Use the –-whatisnew option to generate a report of only the new errors by comparing against a previously saved tool report. For example, use the Code Analysis tools to create a frozen copy of the state of the source base at the time of the tools adoption. You could then use –-whatisnew to ensure ongoing changes to the source base do not create any new security vulnerabilities.
The following is an example of using the –-whatisnew to display only new errors:
%codean --whatisnew a.out STATIC report of a.out showing new issues: Compare the latest results against a.out.analyze/history/09:58:35May152013... MEMORY LEAK 1 : 1 block left allocated on heap with a total size of 400 bytes sample1() <sample1.c : 20> 17: { 18: global = (int *)malloc(100); 19: int *p = malloc(100*sizeof(int)); 20:=> int *q = malloc(100*sizeof(int)); 22: add_0_1_put_in_2(p);– PREVISE SUMMARY: 0 new error(s), 0 new warning(s), 1 new leak(s) in total