This topic describes the preconfigured "built-in" static analysis rules that are shopped with C/C++test.
Understanding Rule Categories
C/C++test provides hundreds of code analysis rules that industry experts have developed to help identify potential bugs from improper C or C++ language usage. They help you enforce best coding practices, as well as improve code maintainability and reusability. These rules are organized into the categories, for example, Flow Analysis [BD], Coding Convention [CODSTA], Code Duplication Detection [CDD], Optimization [OPT], Security [SECURITY], and many more.
Viewing Rule Descriptions
To view descriptions of all the static analysis rules that are included with C/C++test, choose Parasoft> Help, open the C++test Static Analysis Rules book, then browse the available rule description files
To view a list of all static analysis rules that a given Test Configuration is configured to check, as well as descriptions of these rules:
- Open the Test Configurations dialog by choosing Parasoft> Test Configurations or by choosing Test Configurations in the drop-down menu on the Test Using toolbar button.
- Select the Test Configuration that you want a rule list for.
- Open the Static tab.
- Click Printable Docs.
If you want to print the list of rules and all related rule descriptions, enable your browser’s Print all linked documents printer option before you print the main the list of rules.
Each rule is assigned a severity level. The severity level indicates the chance that a violation of the rule will cause a serious construction defect (a coding construct that causes application problems such as slow performance, memory leaks, security vulnerabilities, and so on). Possible severity levels (listed from most severe to least severe) are:
- Highest - Level 1
- High - Level 2
- Medium - Level 3
- Low - Level 4
- Lowest - Level 5
C/C++test can also check any number of custom rules that you design with the RuleWizard module. With RuleWizard, rules are created graphically (by creating a flow-chart-like representation of the rule) or automatically (by providing code that demonstrates a sample rule violation). By creating and checking custom rules, teams can verify unique project and organizational requirements, as well as prevent their most common errors from recurring.
RuleWizard can be used to modify built-in static code analysis and to add additional ones. For more information about creating custom coding rules, see Customizing Existing Rules and Creating New Rules.