We are pleased to announce the first release of PVS-Studio in 2022. In this article, we discuss various enhancements in managing Unreal Engine and ASP.NET Core projects. Keep reading to learn about new diagnostics and latest articles by PVS-Studio.
Various enhancements
Managing suppression files for Unreal Engine projects from IDE
We continue to enhance scenarios for working with Unreal Engine projects. Now you can manage suppression files with PVS-Studio plugins for Visual Studio and JetBrains Rider. This makes baselining more convenient when you are just integrating the analyzer in your development process. Also, you can easily suppress/unsuppress the warnings after introducing the analyzer in your regular work.
You can read more about this in the documentation.
Improving the analysis of ASP.NET Core projects
Now, the C# analyzer contains new annotations for the most common classes in ASP.NET Core libraries. Thus, PVS-Studio better understands what is happening in the code written with ASP.NET Core. As a result — the analyzer detects more errors and issues fewer false positives.
Supporting the C6000-CGT compiler by Texas Instruments
The PVS-Studio analyzer for C and C++ now can check projects for C6000-CGT — the compiler for embedded systems developed by Texas Instruments. By the way, you can find the full list of platforms and compilers supported by PVS-Studio here.
Changing the hash algorithms for suppression files in JSON format
Perhaps, the heading makes you wonder why we did this. :) Let me explain. Changing the hash algorithms will make JSON suppress files fully cross-platform for all use-case scenarios of PVS-Studio in future releases.
We changed the algorithm in the LLVM Compilation Database analysis and tracing tool (pvs-studio-analyzer), and in the log conversion tool (plog-converter). The support of old-format suppress files still remains as backward compatibility. If you need to append warnings to your suppress files, you should re-generate the suppress files in a new format.
New diagnostics
C, C++
- V1077. Constructor contains potentially uninitialized members.
- V1078. An empty container is iterated. The loop will not be executed.
- V2017. String literal is identical to variable name. It is possible that the variable should be used instead of the string literal.
C#
- V3174. Suspicious subexpression in a sequence of similar comparisons.
- V5617. OWASP. Assigning potentially negative or large value as timeout of HTTP session can lead to excessive session expiration time.
- V5618. OWASP. Possible server-side request forgery. Potentially tainted data is used in the URL.
More from PVS-Studio
Here's how we summed up 2021:
- What's new in PVS-Studio in 2021?
- Top 10 bugs found in C++ projects in 2021
- Top 10 bugs found in C# projects in 2021
Also, we made the lists of useful resources for C++ and C# developers:
- The most interesting blogs and websites for C++ developers
- The most interesting C# / .NET blogs and websites
Of course, we continue to check projects. Take a look at our recent articles about .NET 6 and Flipper Zero. If you want to expand your knowledge, we invite you to read about the evolution of constexpr in C++ or about static code analysis technology in PVS-Studio.
And just one more thing — don't forget about our YouTube channel. We regularly upload new videos — welcome to our channel!
