Pull to refresh
275.21
Rating
PVS-Studio
Static Code Analysis for C, C++, C# and Java
Show first
  • New
  • Top

PVS-Studio 7.04

PVS-Studio corporate blog C++ *C *DevOps *
Picture 4

Summer is not only a holiday season, but also time of fruitful work. Sunny days are so inspiring that there's enough energy both for late walks and large code commits. The second summer PVS-Studio 7.04 release turned out to be quite large, so we suggest for your attention this press release, in which we'll tell you about everything.
Read more →
Total votes 21: ↑19 and ↓2 +17
Views 722
Comments 1

Analysis of the Apache Dubbo RPC Framework by the PVS-Studio Static Code Analyzer

PVS-Studio corporate blog Open source *Programming *Java *Apache *

Picture 2

Apache Dubbo is one of the most popular Java projects on GitHub. It's not surprising. It was created 8 years ago and is widely applied as a high-performance RPC environment. Of course, most of the bugs in its code have long been fixed and the quality of the code is maintained at a high level. However, there is no reason to opt out of checking such an interesting project using the PVS-Studio static code analyzer. Let's see how it turned out.
Read more →
Total votes 25: ↑24 and ↓1 +23
Views 1.2K
Comments 0

How to set up PVS-Studio in Travis CI using the example of PSP game console emulator

PVS-Studio corporate blog Open source *C++ *Game development *Cloud services

PPSSPP

Travis CI is a distributed web service for building and testing software that uses GitHub as a source code hosting service. In addition to the above scripts, you can add your own, thanks to the extensive configuration options. In this article we will set up Travis CI for working with PVS-Studio by the example of PPSSPP code.
Read more →
Total votes 26: ↑24 and ↓2 +22
Views 509
Comments 0

An Easy Way to Make Money on Bug Bounty

PVS-Studio corporate blog Information Security *Open source *Programming *Lifehacks for geeks

Рисунок 2


Surely you've heard the expression «bug hunting» many times. I dare to assume, you won't mind earning one or two hundred (or even thousand) dollars by finding a potential vulnerability in someone's program. In this article, I'll tell you about a trick that will help analyzing open source projects in order to find such vulnerabilities.
Read more →
Total votes 24: ↑20 and ↓4 +16
Views 3.5K
Comments 0

PVS-Studio: Engine of Progress

PVS-Studio corporate blog

Рисунок 1

A PVS-Studio team and our product make a great contribution to upgrading of software quality. Moreover, in addition to detecting errors in closed and open source projects, there is an indirect contribution to the development of compilers and other tools of code analysis. We are pleased that in some cases we are trendsetters and we decided to dedicate a small note to this in our blog.
Read more →
Total votes 24: ↑22 and ↓2 +20
Views 441
Comments 0

CMake: the Case when the Project's Quality is Unforgivable

PVS-Studio corporate blog Open source *C++ *C *Build automation *

Picture 1

CMake is a cross-platform system for automating project builds. This system is much older than the PVS-Studio static code analyzer, but no one has tried to apply the analyzer on its code and review the errors. As it turned out, there are a lot of them. The CMake audience is huge. New projects start on it and old ones are ported. I shudder to think of how many developers could have had any given error.
Read more →
Total votes 25: ↑23 and ↓2 +21
Views 1.7K
Comments 0

PVS-Studio Visits Apache Hive

PVS-Studio corporate blog Information Security *Open source *Java *Big Data *
Рисунок 1

For the past ten years, the open-source movement has been one of the key drivers of the IT industry's development, and its crucial component. The role of open-source projects is becoming more and more prominent not only in terms of quantity but also in terms of quality, which changes the very concept of how they are positioned on the IT market in general. Our courageous PVS-Studio team is not sitting idly and is taking an active part in strengthening the presence of open-source software by finding hidden bugs in the enormous depths of codebases and offering free license options to the authors of such projects. This article is just another piece of that activity! Today we are going to talk about Apache Hive. I've got the report — and there are things worth looking at.
Read more →
Total votes 23: ↑20 and ↓3 +17
Views 1K
Comments 0

Checking the .NET Core Libraries Source Code by the PVS-Studio Static Analyzer

PVS-Studio corporate blog Open source *.NET *C# *Development for Windows *

Picture 19

.NET Core libraries is one of the most popular C# projects on GitHub. It's hardly a surprise, since it's widely known and used. Owing to this, an attempt to reveal the dark corners of the source code is becoming more captivating. So this is what we'll try to do with the help of the PVS-Studio static analyzer. What do you think – will we eventually find something interesting?
Read more →
Total votes 28: ↑25 and ↓3 +22
Views 1.4K
Comments 1

Using PVS-Studio Static Analyzer in C and C++ Development for Embedded Systems

PVS-Studio corporate blog Programming microcontrollers *

This article will tell you how to launch analysis of an embedded project and how to work with the analyzer's report. The PVS-Studio analyzer supports a number of compilers for embedded systems. The current version allows checking projects built with one of the following compilers under Window, Linux, and macOS:

