Hi - our project started using SonarQube (9.5 Enterprise Edition). We have a very old large code base, mixed C and // C++. We’re getting a large number of what we would consider false positives and we’re pretty sure it’s because of the nested #defines. Is anything we can do about this without restructuring the code (which we can’t do) or using //NOSONAR (which I don’t want to do)? We have hundreds of these.
Example:
typedef signed int RS;
#define MAX_OP_NAME_LEN 40
#define RS_NO_ERR 0
#define RS_FAIL_BIT_LOCATION 31
#define RS_PASS(rstat) ((((rstat) & 31) == 0) ? true:false)
#define RS_FAIL(rstat) ((((rstat) & 31) == 0) ? false:true)
#define RS_MAKE(bFail, bLogged, zMod, zNum) RSEncode(bFail, bLogged, zMod, zNum)
#define RS_MAKE_FAIL(zMod, zNum) RS_MAKE (true, false, zMod, zNum)
#define NULL_POINTER_02_ERR (RS_MAKE_FAIL("XXX", "020"))
#define INPUT_STRING_TOO_LONG_05_ERR (RS_MAKE_FAIL("XXX", "099"))
typedef char SC_OP_NAME[SC_MAX_OP_NAME_LEN + 1];
RS RSEncode (bool bFail, bool bLogged, const char *pzMod, const char *pzNum)
{
// takes the arguments and creates a non-zero return value of type RS
// with bit location 31 set to true.
}
static RET_STAT SetCfgMode(const char * const pzName)
{
RET_STAT rStatus = RS_NO_ERR;
char zThingName[SC_MAX_OP_NAME_LEN + 1];
if (nullptr == pzName)
{
// This causes RET
rStatus = NULL_POINTER_02_ERR;
}
if (RS_PASS(rStatus))
{
if (strlen(pzName) >= sizeof(zThingName))
{
// Log an error
rStatus = INPUT_STRING_TOO_LONG_05_ERR;
}
else
{
strcpy(zThingName, pzName);
}
}
return rStatus;
}
Screen shot of where SonarQube decides the pointer is null (this is a screenshot from Eclipse using SonarLint but the SonarQube results report the same thing):