), and several colleages reported finding issues KW should have found. I got example down to as simple as: int theIndex = 40; int main() { …

c++ sonarqube static-analysis cppcheck klocwork

asked Feb 01 '23 at 22:06

Tomer W

3,395
2
29
44

votes

1 answer

Disable Klocwork Continuous Analysis by default

How do we disable the "Continuous Analysis" option in Klocwork by default? I know how to disable it for the Eclipse plugin and for .sln files, which works fine, but this is an additional step that must be performed each time a user creates an .sln…

klocwork

asked Aug 02 '11 at 20:48

carrie

votes

0 answers

c++ lambda used but uninitialized

Here is my code, I get the klocworks error 'value' is used uninitialized in this function. /// Converts rgb to grayscale (in all channels) template void convert_to_grayscale(rgb_image_s &img) { auto r = img[rgb_color_e::red]; …

c++ klocwork

asked Nov 28 '19 at 09:24

Gilad

6,437
14
61
119

votes

2 answers

Understand Klocwork bitwise operation sign

When analysed by klocwork, the following line pTxData[index] = ( UINT8_C(0) << UINT8_C(4) ); gives error Operand of bitwise operation has type 'signed char' instead of 'unsigned integer' I already reduced the problem to the minimum by removing…

c bit-shift klocwork

asked Feb 27 '19 at 10:22

Julien

1,810
1
16
34

votes

1 answer

klocwork issue for std::ofstream open

Klocwork throws resource acquired to 'ofs.open("file.txt", std::ofstream::out)' may be lost here for the below piece of code. #include #include void main() { std::ofstream ofs; ofs.open("file.txt",…

c++ ofstream klocwork

asked Apr 19 '18 at 18:24

Arun

2,247
3
28
51

votes

2 answers

Klocwork & c - The number of lines of source code actually used

My project is made out of lots of bits and pieces of older code. How do I know how many lines of code were actually used? Can Klocwork provide me this answer? I've noticed that Klocwork holds the number of line (SLOC) in the project - but is it the…

c klocwork

asked Aug 10 '10 at 11:55

Moshe

votes

1 answer

Mixing enumeration in switch-case

What does C standard talk about mixing enumerations in the case constants of a switch-case statement? I ensure that there are no duplicate values of the mixed enum types. switch (value) /* value is int type */ { case enum1_val: /* enum1_val is of…

c enums klocwork

asked Sep 12 '13 at 12:00

user1969104

2,340
14
15

votes

2 answers

how string are represented in memory in c

char imei_temp[14] = {0, }; strcpy(imei_temp, "00000000000000"); According to my understanding this is valid code. But Klocwork is saying Buffer overflow, array index of 'imei_temp' may be out of bounds. Array 'imei_temp' of size 14 may use index…

c string pointers klocwork

asked Jun 21 '12 at 00:42

shunty

vote

1 answer

Why does my fresh Klocwork 9.2 installation display a blank Product Portal web page?

I installed Klocwork 9.2.1.7276 on a fresh Windows Server 2008 x86 system. During the installation, I selected all Klocwork components to be installed (database server, licence server, Klocwork server) and ensured that all three servers were running…

klocwork

asked Dec 14 '11 at 16:44

Steve HHH

12,947
6
68
71

2 3 4 5 6 7 Next