This topic describes the preconfigured "built-in" static analysis  rules that are shopped with C/C++test.

Sections include:

Understanding Rule Categories

C/C++test provides hundreds of code analysis rules that industry experts have developed to help identify potential bugs from improper C or C++ language usage. They help you enforce best coding practices, as well as improve code maintainability and reusability. These rules are organized into the categories, for example, Flow Analysis [BD], Coding Convention [CODSTA], Code Duplication Detection [CDD], Optimization [OPT], Security [SECURITY], and many more.

Viewing Rule Descriptions

To view descriptions of all the static analysis rules that are included with C/C++test, choose Parasoft> Help, open the C++test  Static Analysis Rules book, then browse the available rule description files

To view a list of all static analysis rules that a given Test Configuration is configured to check, as well as descriptions of these rules:

  1. Open the Test Configurations dialog by choosing Parasoft> Test Configurations or by choosing Test Configurations in the drop-down menu on the Test Using toolbar button.
  2. Select the Test Configuration that you want a rule list for.
  3. Open the Static tab.
  4. Click Printable Docs.

If you want to print the list of rules and all related rule descriptions, enable your browser’s Print all linked documents printer option before you print the main the list of rules.

Severity Levels

Each rule is assigned a severity level. The severity level indicates the chance that a violation of the rule will cause a serious construction defect (a coding construct that causes application problems such as slow performance, memory leaks, security vulnerabilities, and so on). Possible severity levels (listed from most severe to least severe) are:

  • Highest - Level 1
  • High  - Level 2
  • Medium  - Level 3
  • Low - Level 4
  • Lowest  - Level 5

Custom Rules

C/C++test can also check any number of custom rules that you design with the RuleWizard module. With RuleWizard, rules are created graphically (by creating a flow-chart-like representation of the rule) or automatically (by providing code that demonstrates a sample rule violation). By creating and checking custom rules, teams can verify unique project and organizational requirements, as well as prevent their most common errors from recurring. 

RuleWizard can be used to modify built-in static code analysis and to add additional ones. For more information about creating custom coding rules, see Customizing Existing Rules and Creating New Rules.

  • No labels