SonarQube / SonarCloud Improved Analysis -- Alexandre Gigleux

With recent releases SonarQube and SonarCloud offer expanded compiler support and additional security-related rules.

Improved C/C++ analysis

By Alexandre Gigleux

From the article:

There are tons of C/C++ compilers out there and we always get many requests by many users about additional compilers support. We listened and added the support of 10+ compilers to allow more developers to benefit from our C/C++ rules.

We want to help C/C++ developers to deliver code in production without vulnerabilities and more precisely we want to avoid buffer overflow to be exploited by hackers. This is why we implemented 4 rules looking at APIs that could be badly used and that open the door to buffer overflow attacks

 

Add a Comment

You must sign in or register to add a comment.

Comments (0)

There are currently no comments on this entry.