Мобильная версияЛожное срабатывание sonarqube при типичном вызове сортировки (S3519) ⇐ C++
-
Anonymous
Ложное срабатывание sonarqube при типичном вызове сортировки (S3519)
I'm getting a SonarQube S3519 warning on all kinds of completely ordinary std::sort() calls:
typedef std::vector MyVector; MyVector transactionList; transactionList.clear(); sort(transactionList.begin(), transactionList.end()); The Sonar's complaint, ostensibly about either iterator, especially the end iterator, is worded as follows:
Returned pointer value points outside the original object (potential buffer overflow)
The "original object" is supposed to be MyType (whatever class lives in the vector).
I'm using SonarQube version 9.9.1.
The warning gives me the impression that std::sort is a black box for Sonar and that Sonar is afraid that the end iterator might end up used in a dangerous way inside std::sort. I'm just puzzled because this must be a very common pattern in C++ and everybody would be getting hit by this kind of a false positive.
Does SonarQube ever trip over ordinary std::sort calls like this?
Источник: https://stackoverflow.com/questions/781 ... call-s3519
I'm getting a SonarQube S3519 warning on all kinds of completely ordinary std::sort() calls:
typedef std::vector MyVector; MyVector transactionList; transactionList.clear(); sort(transactionList.begin(), transactionList.end()); The Sonar's complaint, ostensibly about either iterator, especially the end iterator, is worded as follows:
Returned pointer value points outside the original object (potential buffer overflow)
The "original object" is supposed to be MyType (whatever class lives in the vector).
I'm using SonarQube version 9.9.1.
The warning gives me the impression that std::sort is a black box for Sonar and that Sonar is afraid that the end iterator might end up used in a dangerous way inside std::sort. I'm just puzzled because this must be a very common pattern in C++ and everybody would be getting hit by this kind of a false positive.
Does SonarQube ever trip over ordinary std::sort calls like this?
Источник: https://stackoverflow.com/questions/781 ... call-s3519
