| blob | 101e3c6fc402b6abc4941b5f8449297a4a369262 |
3 <html>
4 <head>
10 </head>
15 <!-- menu -->
16 <!--#include virtual="menu.html.incl"-->
17 <!-- page content -->
21 <p>This page contains a list of potential checkers to implement in the static analyzer. If you are interested in contributing to the analyzer's development, this is a good resource to help you get started. The specific names of the checkers are subject to review, and are provided here as suggestions.</p>
23 <!-- ========================= allocation/deallocation ======================= -->
32 Potential memory leaks caused by an undefined argument evaluation order.
33 <p>Source: <a href="http://www.boost.org/doc/libs/1_49_0/libs/smart_ptr/shared_ptr.htm#BestPractices">
37 void f(int, int);
38 int g(void *);
39 int h() __attribute__((noreturn));
41 void test() {
42 // It is possible that 'malloc(1)' is called first,
43 // then 'h()', that is (or calls) noreturn and eventually
44 // 'g()' is never called.
45 f(g(malloc(1)), h()); // warn: 'g()' may never be called.
46 }
47 </pre></div>
49 void f(int, int);
50 int g(int *);
51 int h() { throw 1; };
53 void test() {
54 // It is possible that 'new int' is called first,
55 // then 'h()', that throws an exception and eventually
56 // 'g()' is never called.
57 f(g(new int), h()); // warn: 'g()' may never be called.
58 }
59 </pre></div></div></td>
66 Destination buffer passed to memory function is too small.
70 <p>Source: <a href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>.</p></div></div></td>
73 void test() {
74 const char* s1 = "abc";
75 char *s2 = new char;
76 strcpy(s2, s1); // warn
77 }
78 </pre></div>
80 void test() {
81 int* p1 = new int[3];
82 int* p2 = new int;
83 memcpy(p2, p1, 3); // warn
84 }
85 </pre></div></div></td>
92 'n' is used to specify the buffer size may be negative.
94 alpha.security.MallocOverflow</span>.
99 void test() {
100 int *p;
101 int n1 = -1;
102 p = new int[n1]; // warn
103 }
104 </pre></div></div></td>
110 Allocation of zero bytes.
119 void test() {
120 int *p = malloc(0); // warn
121 free(p);
122 }
123 </pre></div>
125 void test() {
126 int *p = new int[0]; // warn
127 delete[] p;
128 }
129 </pre></div></div></td>
131 D6178</a></td></tr>
133 </table>
135 <!-- ======================= constructors/destructors ====================== -->
144 It is dangerous to let an exception leave a destructor.
147 leaving destructors.</p></div></div></td>
150 class A {
151 A() {}
152 ~A() { throw 1; } // warn
153 };
154 </pre></div>
156 void f() throw(int);
158 class A {
159 A() {}
160 ~A() { f(); } // warn
161 };
162 </pre></div></div></td>
169 For a placement copy or move, it is almost certainly an error if the
170 constructed object is also the object being copied from.</div></div></td>
173 class A {};
175 void test(A *dst, A *src) {
176 ::new (dst) A(*dst); // warn (should be 'src')
177 }
178 </pre></div></div></td>
181 </table>
183 <!-- =============================== va_list =============================== -->
199 void test(int x, ...) {
200 va_list args;
201 int y = va_arg(args, int); // warn
202 }
203 </pre></div>
207 void test(int x, ...) {
208 va_list args;
209 va_start(args, x);
210 va_end(args);
211 int z = va_arg(args, int); // warn
212 }
213 </pre></div></div></td>
215 PR16811</a></td></tr>
221 can only be ended once.
230 void test(int x, ...) {
231 va_list args;
232 va_start(args, x);
233 int y = x + va_arg(args, int);
234 } // warn: missing va_end
235 </pre></div></div></td>
237 PR16812</a></td></tr>
239 </table>
241 <!-- ============================== exceptions ============================= -->
251 function do not throw exceptions.</div></div></td>
254 void test() throw(int) {
255 } // warn
256 </pre></div></div></td>
264 specifier.</div></div></td>
267 void test() throw() {
268 throw(1); // warn
269 }
270 </pre></div></div></td>
277 The type of a thrown exception differs from those specified in
281 struct S{};
283 void test() throw(int) {
284 S s;
285 throw (s); // warn
286 }
287 </pre></div></div></td>
290 </table>
292 <!-- ========================= smart pointers ============================== -->
307 delete[].</code>.
