While trying to evaluate whether SonarQube suffices our requirements when analysing C code, I was missing a few rules from comparable static code analysis tools. To name a few examples:
- Attempt to cast away const/volatile from a pointer or reference
- Impermissible cast of composite expression
- A specific argument to an operator is certain to be 0
I tried to identify equivalent rules in the list of C rules but could not find any. Did I miss some rules or are these aspects not covered by SonarQube?