1.4.12. Migration to 7.9.3¶

1.4.12.1. Stylechecks¶

FaultDetection-MemoryLeak¶

C++HeapMemory has been added to the default resources of FaultDetection-MemoryLeak, thus possibly adding new findings. The following rules are also affected, as they use FaultDetection-MemoryLeak internally and do not overwrite the resources.

‘CertC++-FIO51’

‘CertC++-FIO42’

‘CertC-FIO42’

‘CWE-772’

‘CWE-Resource-Management-Errors-772’

‘MisraC++-0.3.1’

‘MisraC-21.1’

‘SecureCoding-5.18’

CWE¶

The default severity for CWE rules has been changed from “required” to “Unspecified”. As severity of CWE rules the “Likelihood of Exploit” as given on the corresponding web pages is used. The possible values are “High”, “Low” or “Medium”. Severities are shown as initial parts of violation messages.

The change only affects those CWE rules where this likelihood is not given and is now shown as “Unspecified”. No differences are expected in the dashboard display for the number, removals, or additions of CWE violations. However, filters relying on the severity value may be impacted.

The dodumentation for the option severity of CWE rules now clarifies the correspondence to the likelihood of exploit.