308 <p>Source: C++03 20.4.5p1; C++11 <code>auto_ptr</code> is deprecated (D.10).</p></div></div></td>
314 void test() {
317 }
318 </pre></div>
323 void test() {
325 }
326 </pre></div></div></td>
329 </table>
331 <!-- ============================== dead code ============================== -->
340 A variable is never modified but was not declared const and is not a
344 extern int computeDelta();
346 int test(bool cond) {
347 int i = 0;
348 if (cond) {
349 const int delta = computeDelta();
350 // warn: forgot to modify 'i'
351 }
352 return i;
353 }
354 </pre></div></div></td>
360 Warn about idempotent operations.</div></div></td>
363 void test() {
364 int x = 7;
365 x = x; // warn: value is always the same
366 }
367 </pre></div>
369 void test() {
370 int x = 7;
371 x /= x; // warn: value is always 1
372 }
373 </pre></div>
375 void test() {
377 x *= one; // warn: right op is always 1
378 }
379 </pre></div>
381 void test() {
383 x = x - zero;
384 // warn: the right operand to '-' is always 0
385 }
386 </pre></div></div></td>
389 </table>
391 <!-- ================================ POSIX ================================ -->
401 fail.</div></div></td>
406 int readWrapper(int fd, int *count) {
407 int lcount = read(fd, globalBuf, sizeof(globalBuf));
408 if (lcount < 0)
409 return errno;
410 *count = lcount;
411 return 0;
412 }
414 void use(int fd) {
415 int count;
416 if (!readWrapper(fd, &count))
417 print("%d", count); // should not warn
418 }
419 </pre></div></div></td>
422 </table>
424 <!-- ========================= undefined behavior ========================== -->
434 the destruction of an object with static storage duration.
440 class A {
441 public:
442 ~A() {
443 std::exit(1); // warn
444 }
445 };
446 </pre></div></div></td>
453 Undefined behavior: function containing a definition of static local object is
454 called during the destruction of an object with static storage duration so that
455 flow of control passes through the definition of the previously destroyed
456 static local object.
460 void f();
462 class A {
463 public:
464 ~A() {
465 f(); // warn
466 }
467 };
469 class B {};
471 A a;
473 void f() {
474 static B b;
475 }
476 </pre></div></div></td>
483 The effect of dereferencing a pointer returned as a request for zero size is
484 undefined.<br>
486 unix.Malloc</span>.
492 void test() {
493 int *p = (int *)malloc(0);
494 *p = 1; // warn
495 free(p);
496 }
497 </pre></div>
499 void f(int);
501 void test() {
502 int *p = new int[0];
503 f(*p); // warn
504 delete[] p;
505 }
506 </pre></div></div></td>
513 Undefined behavior: the following usage of the pointer to the object whose
514 lifetime has ended can result in undefined behavior:<br>
515 The object will be or was of a class type with a non-trivial destructor and
517 The object will be or was of a non-POD class type (C++11: any class type) and
518 <ul><li>the pointer is used to access a non-static data member or call a
519 non-static member function of the object</li>
520 <li>the pointer is implicitly converted to a pointer to a base class
521 type</li>
531 class A {
532 public:
533 ~A();
534 };
536 class B : public A {};
538 void test() {
539 A *a = new A;
540 new(a) B;
541 delete a; // warn
542 }
543 </pre></div>
547 class A {
548 public:
549 ~A();
550 };
552 class B {};
554 void test() {
555 A *a = new A;
556 new(a) B;
557 a->~A();
558 }
559 </pre></div>
563 class A {
564 public:
565 ~A();
566 };
568 class B : public A {};
570 class C {};
572 void f(A*);
574 void test() {
575 B *b = new B;
576 new(b) C;
577 f(b); // warn
578 }
579 </pre></div>
583 class A {
584 public:
585 ~A();
586 };
588 class B : public A {};
590 class C {};
592 A* test() {
593 B *b = new B;
594 new(b) C;
596 }
597 </pre></div>
601 class A {
602 public:
603 ~A();
604 };
606 class B : public A {};
608 class C {};
610 A* test() {
611 B *b = new B;
612 new(b) C;
614 }
615 </pre></div></div></td>
622 Undefined behavior: the program must ensure that an object occupies the same
623 storage location when the implicit or explicit destructor call takes place.
