Static analysis issues

[cschol]

We are now running static analysis tools CodeQL and cppcheck during the integration process and the following issues were found:

Running cppcheck analysis...
src/colors.hpp:97:44: error: Signed integer overflow for expression '255<<24'. [integerOverflow]
    return r | (g << 8) | (b << 16) | (255 << 24);
                                           ^
src/text.cpp:22:28: error: va_list 'args' was opened but not closed by va_end(). [va_end_missing]
    return r < 0 ? "??" : s;
                           ^

Please take look and see if these need to be adressed.

[Paul-Dempsey]

Good diagnostics :-)

If you're going to be running these during integration, it would helpful to document for plugin developers how we can do the same, with the same configuration ( e.g. CodeQL db). Otherwise, I can't verify that any code changes I made actually pass the analysis and we'll just have to iterate in issues which is a burden on you.

Best if this is integrated into the Rack SDK.

[cschol]

It won't be integrated in the Rack SDK. It could be integrated in the VCV Rack Plugin Toolchain at some point, but for now I will run it manually during integration. CodeQL is the standard out-of-the-box configuration for for cpp.

cppcheck is invoked like this:

cppcheck src/ -isrc/dep --std=c++11 -j 8 -q --error-exitcode=1

[Paul-Dempsey]

Thanks a lot for the info - helpful!

Fixed: 7497e83128f6b3e287d8bb41aa5bb6c0925a2aa6