V2016. Consider inspecting the function call. The function was annotated as dangerous.

This diagnostic rule was added at users' request.

The analyzer has detected a call to a function that is marked by a user as dangerous/forbidden.

Some functions are often not allowed in a project. For example, when they do not follow the coding style of the project. The analyzer can detect such functions if they have been marked by a custom annotation of the following type:

//+V2016, function:foo
//+V2016, class:SomeClass, function:foo
//+V2016, namespace:SomeNamespace, class:SomeClass, function:foo

For example, a user marked the 'malloc' function as follows:

//+V2016, function:malloc

If the analyzer encounters the 'malloc' function call, it will issue a level 1 warning:

struct SomeStruct { .... };

void foo()
{
  struct SomeStruct *p = (SomeStruct *) malloc(....);
}

A user can annotate a function of any namespace and/or class:

class A
{
  // ....
  void a(int);
  // ....
};

namespace BN
{
  class B
  {
    // ....
    void b(double);
    // ....
  };
}

//+V2016, class:A, function:a
//+V2016, namespace:BN, class:B, function:b

void foo()
{
  A a;
  a.a();   // <=

  BN::B b;
  b.b();   // <=
}

Note. Custom annotations are not applied to virtual functions by default. You can read about how to enable this feature here.

This diagnostic is classified as:

CWE-1177