629 class A {};
631 class B {
632 public:
633 ~B();
634 };
636 void test() {
637 B b;
638 new (&b) A;
639 } // warn
640 </pre></div>
644 class A {};
646 class B {
647 public:
648 ~B();
649 };
651 void test() {
652 B *b = new B;
653 new (b) A;
654 delete b; // warn
655 }
656 </pre></div></div></td>
663 Undefined behavior: a scalar object shall have its stored value modified at
664 most once by the evaluation of an expression.<br>
665 Note: most cases are currently handled by the Clang core (search for 'multiple
666 unsequenced modifications' warning in Clang tests).
670 int test () {
671 int i = 0;
672 i = ++i + 1; // warn
673 return i;
674 }
675 </pre></div></div></td>
682 Undefined behavior: static declaration is re-entered while the object is being
683 initialized.
687 int test(int i) {
688 static int s = test(2 * i); // warn
689 return i + 1;
690 }
691 </pre></div></div></td>
698 Undefined behavior: const object is being modified.
702 void test() {
703 const int *cp = new const int (0);
705 *p = 1; // warn
706 delete p;
707 }
708 </pre></div>
710 class C {
711 public :
712 int i;
713 C();
714 };
716 void test() {
717 const C cb;
721 }
722 </pre></div></div></td>
729 Undefined behavior: the destructor is invoked for an object whose lifetime
730 has ended.
734 class A {
735 public:
736 void f();
737 A();
738 ~A();
739 };
741 void test() {
742 A a;
743 a.~A();
744 } // warn
745 </pre></div></div></td>
752 Undefined behavior: calls member function but base not yet initialized.
756 class A {
757 public :
758 A(int);
759 };
761 class B : public A {
762 public :
763 int f();
764 B() : A(f()) {} // warn
765 };
766 </pre></div></div></td>
773 C++ Undefined behavior: non-static member or base class of non-POD class type
774 is referred before constructor begins execution.<br>
775 C++11 Undefined behavior: non-static member or base class of a class with a
776 non-trivial constructor is referred before constructor begins execution.
780 struct non_POD {
781 int i;
782 non_POD();
783 };
785 extern non_POD non_pod;
787 int *p = &non_pod.i; // warn
788 </pre></div>
790 struct POD {
791 int i;
792 };
794 struct non_POD : public POD {
795 POD pod;
796 };
798 extern non_POD non_pod;
800 int *p = &non_pod.pod.i; // warn
801 </pre></div>
803 struct POD {
804 int i;
805 };
807 struct non_POD : public POD {};
809 extern non_POD non_pod;
811 POD *p = &non_pod; // warn
812 </pre></div>
814 struct non_POD {
815 int i;
816 non_POD();
817 };
819 struct S {
820 int *k;
821 non_POD non_pod;
822 S() : k(&non_pod.i) {} // warn
823 };
824 </pre></div></div></td>
831 C++03: Undefined behavior: non-static member of non-POD class type is referred
832 after destructor ends execution.<br>
833 C++11: Undefined behavior: non-static member of a class with a non-trivial
834 destructor is referred after destructor ends execution.
838 class C {
839 public:
840 C();
841 void f();
842 };
844 void test() {
845 C *c = new C();
846 c->~C();
847 c->f(); // warn
848 }
849 </pre></div></div></td>
856 Undefined behavior: call to virtual function of an object under construction
857 whose type is neither the constructors own class or one of its bases.
