Skip to content

Serializable.cpp multiple static analysis findings #4527

New issue
New issue
Open
Task
Open
Serializable.cpp multiple static analysis findings#4527
Task
Labels
C++C++ developmentEasy First IssueAn issue that should be straight forward to implement, and easily tested via CI.Static Analysishelp wanted
@djbyrne17

Description

@djbyrne17
djbyrne17
opened on Dec 5, 2025
F´ Version 4.0.0
Affected Component Fw/Types

Follow-on from #4296 which gathered static analysis findings.

Problem Description

File Serializable.cpp has the only SonarQube findings of this category in fprime. Fix that, and opportunistically some other findings.

Also, more assertions would be useful, but that is not in scope of this ticket.

At least the unique SonarQube finding

<High> Line 281: cpp:S1768 result of comparison of unsigned expression < 0 is always false

Other SonarQube findings as make sense, and as time allows

<High> Line 16: cpp:S3490 Use "=default" instead of the default implementation of this special member functions.
<High> Line 18: cpp:S3490 Use "=default" instead of the default implementation of this special member functions.
<High> Line 217: cpp:S5008 Replace this use of "void *" with a more meaningful type.
<High> Line 42: cpp:S3490 Use "=default" instead of the default implementation of this special member functions.
<High> Line 473: cpp:S5008 Replace this use of "void *" with a more meaningful type.
<High> Line 816: cpp:S5008 Replace this use of "void *" with a more meaningful type.
<High> Line 878: cpp:S5008 Replace this use of "void *" with a more meaningful type.

<Med> Line 478: cpp:S3630 Replace "reinterpret_cast" with a safer operation.
<Med> Line 496: cpp:S5827 Replace the redundant type with "auto".

<Low> Line 102: cpp:S1905 Remove this redundant cast.
<Low> Line 109: cpp:S1905 Remove this redundant cast.
<Low> Line 116: cpp:S1905 Remove this redundant cast.
<Low> Line 125: cpp:S1905 Remove this redundant cast.
<Low> Line 131: cpp:S1905 Remove this redundant cast.
<Low> Line 140: cpp:S1905 Remove this redundant cast.
<Low> Line 148: cpp:S1905 Remove this redundant cast.
<Low> Line 161: cpp:S1905 Remove this redundant cast.
<Low> Line 167: cpp:S1905 Remove this redundant cast.
<Low> Line 180: cpp:S1905 Remove this redundant cast.
<Low> Line 201: cpp:S1905 Remove this redundant cast.
<Low> Line 212: cpp:S1905 Remove this redundant cast.
<Low> Line 218: cpp:S1905 Remove this redundant cast.
<Low> Line 226: cpp:S1905 Remove this redundant cast.
<Low> Line 245: cpp:S1905 Remove this redundant cast.
<Low> Line 246: cpp:S1905 Remove this redundant cast.
<Low> Line 258: cpp:S1905 Remove this redundant cast.
<Low> Line 272: cpp:S1905 Remove this redundant cast.
<Low> Line 296: cpp:S1905 Remove this redundant cast.
<Low> Line 302: cpp:S1905 Remove this redundant cast.
<Low> Line 310: cpp:S1905 Remove this redundant cast.
<Low> Line 316: cpp:S1905 Remove this redundant cast.
<Low> Line 325: cpp:S1905 Remove this redundant cast.
<Low> Line 333: cpp:S1905 Remove this redundant cast.
<Low> Line 341: cpp:S1905 Remove this redundant cast.
<Low> Line 349: cpp:S1905 Remove this redundant cast.
<Low> Line 358: cpp:S1905 Remove this redundant cast.
<Low> Line 368: cpp:S1905 Remove this redundant cast.
<Low> Line 376: cpp:S1905 Remove this redundant cast.
<Low> Line 386: cpp:S1905 Remove this redundant cast.
<Low> Line 397: cpp:S1905 Remove this redundant cast.
<Low> Line 412: cpp:S1905 Remove this redundant cast.
<Low> Line 420: cpp:S1905 Remove this redundant cast.
<Low> Line 434: cpp:S1905 Remove this redundant cast.
<Low> Line 456: cpp:S1905 Remove this redundant cast.
<Low> Line 469: cpp:S1905 Remove this redundant cast.
<Low> Line 496: cpp:S1905 Remove this redundant cast.
<Low> Line 498: cpp:S1905 Remove this redundant cast.
<Low> Line 52: cpp:S1905 Remove this redundant cast.
<Low> Line 529: cpp:S1905 Remove this redundant cast.
<Low> Line 532: cpp:S1905 Remove this redundant cast.
<Low> Line 597: cpp:S1905 Remove this redundant cast.
<Low> Line 612: cpp:S1905 Remove this redundant cast.
<Low> Line 639: cpp:S1905 Remove this redundant cast.
<Low> Line 65: cpp:S1905 Remove this redundant cast.
<Low> Line 70: cpp:S1905 Remove this redundant cast.
<Low> Line 77: cpp:S1905 Remove this redundant cast.
<Low> Line 82: cpp:S1905 Remove this redundant cast.
<Low> Line 89: cpp:S1905 Remove this redundant cast.
<Low> Line 96: cpp:S1905 Remove this redundant cast.

