How to become an author
.NET Knowledge Base
  • All streams
  • Development
  • Administrating
  • Design
  • Management
  • Marketing
  • PopSci
Log in Sign up
499.17
Rating
PVS-Studio

Static Code Analysis for C, C++, C# and Java

Profile

Blog 162 1

News

Vacancies

Subscribers 16.7k

Employees 27

  • All posts 162
  • Top
  • Firensis yesterday at 05:30 PM

    PVS-Studio Clashes with Hardcoded Passwords

    • PVS-Studio corporate blog

      PVS-Studio is a static analyzer that allows to find many problems hidden in the source code. Among them there are also errors related to application security. For example, the analyzer has recently learned to identify the presence of confidential data such as passwords in the code. The OWASP Top Ten list includes this potential vulnerability. It is much more dangerous than it may seem at first glance. What makes it so dangerous? How can a static analyzer save us from it? That's what you'll know about (and more) in this article!

      Read more
      • 0
      • 86
      • Comment
    • Stolyarrr February 24, 2021 at 10:31 AM

      Free Heroes of Might and Magic II: Open-Source Project that You Want to Be Part of

      • PVS-Studio corporate blog,
      • Open source,
      • C++,
      • Game development

        Recently we found out that the new version of the fheroes2 project was released. In our company there are many fans of Heroes of Might and Magic game series. So, we couldn't pass it up and checked the project by PVS-Studio.

        Читать далее
        • +6
        • 2.4k
        • Comment
      • Andrey2008 February 18, 2021 at 05:35 PM

        Why PVS-Studio Uses Data Flow Analysis: Based on Gripping Error in Open Asset Import Library

        • PVS-Studio corporate blog,
        • Open source,
        • C++,
        • Algorithms

          Why PVS-Studio Uses Data Flow Analysis
          An essential part of any modern static code analyzer is data flow analysis. However, from an outside perspective, the use of data flow analysis and its benefit is unclear. Some people still consider static analysis a tool searching for something in code according to a certain pattern. Thus, we occasionally write blog posts to show how this or that technology, used in the PVS-Studio analyzer, helps to identify another interesting error. Today, we have such an article about the bug found in the Base64, one of the encoding standard implementations of binary data.

          Read more →
          • +2
          • 230
          • Comment
        • Andrey2008 February 16, 2021 at 09:02 PM

          Date Processing Attracts Bugs or 77 Defects in Qt 6

          • PVS-Studio corporate blog,
          • Information Security,
          • Programming,
          • C++,
          • Qt

            PVS-Studio & Qt 6


            The recent Qt 6 release compelled us to recheck the framework with PVS-Studio. In this article, we reviewed various interesting errors we found, for example, those related to processing dates. The errors we discovered prove that developers can greatly benefit from regularly checking their projects with tools like PVS-Studio.

            Read more →
            • +1
            • 1.1k
            • Comment
          • foto_shooter February 12, 2021 at 10:22 PM

            Should We Initialize an Out Parameter Before a Method Returns?

            • PVS-Studio corporate blog,
            • .NET,
            • C#


              Surely every C# developer has used out-parameters. It seems that everything is extremely simple and clear with them. But is it really so? For a kickoff, let's start with a self-test task.

              Read more →
              • +4
              • 808
              • Comment
            • eugeneovsyannikov February 11, 2021 at 10:40 AM

              Just for Fun: PVS-Studio Team Came Up With Monitoring Quality of Some Open Source Projects

              • PVS-Studio corporate blog,
              • Open source,
              • PostgreSQL,
              • C++

                Static code analysis is a crucial component of all modern projects. Its proper application is even more important. We decided to set up a regular check of some open source projects to see the effect of the analyzer's frequent running. We use the PVS-Studio analyzer to check projects. As for viewing the outcome, the choice fell on SonarQube. As a result, our subscribers will learn about new interesting bugs in the newly written code. We hope you'll have fun.