861 class A {
862 public:
863 virtual void f() {};
864 };
866 class B {
867 public:
868 B(A* a) { a->f(); } // warn
869 };
871 class C : public A, B {
872 public:
873 C() : B((A*)this) {}
874 };
875 </pre></div></div></td>
883 construction whose type is neither the constructors own class or one of its
884 bases.
890 class A {};
892 class B {
893 public:
894 B(A* a) {
895 (void)typeid(*a); // warn
896 }
897 };
899 class C : public A, B {
900 public:
901 C() : B((A*)this) {}
902 };
903 </pre></div></div></td>
911 construction whose type is neither the constructors own class or one of its
912 bases.
918 class A {
919 public:
920 virtual void f() {};
921 };
923 class B {
924 public:
925 B(A* a) {
927 }
928 };
930 class C : public A, B {
931 public:
932 C() : B((A*)this) {}
933 };
934 </pre></div></div></td>
941 Undefined behavior: referring to any non-static member or base class of an
942 object in the handler for a function-try-block of a constructor or destructor
943 for that object results in undefined behavior.
947 void f() { throw 1; }
949 class C {
950 int i;
951 public :
952 C()
953 try {
954 f();
955 }
956 catch (...) {
957 i=2; // warn
958 }
959 };
960 </pre></div>
962 void f() { throw 1; }
964 class Base {
965 public:
966 int i;
967 };
969 class C: public Base {
970 public :
971 ~C() try {
972 f();
973 }
974 catch (...) {
975 i=2; // warn
976 }
977 };
978 </pre></div></div></td>
985 Undefined behavior: a function returns when control reaches the end of a
986 handler. This results in undefined behavior in a value-returning function.
990 void f() { throw 1; }
992 int test() try {
993 f();
994 return 1;
995 }
996 catch(int) {
997 } // warn
998 </pre></div></div></td>
1006 at the same time the behavior of the program is undefined.
1013 void test() {
1014 int *data = new int;
1017 }
1018 </pre></div></div></td>
1027 alpha.security.ArrayBoundV2</span>.
1034 void test() {
1036 char c = s[10]; // warn
1037 }
1038 </pre></div>
1042 void test() {
1045 }
1046 </pre></div></div></td>
1054 stream is undefined.
1060 int test() {
1062 return *v.end(); // warn
1063 }
1064 </pre></div></div></td>
1071 C++03: Undefined behavior: the objects in the array passed to qsort are of
1072 non-POD type.<br>
1073 C++11: Undefined behavior: the objects in the array passed to qsort are of
1074 non-trivial type.
1078 // C++03
1082 struct non_POD {
1083 non_POD();
1084 };
1086 non_POD values[] = { non_POD(), non_POD() };
1088 int compare(const void *a, const void *b);
1090 void test() {
1091 qsort(values, 2, sizeof(non_POD), compare); // warn
1092 }
1093 </pre></div>
1095 // C++11
1098 struct S {};
1100 struct trivial_non_POD : public S {
1101 int i;
1102 };
1104 struct non_trivial {
1105 int i;
1106 non_trivial();
1107 };
1109 trivial_non_POD tnp[2];
1110 non_trivial nt[2];
1112 int compare1(const void *a, const void *b);
1114 int compare2(const void *a, const void *b);
1116 void test() {
1117 qsort(tnp, 2, sizeof(trivial_non_POD), compare1); // ok
1118 qsort(nt, 2, sizeof(non_trivial), compare2); // warn
1119 }
1120 </pre></div></div></td>
1127 Undefined behavior: copy constructor/assignment operator can throw an exception.
1128 The effects are undefined if an exception is thrown.</div></div></td>
1131 class C {
1132 public:
1133 int i, j;
1134 C (const C &c) {
1135 i = c.i;
1136 throw 1; // warn
1137 j = c.j;
1138 };
1139 };
1140 </pre></div>
1142 class C {
1143 public:
1144 int i, j;
1146 i = c.i;
1147 throw 1; // warn
1148 j = c.j;
1149 };
1150 };
1151 </pre></div></div></td>
1160 pointed to by the first argument (source).
