Pull to refresh
275.2
Rating
PVS-Studio
Static Code Analysis for C, C++, C# and Java
Show first
  • New
  • Top

Finally! PVS-Studio Supports .NET 5 Projects

PVS-Studio corporate blog

On November 10th, 2020, Microsoft released a new version of .NET Core - .NET 5. The updated platform presents many new enhancements. For example, it allows C# developers to use features the new C# 9 offers: records, relational pattern matching, etc. Unfortunately, there was a disadvantage: PVS-Studio could not analyze these projects. However (and here's the good news)... That used to be the case :) Our next release, PVS-Studio 7.13, will support projects that target .NET 5.

Read more
Total votes 4: ↑3 and ↓1 +2
Views 401
Comments 0

Pitfalls in String Pool, or Another Reason to Think Twice Before Interning Instances of String Class in C#

PVS-Studio corporate blog Programming *.NET *C# *

As software developers, we always want our software to work properly. We'll do everything to improve the software quality. To find the best solution, we are ready to use parallelizing or applying any various optimization techniques. One of these optimization techniques is the so-called string interning. It allows users to reduce memory usage. It also makes string comparison faster. However, everything is good in moderation. Interning at every turn is not worth it. Further, I'll show you how not to slip up with creating a hidden bottleneck in the form of the String.Intern method for your application.

Read more
Total votes 2: ↑1 and ↓1 0
Views 761
Comments 0

PVS-Studio Team's Kanban Board. Part 1: Agile

PVS-Studio corporate blog Agile *

This article could have been born about a year ago – that's when the PVS-Studio team decided to try agile. However, we wanted to experience it hands-on before we told the world about it. Aside from introducing agile, we decided to switch from Bitbucket to a new task tracker. We also wanted to upgrade many of our internal development processes. No time for an article!

Read more
Total votes 2: ↑1 and ↓1 0
Views 559
Comments 0

MacOS Kernel, How Good Is This Apple?

PVS-Studio corporate blog Open source *C++ *Development for MacOS *

0818_XNU_MacOS_Kernel/image1.png


At the very beginning of this year, Apple released the source code for macOS – Big Sur. It includes XNU, the kernel of the macOS operating system. A few years ago, PVS-Studio has already checked the kernel source code. It coincided with the analyzer release on macOS. It's been a while since then. The new kernel source code has been released. A second check? Why not?

Read more →
Total votes 1: ↑1 and ↓0 +1
Views 1.2K
Comments 0

Example of How New Diagnostics Appear in PVS-Studio

PVS-Studio corporate blog Information Security *Perfect code *C++ *C *

PVS-Studio new C++ rule


Users sometimes ask how new diagnostics appear in the PVS-Studio static analyzer. We answer that we draw inspiration from a variety of sources: books, coding standards, our own mistakes, our users' emails, and others. Recently we came up with an interesting idea of a new diagnostic. Today we decided to tell the story of how it happened.

Read more →
Rating 0
Views 271
Comments 0

PVS-Studio 7.12 New Features for Finding Safety and Security Threats

PVS-Studio corporate blog Information Security *

Security. What does this word mean to you? Nowadays, companies spare no effort to ensure that their product is secured from hacking and all sorts of information leaks. PVS-Studio decided to help its users and expand the functionality in this area. Therefore, one of the main innovations of the upcoming release will be the introduction of analyzer new features which will ensure code safety and security. This article aims to present these features.

Read More
Total votes 2: ↑1 and ↓1 0
Views 276
Comments 0

Short-lived Music or MuseScore Code Analysis

PVS-Studio corporate blog Open source *C++ *C *Sound

Having only programming background, it is impossible to develop software in some areas. Take the difficulties of medical software development as an example. The same is with music software, which will be discussed in this article. Here you need an advice of subject matter experts. However, it's more expensive for software development. That is why developers sometimes save on code quality. The example of the MuseScore project check, described in the article, will show the importance of code quality expertise. Hopefully, programming and musical humor will brighten up the technical text.

Читать далее
Total votes 2: ↑1 and ↓1 0
Views 507
Comments 0

What Is yield and How Does It Work in C#?

PVS-Studio corporate blog Programming *.NET *C# *Development for Windows *

C# capabilities keep expanding from year to year. New features enrich software development. However, their advantages may not always be so obvious. For example, the good old yield. To some developers, especially beginners, it's like magic - inexplicable, but intriguing. This article shows how yield works and what this peculiar word hides. Have fun reading!

Read more
Total votes 2: ↑1 and ↓1 0
Views 1.2K
Comments 0

PVS-Studio, Blender: Series of Notes on Advantages of Regular Static Analysis of Code

PVS-Studio corporate blog Information Security *Open source *C++ *C *

PVS-Studio and Blender


In our articles, we regularly repeat an important idea: a static analyzer should be used regularly. This helps detect and cheaply fix many errors at the earliest stage. It looks nice in theory. As we know, actions still speak louder than words. Let's look at some recent bugs in new code of the Blender project.