                Читать далее
                • 0
                • 432
                • Comment
              • IchNikola February 9, 2021 at 10:50 AM

                How to Get Nice Error Reports Using SARIF in GitHub

                • PVS-Studio corporate blog,
                • C++,
                • C#,
                • GitHub,
                • DevOps

                  Let's say you use GitHub, write code, and do other fun stuff. You also use a static analyzer to enhance your work quality and optimize the timing. Once you come up with an idea - why not view the errors that the analyzer gave right in GitHub? Yeah, and also it would be great if it looked nice. So, what should you do? The answer is very simple. SARIF is right for you. This article will cover what SARIF is and how to set it up. Enjoy the reading!

                  Читать далее
                  • +3
                  • 563
                  • Comment
                • Andrey2008 February 5, 2021 at 12:44 PM

                  COVID-19 Research and Uninitialized Variable

                  • PVS-Studio corporate blog,
                  • Open source,
                  • Programming,
                  • Perfect code,
                  • C++

                    0796_covid_sim/image1.png
                    There is an open project COVID-19 CovidSim Model, written in C++. There is also a PVS-Studio static code analyzer that detects errors very well. One day they met. Embrace the fragility of mathematical modeling algorithms and why you need to make every effort to enhance the code quality.

                    Read more →
                    • +2
                    • 594
                    • 3
                  • Ilya_Gainulin February 4, 2021 at 05:50 PM

                    A Spy Undercover: PVS-Studio to Check ILSpy Source Code

                    • PVS-Studio corporate blog,
                    • Programming,
                    • .NET,
                    • C#

                      In PVS-Studio, we often check various compilers' code and post the results in our blog. Decompiler programs, however, seem to be a bit neglected. To restore justice in this world, we analyzed the ILSpy decompiler's source code. Let's take a look at the peculiar things PVS-Studio found.

                      Читать далее
                      • 0
                      • 457
                      • Comment
                    • Andrey2008 February 3, 2021 at 10:54 AM

                      Finding Typos in the GTK 4 Project by PVS-Studio

                      • PVS-Studio corporate blog,
                      • Open source,
                      • Perfect code,
                      • C,
                      • Development for Linux

                        0793_GTK_4_continue/image1.png


                        You may have already read a recent article about the first PVS-Studio run and filtration of warnings. We used the GTK 4 project as an example. It's about time we worked with the received report in more detail. Our regular readers may have already guessed that this article will be a description of errors found in the code.

                        Read more →
                        • +4
                        • 231
                        • 1
                      • ValeryKomarov February 1, 2021 at 03:20 PM

                        C# Programmer, It's Time to Test Yourself and Find Error

                        • PVS-Studio corporate blog,
                        • Programming,
                        • .NET,
                        • C#

                          The PVS-Studio analyzer is regularly updated with new diagnostic rules. Curiously enough, diagnostics often detect suspicious code fragments before the end of the work. For example, such a situation may happen while testing on open-source projects. So, let's take a look at one of these interesting finding.

                          Read more
                          • 0
                          • 642
                          • Comment
                        • ipolynkina January 22, 2021 at 12:17 PM

                          How PVS-Studio Checked ELKI in January

                          • PVS-Studio corporate blog,
                          • Open source,
                          • Java,
                          • Data Mining

                            If you feel like the New Year just came, and you missed the first half of January, then all this time you've been busy looking for tricky bugs in the code you maintain. It also means that our article is what you need. PVS-Studio has checked the ELKI open source project to show you errors that may occur in the code, how cunningly they can hide there, and how you can deal with them.


                            ELKI/image1.png

                            Read more →
                            • +3
                            • 386
                            • 1
                          • Andrey2008 January 20, 2021 at 03:49 PM

                            Espressif IoT Development Framework: 71 Shots in the Foot

                            • PVS-Studio corporate blog,
                            • Information Security,
                            • C++,
                            • C,
                            • Development for IOT

                              0790_Espressif_IoT_Development_Framework/image1.png
                              One of our readers recommended paying heed to the Espressif IoT Development Framework. He found an error in the project code and asked if the PVS-Studio static analyzer could find it. The analyzer can't detect this specific error so far, but it managed to spot many others. Based on this story and the errors found, we decided to write a classic article about checking an open source project. Enjoy exploring what IoT devices can do to shoot you in the foot.