1166 struct S {
1167 int i;
1168 S(int ii) : i(ii) {};
1169 };
1171 void test(void) {
1174 }
1175 </pre></div></div></td>
1188 // C++03
1191 void test(void) {
1193 a = b; // warn
1194 b.resize(1);
1195 a = b; // ok
1196 }
1197 </pre></div>
1202 void test(void) {
1204 a *= b; // warn
1205 }
1206 </pre></div>
1211 void test(void) {
1213 a = a + b; // warn
1214 }
1215 </pre></div>
1220 void test(void) {
1223 c = a == b; // warn
1224 }
1225 </pre></div></div></td>
1234 undefined.
1236 p7.</p></div></div></td>
1241 void test(void) {
1243 v.sum(); // warn
1244 }
1245 </pre></div></div></td>
1252 Undefined behavior: element is specified more than once in an indirection.
1259 void test() {
1260 // '1' is specified more then once
1264 a[indirect] = b; //warn
1265 }
1266 </pre></div>
1270 void test() {
1271 // '1' is specified more then once
1275 a[indirect] *= b; //warn
1276 }
1277 </pre></div></div></td>
1293 using namespace std;
1296 };
1300 class my_streambuf
1302 };
1303 public:
1304 my_stream2() {
1305 this->init(new my_streambuf);
1306 }
1307 };
1309 void test() {
1312 delete p1; // warn
1313 delete p2; // ok
1314 }
1315 </pre></div></div></td>
1330 using namespace std;
1333 };
1337 class my_streambuf
1339 };
1340 public:
1341 my_stream2() {
1342 this->init(new my_streambuf);
1343 }
1344 };
1346 void test() {
1349 p1->narrow('a', 'b'); // warn
1350 p2->narrow('a', 'b'); // ok
1351 }
1352 </pre></div></div></td>
1367 class my_streambuf : public std::streambuf {
1368 void f() {
1369 seekpos(-1); // warn
1370 }
1371 };
1372 </pre></div>
1376 void test() {
1377 std::filebuf fb;
1378 std::istream in(&fb);
1379 std::filebuf::off_type pos(-1);
1380 in.seekg(pos); // warn
1381 }
1382 </pre></div></div></td>
1385 </table>
1387 <!-- ============================ different ================================ -->
1392 </thead>
1397 Successive assign to a variable.</div></div></td>
1400 int test() {
1401 int i;
1402 i=1;
1403 i=2; // warn
1404 return i;
1405 }
1406 </pre></div></div></td>
1413 Dereferencing of the null pointer might take place. Checking the pointer for
1414 null should be performed first.
1419 struct S {
1420 int x;
1421 };
1423 struct S* f();
1425 void test() {
1426 struct S *p1 = f();
1427 int x1 = p1->x; // warn
1428 if (p1) {};
1430 struct S *p2 = f();
1431 int x2 = p2->x; // ok
1432 }
1433 </pre></div></div></td>
1440 Dereferencing of the null pointer might take place. Checking the pointer for
1441 null should be performed first.
