automated cppcheck for gnupg

Hans-Christoph Steiner hans at
Wed Apr 16 21:22:10 CEST 2014

On 04/16/2014 08:14 AM, Werner Koch wrote:
> On Wed, 16 Apr 2014 12:50, hans at said:
>> The question now is whether you want cppcheck errors to automatically trigger
>> an email to the committers.  That will be a lot easier if cppcheck does not
>> find things its thinks are errors.  That means doing things like:
> One mail more does not harm.  However, given the long list of false
> positives I doubt that it makes sense to look at the identified problems
> regularly.
>> -  char buffer[BUFFER_SIZE];
>> +  char buffer[BUFFER_SIZE] = ""; // make cppcheck happy
> No, that is plainly wrong.

The point is to initialize it with something that does no harm, whatever that
might be (memcpy(0)?).  It may seem pointless to placate the automaton
(cppcheck), but while it is not as good as a human at catching and
understanding errors, it does so tirelessly and basically for free.

The kind of setup that works best with jenkins automation is when the
pointless errors are fixed so that Jenkins can easily notify the committer
when new errors arise.  It seems this quick and dirty scan caught a bunch of
issues, so it is worthwhile.

Another option is adding this comment on the line before to disable the error:
// cppcheck-suppress memleak

where 'memleak' is the error type.


PGP fingerprint: 5E61 C878 0F86 295C E17D  8677 9F0F E587 374B BE81

More information about the Gnupg-devel mailing list