                              Read more →
                              • +1
                              • 677
                              • Comment
                            • SvyatoslavMC January 4, 2021 at 10:10 AM

                              GTK: The First Analyzer Run in Figures

                              • PVS-Studio corporate blog,
                              • C++,
                              • GTK+,
                              • C,
                              • Development Management

                                For some people, the introduction of a static analyzer into a project seems like an insurmountable obstacle. It is widely believed that the amount of analysis results issued after the first run is so large that only two options seem reasonable: do not mess with it at all or refocus all people on fixing warnings. In this article, we will try to dispel this myth by implementing and configuring the analyzer on a GTK project.

                                Читать далее
                                • 0
                                • 597
                                • 1
                              • stefanbuzz December 28, 2020 at 04:41 PM

                                Top-10 Bugs in Java Projects in 2020

                                • PVS-Studio corporate blog,
                                • Open source,
                                • Java
                                  image1.png

                                  The New Year is steadily approaching, therefore it's time to sum everything up. Continuing the tradition, we thought back to our articles about checking Java projects from the open-source world for this year and rated the top 10 most exciting bugs.
                                  Read more →
                                  • –1
                                  • 1k
                                  • Comment
                                • Firensis December 24, 2020 at 03:05 PM

                                  Top-10 Bugs Found in C# Projects in 2020

                                  • PVS-Studio corporate blog,
                                  • Programming,
                                  • .NET,
                                  • C#
                                    image1.png

                                    This tough year, 2020, will soon be over at last, which means it's time to look back at our accomplishments! Over the year, the PVS-Studio team has written quite a number of articles covering a large variety of bugs found in open-source projects with the help of PVS-Studio. This 2020 Top-10 list of bugs in C# projects presents the most interesting specimens. Enjoy the reading!
                                    Read more →
                                    • –1
                                    • 914
                                    • Comment
                                  • SvyatoslavMC December 21, 2020 at 08:04 AM

                                    Did It Have to Take So Long to Find a Bug?

                                    • PVS-Studio corporate blog,
                                    • C++,
                                    • Game development,
                                    • Development Management
                                      image1.png

                                      Have you ever wondered which type of project demonstrates higher code quality – open-source or proprietary? Our blog posts may seem to suggest that bugs tend to concentrate in open-source projects. But that's not quite true. Bugs can be found in any project, no matter the manner of storage. As for the code quality, it tends to be higher in those projects where developers care about and work on it. In this small post, you will learn about a bug that took two years to fix, although it could have been done in just five minutes.
                                      Read more →
                                      • +1
                                      • 1.3k
                                      • Comment
                                    • Stolyarrr December 18, 2020 at 10:09 AM

                                      Top 10 Bugs Found in C++ Projects in 2020

                                      • PVS-Studio corporate blog,
                                      • C++
                                        image1.png

                                        It's winter outside, the year is coming to an end, which means it's time to review the most notable errors the PVS-Studio analyzer detected in 2020.
                                        Read more →
                                        • +2
                                        • 1.2k
                                        • 1
                                      • SvyatoslavMC December 17, 2020 at 10:01 AM

                                        ONLYOFFICE Community Server: how bugs contribute to the emergence of security problems

                                        • PVS-Studio corporate blog,
                                        • Information Security,
                                        • Open source,
                                        • .NET,
                                        • C#
                                          image1.png

                                          Server-side network applications rarely get the chance to join the ranks of our reviews of errors found in open source software. This is probably due to their popularity. After all, we try to pay attention to the projects that readers themselves offer us. At the same time, servers often perform very important functions, but their performance and benefits remain invisible to most users. So, by chance, the code of ONLYOFFICE Community Server was checked. It turned out to be a very fun review.
                                          Read more →
                                          • +2
                                          • 608
                                          • 2
                                        • IchNikola December 16, 2020 at 10:47 AM

                                          Talking About Errors in the QuantConnect Lean Code

                                          • PVS-Studio corporate blog,
                                          • Open source,
                                          • .NET,
                                          • C#
                                            image1.png

                                            This article discusses errors found using a static analyzer in an open source project. There are some simple things that can help you avoid them. For example, the usage of language syntactic constructs starting from C# 8.0. We hope it will be exciting. Have fun reading!
                                            Read more →
                                            • 0
                                            • 227
                                            • Comment
                                          • ← here
                                          • there →
                                          • 1
                                          • 2
                                          • 3
                                          • 4
                                          • 5
                                          • 6
                                          • 7
                                          • 8