1446 struct S {int i;};
1448 struct S* f();
1450 void test() {
1451 struct S *p = f();
1452 if (p->i && p) {}; // warn
1453 }
1454 </pre></div></div></td>
1461 Identical accessor bodies. Possibly a misprint.</div></div></td>
1464 class A {
1465 int i;
1466 int j;
1467 public:
1468 int getI() { return i; }
1469 int getJ() { return i; } // warn
1470 };
1471 </pre></div>
1473 class A {
1474 int i;
1475 int j;
1476 public:
1477 void setI(int& ii) { i = ii; }
1478 void setJ(int& jj) { i = jj; } // warn
1479 };
1480 </pre></div></div></td>
1487 Accessors exist for a public class field. Should this field really be
1488 public?</div></div></td>
1491 class A {
1492 public:
1493 int i; // warn
1494 int getI() { return i; }
1495 void setI(int& ii) { i = ii; }
1496 };
1497 </pre></div></div></td>
1504 Calling a function ignoring its return value is of no use (create the list of
1505 known system/library/API functions falling into this category).</div></div></td>
1510 void test() {
1512 v.empty(); // warn
1513 }
1514 </pre></div></div></td>
1521 Wrong variable is possibly used in the loop/cond-expression of
1523 'proper_variable_name'?</div></div></td>
1526 void test() {
1527 int i = 0;
1528 int j = 0;
1530 }
1531 </pre></div>
1533 void test() {
1534 int i = 0;
1535 int j = 0;
1537 }
1538 </pre></div></div></td>
1545 Comparing floating point numbers may be not precise.</div></div></td>
1550 double test() {
1551 double b = sin(M_PI / 6.0);
1552 if (b == 0.5) // warn
1553 b = 0;
1554 return b;
1555 }
1556 </pre></div></div></td>
1568 int f();
1570 void test() {
1571 bool b = true;
1572 if (b & f()) {} // warn
1573 }
1574 </pre></div></div></td>
1582 statement.</div></div></td>
1585 void test(int c) {
1586 switch(c){
1587 case 1:
1588 c += 1; break;
1589 defalt: // warn (did you mean 'default'?)
1590 c -= 1; break;
1591 }
1592 }
1593 </pre></div></div></td>
1601 identical.</div></div></td>
1604 int test(int c) {
1606 c += 1;
1608 c -= 1;
1609 return c;
1610 }
1611 </pre></div></div></td>
1619 expression result.</div></div></td>
1622 void test(unsigned a) {
1624 }
1625 </pre></div></div></td>
1632 An expression is always evaluated to true/false.</div></div></td>
1635 void test() {
1636 int i = 0;
1637 if (i != 0) {}; // warn
1638 }
1639 </pre></div>
1641 void test(int i) {
1643 }
1644 </pre></div>
1646 void test(int i) {
1648 }
1649 </pre></div></div></td>
1656 Comparison operation has higher precedence then assignment. Boolean value is
1657 assigned to a variable of other type. Parenthesis may bee required around an
1658 assignment.</div></div></td>
1661 int f();
1663 void test(int x, int y) {
1664 bool b;
1665 if((b = x != y)) {} // ok
1666 if((x = f() != y)) {} // warn
1667 }
1668 </pre></div></div></td>
1682 void test(int a) {
1684 }
1685 </pre></div>
1687 void test(int a) {
1689 }
1690 </pre></div></div></td>
1697 The object was created but is not being used.</div></div></td>
1700 struct S {
1701 int x, y;
1702 S(int xx, int yy) : x(xx), y(yy) {}
1703 S(int xx) {
1704 S(xx, 0); // warn
1705 }
1706 };
1707 </pre></div>
1711 void test() {
1712 std::exception();
1713 // warn (did you mean 'throw std::exception()'?)
1714 }
1715 </pre></div></div></td>
1722 Pointer to static array is being compared to NULL. May the subscripting is
1723 missing.</div></div></td>
1726 void test() {
1729 }
1730 </pre></div></div></td>
1737 Odd implicit conversion to boolean.
1742 bool test() {
1743 return 1.; // warn
1744 }
1745 </pre></div>
1747 bool test() {
1748 return ""; // warn
1749 }
1750 </pre></div></div></td>
1757 Out-of-bound dynamic array access.
1762 void test() {
1763 int *p = new int[1];
1764 int i = 1;
1765 if(p[i]) {}; // warn
1766 delete[] p;
1767 }
1768 </pre></div></div></td>
1775 Buffer copy without checking the size of input.
1780 void test(char* string) {
1781 char buf[24];
1782 strcpy(buf, string); // warn
1783 }
1784 </pre></div></div></td>
1791 Integer overflow.
1792 <br>Note: partially handled by Clang core
1793 (search for 'overflow in expression' warning in Clang tests).
