Custom Rule for C

Dear Sonar Expert,

We are working on embedded system using C.
We use Sonarqube Developer Edition version 7.9.

We have common practices to prohibit the use of memset and some other methods.
I saw some Sonarqube default rule to forbid some functions like sprintf (c:S6069) and fgets (c:1081).

In some java rule we can specify the method or exceptions on Quality Profile, but I don’t see it in C Rule. Is it possible to extends one of these rules, to forbit memset and other methods?

If, no is there any alternatives?

Thank You


Sorry, but we don’t support custom rules for C.

But could you list the functions you’d like to forbid and explain your reasons? We might want to implement them for the benefit of everyone.


Please also note that we have a rule that detects some bad usage patterns when using memset.

1 Like