Other CodeSonar findings as make sense, and as time allows

<Med> Line 107: Unchecked Parameter Dereference
<Med> Line 124: Cast Alters Value
<Med> Line 131: Unchecked Parameter Dereference
<Med> Line 201: Too Many Dereferences
<Med> Line 201: Unchecked Parameter Dereference
<Med> Line 218: Too Many Dereferences
<Med> Line 218: Unchecked Parameter Dereference
<Med> Line 24: Unchecked Parameter Dereference
<Med> Line 240: Too Many Dereferences
<Med> Line 240: Unchecked Parameter Dereference
<Med> Line 245: Addition Overflow of Size
<Med> Line 253: Too Many Dereferences
<Med> Line 253: Unchecked Parameter Dereference
<Med> Line 259: Too Many Dereferences
<Med> Line 259: Unchecked Parameter Dereference
<Med> Line 270: Too Many Dereferences
<Med> Line 270: Unchecked Parameter Dereference
<Med> Line 272: Addition Overflow of Size
<Med> Line 272: Too Many Dereferences
<Med> Line 301: Unchecked Parameter Dereference
<Med> Line 315: Unchecked Parameter Dereference
<Med> Line 332: Unchecked Parameter Dereference
<Med> Line 348: Unchecked Parameter Dereference
<Med> Line 367: Unchecked Parameter Dereference
<Med> Line 385: Unchecked Parameter Dereference
<Med> Line 410: Unchecked Parameter Dereference
<Med> Line 433: Unchecked Parameter Dereference
<Med> Line 45: Unchecked Parameter Dereference
<Med> Line 462: Unchecked Parameter Dereference
<Med> Line 464: Unchecked Parameter Dereference
<Med> Line 47: Too Many Dereferences
<Med> Line 478: Unchecked Parameter Dereference
<Med> Line 496: Unchecked Parameter Dereference
<Med> Line 51: Too Many Dereferences
<Med> Line 51: Unchecked Parameter Dereference
<Med> Line 515: Unchecked Parameter Dereference
<Med> Line 52: Too Many Dereferences
<Med> Line 525: Unchecked Parameter Dereference
<Med> Line 529: Addition Overflow of Size
<Med> Line 537: Too Many Dereferences
<Med> Line 537: Unchecked Parameter Dereference
<Med> Line 541: Too Many Dereferences
<Med> Line 541: Unchecked Parameter Dereference
<Med> Line 554: Too Many Dereferences
<Med> Line 559: Too Many Dereferences
<Med> Line 595: Too Many Dereferences
<Med> Line 634: Too Many Dereferences
<Med> Line 634: Unchecked Parameter Dereference
<Med> Line 639: Addition Overflow of Size
<Med> Line 647: Too Many Dereferences
<Med> Line 647: Unchecked Parameter Dereference
<Med> Line 65: Too Many Dereferences
<Med> Line 664: Too Many Dereferences
<Med> Line 664: Unchecked Parameter Dereference
<Med> Line 677: Too Many Dereferences
<Med> Line 677: Unchecked Parameter Dereference
<Med> Line 762: Buffer Overrun
<Med> Line 766: Buffer Overrun
<Med> Line 95: Cast Alters Value

How to Reproduce

  1. Run CodeSonar and Sonarqube using the JPL CAE infrastructure. See issue Static Analysis findings gathered and disposed for F ' 4.0 #4296.
  2. Search for findings:
DJ-caeleng% grep 'Serializable.cpp' .scrub/codesonar.scrub
...
DJ-caeleng% grep 'Serializable.cpp' .scrub/sonarqube.scrub
...

Expected Behavior

No findings should be reported, with the possible exception of CodeSonar warnings like these, which are related to the top-level CMakeLists.txt settings and affect all components:

  • Not All Warnings Are Enabled
  • Warnings Not Treated As Errors

Metadata

Metadata

Assignees

No one assigned

    Labels

    C++C++ developmentEasy First IssueAn issue that should be straight forward to implement, and easily tested via CI.Static Analysishelp wanted

    Type

    Task

    Projects

    F´ Development

    Status

    CCB

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions