fix misconception about isCriticalErrorId()

Nettozx · Nettozx · commit b43ac8f469c5 · 2025-07-02T09:34:40.000-07:00
diff --git a/cli/cppcheckexecutor.cpp b/cli/cppcheckexecutor.cpp
@@ -122,14 +122,16 @@ namespace {
                     // Only set security-severity for findings that are actually security-related
                     if (isSecurityRelatedFinding(finding.id)) {
                         double securitySeverity = 0;
-                        if (ErrorLogger::isCriticalErrorId(finding.id)) {
+                        if (finding.severity == Severity::error && !ErrorLogger::isCriticalErrorId(finding.id))
+                        {
                             securitySeverity = 9.9; // critical = 9.0+
                         }
-                        else if (finding.severity == Severity::error) {
+                        else if (finding.severity == Severity::warning)
+                        {
                             securitySeverity = 8.5; // high = 7.0 to 8.9
                         }
-                        else if (finding.severity == Severity::warning || finding.severity == Severity::performance ||
-                                 finding.severity == Severity::portability || finding.severity == Severity::style)
+                        else if (finding.severity == Severity::performance || finding.severity == Severity::portability ||
+                                 finding.severity == Severity::style)
                         {
                             securitySeverity = 5.5;  // medium = 4.0 to 6.9
                         }

Original file line number	Diff line number	Diff line change
`@@ -122,14 +122,16 @@ namespace {`
`122`	`122`	`// Only set security-severity for findings that are actually security-related`
`123`	`123`	`if (isSecurityRelatedFinding(finding.id)) {`
`124`	`124`	`double securitySeverity = 0;`
`125`		`- if (ErrorLogger::isCriticalErrorId(finding.id)) {`
	`125`	`+ if (finding.severity == Severity::error && !ErrorLogger::isCriticalErrorId(finding.id))`
	`126`	`+ {`
`126`	`127`	`securitySeverity = 9.9; // critical = 9.0+`
`127`	`128`	`}`
`128`		`- else if (finding.severity == Severity::error) {`
	`129`	`+ else if (finding.severity == Severity::warning)`
	`130`	`+ {`
`129`	`131`	`securitySeverity = 8.5; // high = 7.0 to 8.9`
`130`	`132`	`}`
`131`		`- else if (finding.severity == Severity::warning \|\| finding.severity == Severity::performance \|\|`
`132`		`- finding.severity == Severity::portability \|\| finding.severity == Severity::style)`
	`133`	`+ else if (finding.severity == Severity::performance \|\| finding.severity == Severity::portability \|\|`
	`134`	`+ finding.severity == Severity::style)`
`133`	`135`	`{`
`134`	`136`	`securitySeverity = 5.5; // medium = 4.0 to 6.9`
`135`	`137`	`}`