With recent releases SonarQube and SonarCloud offer expanded compiler support and additional security-related rules.
Improved C/C++ analysis
By Alexandre Gigleux
From the article:
There are tons of C/C++ compilers out there and we always get many requests by many users about additional compilers support. We listened and added the support of 10+ compilers to allow more developers to benefit from our C/C++ rules.
We want to help C/C++ developers to deliver code in production without vulnerabilities and more precisely we want to avoid buffer overflow to be exploited by hackers. This is why we implemented 4 rules looking at APIs that could be badly used and that open the door to buffer overflow attacks
Add a Comment