new release of free static analyzer , which allows you to detect various classes of errors in the code in C and C++, including when using non-standard syntax typical for embedded systems. A collection of plugins is provided through which cppcheck is integrated with various development, continuous integration and testing systems, as well as features such as compliance of the code with the code design style. To parse the code, both your own parser and an external parser from Clang can be used. It also includes a donate-cpu.py script to provide local resources to do the work of collaborating on code reviews of Debian packages. Project source code licensed under GPLv3.
The development of cppcheck is focused on identifying problems related to undefined behavior and the use of constructs that are dangerous from a security point of view. The goal is also to minimize false positives. Among problems: pointers to non-existent objects, divide-by-zero, integer overflows, incorrect bit shift operations, incorrect conversions, memory problems, incorrect use of STL, null pointer dereferencing, applying checks after actually accessing the buffer, buffer overruns, using uninitialized variables.
Source: opennet.ru