View Help Online

Start here

Home
About Klocwork
What's new
Fixed issues
Release notes
Installation

Reference

C/C++ checkers
Java checkers
C# checkers
MISRA C 2004 checkers
MISRA C++ 2008 checkers
MISRA C 2012 checkers
MISRA C 2012 checkers with Amendment 1
Commands
Metrics
Troubleshooting
Reference

Product components

C/C++ Integration build analysis
Java Integration build analysis
Desktop analysis
Refactoring
Klocwork Static Code Analysis
Klocwork Code Review
Structure101
Tuning
Custom checkers

Coding environments

Visual Studio
Eclipse for C/C++
Eclipse for Java
IntelliJ IDEA
Other

Administration

Project configuration
Build configuration
Administration
Analysis performance
Server performance
Security/permissions
Licensing
Klocwork Static Code Analysis Web API
Klocwork Code Review Web API

Community

View help online
Visit RogueWave.com
Klocwork Support
Rogue Wave Videos

Legal

Legal information

What's new in Klocwork 2018.1

hide menu -

In this topic:

Here are the highlights for Klocwork 2018.1. If you're upgrading, also see the Limitations for items that affect how you use Klocwork.

AUTOSAR C++14 taxonomy

In this release, we've introduced an AUTOSAR C++14 taxonomy that you can use to ensure compliance with the AUTOSAR C++14 Standard, release 17-10. For more information, see AUTOSAR Standard mapped to Klocwork C/C++ checkers.

Analysis engine improvements

Our commitment to supporting the latest C++ standards continues. In this release we're thrilled to announce that we have full support for all C++17 language features. For more information, see Supported C++ language specifications.

Web API metrics

We've added an optional parameter to the Web API metrics request called exclude_system_files. When set to true, the request omits system files from the metrics. For more information, see Issue and metric API examples.

Licensing

2017 licenses are not compatible with Klocwork 2018.1. You need a new license to use the latest version of the product. Contact license@roguewave.com to obtain a new license.

Improvements to supported compilers

We've added support for the following compilers:
  • IAR compiler/linker for STM8 Microcontroller family

We've improved support for the following compilers:

  • Clang
  • GNU (GCC)

For the full list of supported C/C++ compilers, see C/C++ compilers supported for build integration.

Checker improvements

From release to release, we improve issue detection to bring state-of-the-art capabilities to our customers. As a result, expect your analysis results to change as accuracy and coverage improve.

New checkers

Checker Description
MISRA.STDLIB.ILLEGAL_REUSE.2012_AMD1

Implements MISRA C 2012 Rule 21.20: The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror shall not be used following a subsequent call to the same function.

Modified checkers

Checker Description
MISRA.CONV.NUM.NARROWER

More defects detected.
MISRA.CVALUE.IMPL.CAST.CPP

Fewer false positives are expected.
MISRA.FOR.INCR.CHANGE

Fewer false positives are expected.
MISRA.IF.NO_ELSE

Fewer false positives are expected.
MISRA.SWITCH.WELL_FORMED.DEFAULT.FIRST_OR_LAST.2012

Fewer false positives are expected.

Enabled or disabled checkers

No changes were made to the default enabled field of the checker configuration files for this release.

Taxonomy improvements

As part of our installation, we offer several custom taxonomy files that map our checkers to standards such as MISRA, CWE, OWASP and DISA STIG. The following is the list of changes to these files in this release:
Note: If you've imported a custom taxonomy (for example, MISRA) in a previous release, you need to import the new taxonomy file to pick up these changes.
Taxonomy file Changes in this release
autosar_cpp.tconf and autosar_cpp_ja.tconf These are new taxonomies that you can use to ensure compliance with the AUTOSAR C++14 Standard, release 17-10.
disa_stig_v4_java.tconf and disa_stig_v4_java_ja.tconf We added references to the following checkers:
APSC-DV-002030: Encryption
  • SV.HASH.NO_SALT
  • SV.SENSITIVE.DATA
  • SV.SENSITIVE.OBJ
  • SV.WEAK.CRYPT
cwe_10_cxx.tonf and cwe_10_cxx_ja.tonf

We added references to the following checkers:

CWE-1037: Processor Optimization Removal or Modification of Security-critical Code

  • SPECTRE.VARIANT1
misra_c_2012_with_amd1_c90.tconf and misra_c_2012_with_amd1_c90_ja.tconf

We added references to the following checkers:

MISRA C 2012 Rule 21.20: The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror shall not be used following a subsequent call to the same function

  • MISRA.STDLIB.ILLEGAL_REUSE.2012_AMD1
misra_c_2012_with_amd1_c99.tconf and misra_c_2012_with_amd1_c99_ja.tconf

We added references to the following checkers:

MISRA C 2012 Rule 21.20: The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror shall not be used following a subsequent call to the same function

  • MISRA.STDLIB.ILLEGAL_REUSE.2012_AMD1

Changes to system requirements

This section lists changes to the System Requirements. We've added support for the following:
  • Debian 8.10 and 9.4
  • OpenSUSE 12.3 (Ent)
  • Ubuntu 14.04.05 and 16.04.03
  • Windows 7 Service Pack 1
  • Windows 10 version 1709
  • IBM AIX 7.1 TL 5 and 7.2 TL 2
  • Google Chrome 65.0.3325
  • Mozilla Firefox 52.7.2 and 59.0.1
  • Apple Safari 11.0.3
  • Edge 20.1024 and 40.15063
  • Internet Explorer 11.0.52
  • Eclipse 4.7.3
  • Android Studio 3.0.1
  • JetBrains IntelliJ IDEA 2017.3.4
  • QNX Software Dev Platform 7.0

Changes to commands, tools, and options

We added a new command called kwciagent.

We removed the kwscope tool.

For more information about Klocwork commands, see Command Reference.

  1. What's new in Klocwork 2018
Parent topic: Release notes
Next topic: Fixed issues in Klocwork 2018.1

© Rogue Wave Software, Inc. All rights reserved. | Contact