Hello, I am using a non-standard memory allocation function in C that is not being detected by SonarQube. Is there a way to configure SonarQube to detect our custom function and scan for memory leaks?
One work around I have tried is creating a wrapper with standard malloc/free name which does detect it.
Thanks,
Emily
Hi Emily,
Welcome to the community and thanks for this report!
Could you provide a reproducer / example of this?
Thx,
Ann
Thanks Ann,
sure here is an example:
int32_t custom_memory(uint8_t ** buffer, uint32_t size)
{
uint8_t *full_ptr; // Fully allocated memory with header
uint8_t *user_ptr; // Region of user allocated memory
uint32_t *size_ptr; // Points to word inside header to store original size
uint8_t *header;
uint32_t adjusted_size = size + HEADER_SIZE;
full_ptr = pvPortMalloc(adjusted_size);
if (full_ptr)
{
user_ptr = full_ptr + HEADER_SIZE;
// Fill the header bytes
header = full_ptr;
for(uint32_t i=0; i<HEADER_SIZE; ++i)
{
header[i] = HEADER_BYTE;
}
// Store the original size 8 bytes in
size_ptr = (uint32_t *)(full_ptr + 8);
*size_ptr = size;
*buffer = user_ptr;
}
else
{
*buffer = NULL;
return -1;
}
if (buffer == NULL)
{
return -1;
}
return 0;
}
Hi,
Thanks for the reproducer! I should have also asked you what version you’re (not) seeing this in.
Thx,
Ann
Version 06.0F.02.5Arc3
Hi,
I don’t recognize that number. Can you check the version number in your SonarQube page footer?
Thx,
Ann
Ok the footer says: v2025.4.3 (113915)
Hi,
Thanks! I’ve flagged this for the language experts.
Ann
I’m mostly interested if SonarQube has the capability to configure our custom functions. This was something we were able to do with Klockwork, a static code analyzer, where we could define custom functions.
Looks like maybe I can write a SonarQube Server plugin?
Hi,
I can already tell you you can’t configure C analysis. But I’m flagging this for the experts to see if you shouldn’t have to configure.
Ann
Ok great thanks Ann for your help
Hello @emily.kinne,
Thanks for reaching out and sharing your feedback.
Unfortunately, at this time, we don’t support ways to configure your analysis for this purpose. I’ve raised an internal ticket specifically for FreeRTOS, which I gather you were using.
We also have ideas to support custom allocating/deallocating functions using a system of function attributes, but ideally the user should not have to configure their analysis.
Marco
Yes our project uses FreeRTOS, thanks for the answer Marco.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.