1800 int f(int x);
1802 void test() {
1803 f(INT_MAX + 1); // warn
1804 }
1805 </pre></div>
1809 int test() {
1811 return x * 2; // warn
1812 }
1813 </pre></div></div></td>
1820 Unexpected sign extension might take place.
1825 unsigned long long test(long long sll) {
1826 unsigned long long ull = sll; // warn
1827 return ull;
1828 }
1829 </pre></div>
1831 void f(unsigned int i);
1833 void test(int si) {
1834 f(si); // warn
1835 }
1836 </pre></div>
1838 unsigned int test(int i) {
1839 return i;
1840 }
1841 </pre></div></div></td>
1848 Numeric truncation might take place.
1853 unsigned long test(unsigned long long ull) {
1854 unsigned long ul = ull; // warn
1855 return ul;
1856 }
1857 </pre></div>
1859 void f(int i);
1861 void test(long long sll) {
1862 f(sll); // warn
1863 }
1864 </pre></div>
1866 int f();
1868 short test(long long sll) {
1869 short ss = f();
1870 return ss;
1871 }
1872 </pre></div></div></td>
1879 A class has dynamically allocated data members but do not define a copy
1880 constructor/assignment operator.
1882 leaving destructors.</p></div></div></td>
1885 class C {
1886 int *p; // warn
1887 public:
1888 C() { p = new int; }
1889 ~C() { delete p; }
1890 };
1891 </pre></div></div></td>
1894 </table>
1896 <!-- ============================ WinAPI =================================== -->
1906 lpApplicationName</i></code> is NULL then the executable name must be in the
1908 If the executable or path name has a space in it, there is a risk that a
1909 different executable could be run because of the way the function parses
1910 spaces.
1911 <p>Source: <a href="http://msdn.microsoft.com/en-us/library/windows/desktop/ms682425%28v=vs.85%29.aspx">
1917 void test() {
1918 STARTUPINFO si;
1919 PROCESS_INFORMATION pi;
1920 CreateProcess(NULL, TEXT("C:\\Program Files\\App -L -S"),
1921 NULL, NULL, TRUE, 0, NULL, NULL, &si, &pi);
1922 // warn
1923 }
1924 </pre></div></div></td>
1933 <p>Source: <a href="http://msdn.microsoft.com/en-us/library/windows/desktop/ms684175%28v=vs.85%29.aspx">
1939 HINSTANCE test() {
1940 char filePath[100];
1942 return LoadLibrary(filePath); // warn
1943 }
1944 </pre></div></div></td>
1952 the input buffer equals the number of characters in the Unicode string, while
1953 the size of the output buffer equals the number of bytes.
1954 <p>Source: <a href="http://msdn.microsoft.com/en-us/library/windows/desktop/dd374130%28v=vs.85%29.aspx">
1960 void test() {
1961 wchar_t ws[] = L"abc";
1962 char s[3];
1964 3, NULL, NULL); // warn
1965 }
1966 </pre></div></div></td>
1970 </table>
1972 <!-- =========================== optimization ============================== -->
1981 Optimization: It is more effective to pass constant parameter by reference to
1982 avoid unnecessary object copying.</div></div></td>
1985 struct A {};
1987 void f(const struct A a); // warn
1988 </pre></div></div></td>
1995 Optimization: It is more effective to use prefix increment operator with
1996 iterator.
1998 Distinguish between prefix and postfix forms of increment and decrement
1999 operators.</p></div></div></td>
2004 void test() {
2007 for(it = v.begin();
2008 it != v.end(); it++) {}; // warn
2009 }
2010 </pre></div></div></td>
2018 expression. It is more effective to hold a value returned
2024 void test(const char* s) {
2027 }
2028 </pre></div></div></td>
2042 void test() {
2043 std::string s;
2044 if (strlen(s.c_str()) != 0) {}; // warn
2045 }
2046 </pre></div></div></td>
2054 method to identify an empty container.</div></div></td>
2059 void test() {
2061 if (l.size() != 0) {}; // warn
2062 }
2063 </pre></div></div></td>
2067 </table>
2069 <br>
2072 </body>
2073 </html>