                                          Information

                                          • Foundation date

                                            Since 2008
                                          • Website

                                            viva64.com
                                          • Number of employees

                                            31–50 employees
                                          • Registration date

                                            May 6, 2013
                                          Twitter
                                            Читать @Code_Analysis

                                            Widget

                                            Widget

                                            Facebook

                                            Blog on Habr

                                            • PVS-Studio Clashes with Hardcoded Passwords

                                              86 0
                                            • Free Heroes of Might and Magic II: Open-Source Project that You Want to Be Part of

                                              2.4k 0
                                            • Why PVS-Studio Uses Data Flow Analysis: Based on Gripping Error in Open Asset Import Library

                                              230 0
                                            • Date Processing Attracts Bugs or 77 Defects in Qt 6

                                              1.1k 0
                                            • Should We Initialize an Out Parameter Before a Method Returns?

                                              808 0
                                            • Just for Fun: PVS-Studio Team Came Up With Monitoring Quality of Some Open Source Projects

                                              432 0
                                            • How to Get Nice Error Reports Using SARIF in GitHub

                                              563 0
                                            • COVID-19 Research and Uninitialized Variable

                                              594 3
                                            • A Spy Undercover: PVS-Studio to Check ILSpy Source Code

                                              457 0
                                            • Finding Typos in the GTK 4 Project by PVS-Studio

                                              231 1
                                            • C# Programmer, It's Time to Test Yourself and Find Error

                                              642 0
                                            • How PVS-Studio Checked ELKI in January

                                              386 1
                                            • Espressif IoT Development Framework: 71 Shots in the Foot

                                              677 0
                                            • GTK: The First Analyzer Run in Figures

                                              597 1
                                            • Top-10 Bugs in Java Projects in 2020

                                              1k 0
                                            • Top-10 Bugs Found in C# Projects in 2020

                                              914 0
                                            • Did It Have to Take So Long to Find a Bug?

                                              1.3k 0
                                            • Top 10 Bugs Found in C++ Projects in 2020

                                              1.2k 1
                                            • ONLYOFFICE Community Server: how bugs contribute to the emergence of security problems

                                              608 2
                                            • Talking About Errors in the QuantConnect Lean Code

                                              227 0
                                            No reasons for downvotes yet
                                            Reasons for downvotes

                                            Top posts

                                            • Day
                                            • Week
                                            • Month
                                            • Audio over Bluetooth: most detailed information about profiles, codecs, and devices
                                              +22 163k 14 9
                                            • Java vs .Net: Who will Reign in the Future?
                                              +3 25.6k 5 3
                                            • Free Heroes of Might and Magic II: Open-Source Project that You Want to Be Part of
                                              +6 2.4k 0 0
                                            • React Token Auth
                                              +2 17.9k 17 22
                                            • Free Heroes of Might and Magic II: Open-Source Project that You Want to Be Part of
                                              +6 2.4k 0 0
                                            • Creating and using your own deb repository (not mirroring)
                                              +1 278 4 2
                                            • Startups going global: a guide to Startup Digest
                                              +3 257 4 0
                                            • Free Heroes of Might and Magic II: Open-Source Project that You Want to Be Part of
                                              +6 2.4k 0 0
                                            • Date Processing Attracts Bugs or 77 Defects in Qt 6
                                              +1 1.1k 0 0
                                            • Algorithms in Go: Dutch National Flag
                                              +5 1k 5 4
                                            • Should We Initialize an Out Parameter Before a Method Returns?
                                              +4 808 1 0

                                            Your account

                                            • Log in
                                            • Sign up

                                            Sections

                                            • Posts
                                            • Hubs
                                            • Companies
                                            • Users
                                            • Sandbox

                                            Info

                                            • How it works
                                            • For Authors
                                            • For Companies
                                            • Documents
                                            • Agreement
                                            • Terms of service

                                            Services

                                            • Ads
                                            • Subscription plans
                                            • Content
                                            • Seminars
                                            • Megaprojects
                                            © 2006 – 2021 «Habr»
                                            Language settings
                                            About
                                            Support
                                            Mobile version
                                            Language settings
                                            Interface
                                            Content