ThorVG
Cppcheck Analysis Findings for ThorVG #3791
Unanswered
manishagarwal23
asked this question in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi Team,
I ran the static code analysis (using Cppcheck) on the ThorVG code and found a few errors being reported. Cppcheck is the widely recommended open-source static analysis tool for C++ security scanning. It's designed to detect undefined behavior, memory management issues, and security vulnerabilities while maintaining a low false positive rate. Cppcheck can identify buffer overflows, null pointer dereferences, memory leaks, and integer overflows.
If these are false and not security issues please share
Some are in example files which can be ignored but some are in array indexes like the follwoing which i feel should be checked once
Array 'cbc_ext_flags[0]' accessed at index -212, which is out of bounds. [negativeIndex]
static_analysis_report.xlsx
Regards
Manish
Beta Was this translation helpful? Give feedback.
All reactions