Read more →
Rating 0
Views 282
Comments 0

PVS-Studio Clashes with Hardcoded Passwords

PVS-Studio corporate blog

PVS-Studio is a static analyzer that allows to find many problems hidden in the source code. Among them there are also errors related to application security. For example, the analyzer has recently learned to identify the presence of confidential data such as passwords in the code. The OWASP Top Ten list includes this potential vulnerability. It is much more dangerous than it may seem at first glance. What makes it so dangerous? How can a static analyzer save us from it? That's what you'll know about (and more) in this article!

Read more
Total votes 2: ↑1 and ↓1 0
Views 319
Comments 0

Why PVS-Studio Uses Data Flow Analysis: Based on Gripping Error in Open Asset Import Library

PVS-Studio corporate blog Open source *C++ *Algorithms *

Why PVS-Studio Uses Data Flow Analysis
An essential part of any modern static code analyzer is data flow analysis. However, from an outside perspective, the use of data flow analysis and its benefit is unclear. Some people still consider static analysis a tool searching for something in code according to a certain pattern. Thus, we occasionally write blog posts to show how this or that technology, used in the PVS-Studio analyzer, helps to identify another interesting error. Today, we have such an article about the bug found in the Base64, one of the encoding standard implementations of binary data.

Read more →
Total votes 2: ↑2 and ↓0 +2
Views 400
Comments 0

Date Processing Attracts Bugs or 77 Defects in Qt 6

PVS-Studio corporate blog Information Security *Programming *C++ *Qt *

PVS-Studio & Qt 6


The recent Qt 6 release compelled us to recheck the framework with PVS-Studio. In this article, we reviewed various interesting errors we found, for example, those related to processing dates. The errors we discovered prove that developers can greatly benefit from regularly checking their projects with tools like PVS-Studio.

Read more →
Total votes 1: ↑1 and ↓0 +1
Views 1.3K
Comments 0

Just for Fun: PVS-Studio Team Came Up With Monitoring Quality of Some Open Source Projects

PVS-Studio corporate blog Open source *PostgreSQL *C++ *

Static code analysis is a crucial component of all modern projects. Its proper application is even more important. We decided to set up a regular check of some open source projects to see the effect of the analyzer's frequent running. We use the PVS-Studio analyzer to check projects. As for viewing the outcome, the choice fell on SonarQube. As a result, our subscribers will learn about new interesting bugs in the newly written code. We hope you'll have fun.

Читать далее
Rating 0
Views 600
Comments 1

How to Get Nice Error Reports Using SARIF in GitHub

PVS-Studio corporate blog C++ *C# *GitHub DevOps *

Let's say you use GitHub, write code, and do other fun stuff. You also use a static analyzer to enhance your work quality and optimize the timing. Once you come up with an idea - why not view the errors that the analyzer gave right in GitHub? Yeah, and also it would be great if it looked nice. So, what should you do? The answer is very simple. SARIF is right for you. This article will cover what SARIF is and how to set it up. Enjoy the reading!

Читать далее
Total votes 3: ↑3 and ↓0 +3
Views 738
Comments 0

COVID-19 Research and Uninitialized Variable

PVS-Studio corporate blog Open source *Programming *Perfect code *C++ *

0796_covid_sim/image1.png
There is an open project COVID-19 CovidSim Model, written in C++. There is also a PVS-Studio static code analyzer that detects errors very well. One day they met. Embrace the fragility of mathematical modeling algorithms and why you need to make every effort to enhance the code quality.

Read more →
Total votes 2: ↑2 and ↓0 +2
Views 809
Comments 5

A Spy Undercover: PVS-Studio to Check ILSpy Source Code

PVS-Studio corporate blog Programming *.NET *C# *

In PVS-Studio, we often check various compilers' code and post the results in our blog. Decompiler programs, however, seem to be a bit neglected. To restore justice in this world, we analyzed the ILSpy decompiler's source code. Let's take a look at the peculiar things PVS-Studio found.

Читать далее
Rating 0
Views 544
Comments 0

Finding Typos in the GTK 4 Project by PVS-Studio

PVS-Studio corporate blog Open source *Perfect code *C *Development for Linux *

0793_GTK_4_continue/image1.png


You may have already read a recent article about the first PVS-Studio run and filtration of warnings. We used the GTK 4 project as an example. It's about time we worked with the received report in more detail. Our regular readers may have already guessed that this article will be a description of errors found in the code.

Read more →
Total votes 6: ↑5 and ↓1 +4
Views 328
Comments 1

Information

Founded
2008
Website
pvs-studio.com
Employees
31–50 employees
Registered