Read more →
Total votes 29: ↑27 and ↓2 +25
Views 814
Comments 0

The story of how PVS-Studio found an error in the library used in… PVS-Studio

PVS-Studio corporate blog Open source *.NET *C# *Development for Windows *

Picture 1

This is a short story about how PVS-Studio helped us find an error in the source code of the library used in PVS-Studio. And it was not a theoretical error but an actual one — the error appeared in practice when using the library in the analyzer.
Read more →
Total votes 27: ↑24 and ↓3 +21
Views 932
Comments 0

WinForms: Errors, Holmes

PVS-Studio corporate blog .NET *Visual Studio *C# *Development for Windows *

Picture 5

We like to search for errors in Microsoft projects. Why? It's simple: their projects are usually easy to check (you can work in Visual Studio environment for which PVS-Studio has a convenient plugin) and they contain few errors. That's why the usual work algorithm is as follows: find and download an open source project from MS; check it; choose interesting errors; make sure there are few of them; write an article without forgetting to praise the developers. Great! Win-win-win: it took a little time, the bosses are glad to see new materials in the blog, and karma is fine. But this time «something went wrong». Let's see what we have found in the source code of Windows Forms and whether we should speak highly of Microsoft this time.
Read more →
Total votes 28: ↑26 and ↓2 +24
Views 898
Comments 0

Getting Started with the PVS-Studio Static Analyzer for C++ Development under Linux

PVS-Studio corporate blog C++ *C *Development for Linux *DevOps *
PVS-Studio supports analyzing projects developed in C, C++, C#, and Java. You can use the analyzer under Windows, Linux, and macOS. This small article will tell you the basics of analyzing C and C++ code in Linux environment.

Installation


There are different ways to install PVS-Studio under Linux, depending on your distro type. The most convenient and preferred method is to use the repository, since it allows auto-updating the analyzer upon releasing new versions. Another option is to use the installation package, which you can get here.
Read more →
Total votes 27: ↑24 and ↓3 +21
Views 1.1K
Comments 0

Get to Know the PVS-Studio Static Analyzer for Java

PVS-Studio corporate blog Java *
Over the years, the PVS-Studio team has been developing the same-name static analyzer. At this point the analyzer represents a complex software solution, which provides the analysis of such programming languages, as C, C++, C# and Java on Windows, Linux and macOS platforms. Just recently the Java language joined the ranks of supported languages. The PVS-Studio analyzer has proved itself as a reliable tool among C++ and C# developers in quite some time, whereas for Java audience PVS-Studio is still a newcomer. Many haven't even heard of the analyzer, and those who had, aren't quite familiar with all its abilities. So in this article, I'd like to introduce PVS-Studio Java to you, talk about the ways to start it and its abilities.

Рисунок 3

Read more →
Total votes 28: ↑27 and ↓1 +26
Views 949
Comments 0

PVS-Studio Looked into the Red Dead Redemption's Bullet Engine

PVS-Studio corporate blog Open source *C++ *Game development *
Picture 4

Nowadays there is no need to implement the physics of objects from scratch for game development because there are a lot of libraries for this purpose. Bullet was actively used in many AAA games, virtual reality projects, various simulations and machine learning. And it is still used, being, for example, one of the Red Dead Redemption and Red Dead Redemption 2 engines. So why not check the Bullet with PVS-Studio to see what errors static analysis can detect in such a large-scale physics simulation project.
Read more →
Total votes 34: ↑31 and ↓3 +28
Views 4.2K
Comments 0

Almost Perfect Libraries by Electronic Arts

PVS-Studio corporate blog Open source *C++ *Game development *C *
Our attention was recently attracted by the Electronic Arts repository on GitHub. It's tiny, and of the twenty-three projects available there, only a few C++ libraries seemed interesting: EASTL, EAStdC, EABase, EAThread, EATest, EAMain, and EAAssert. The projects themselves are tiny too (about 10 files each), so bugs were found only in the «largest» project of 20 files :D But we did find them, and they do look interesting! As I was writing this post, we were also having a lively discussion of EA games and the company's policy :D

Picture 1

Read more →
Total votes 24: ↑22 and ↓2 +20
Views 5.4K
Comments 0

Best Copy-Paste Algorithms for C and C++. Haiku OS Cookbook

PVS-Studio corporate blog Open source *C++ *C *
Numerous typos and Copy-Paste code became the main topic of the additional article about checking the Haiku code by the PVS-Studio analyzer. Yet this article mostly tells about errors related to thoughtlessness and failed refactoring, rather than to typos. The errors found demonstrate how strong the human factor is in software development.

Picture 1
Read more →
Total votes 16: ↑13 and ↓3 +10
Views 898
Comments 0

How to shoot yourself in the foot in C and C++. Haiku OS Cookbook

PVS-Studio corporate blog Open source *C++ *C *
The story of how the PVS-Studio static analyzer and the Haiku OS code met goes back to the year 2015. It was an exciting experiment and useful experience for teams of both projects. Why the experiment? At that moment, we didn't have the analyzer for Linux and we wouldn't have it for another year and a half. Anyway, efforts of enthusiasts from our team have been rewarded: we got acquainted with Haiku developers and increased the code quality, widened our error base with rare bugs made by developers and refined the analyzer. Now you can check the Haiku code for errors easily and quickly.
Picture 1

Read more →
Total votes 18: ↑17 and ↓1 +16
Views 2.4K
Comments 1

What's the Use of Dynamic Analysis When You Have Static Analysis?

PVS-Studio corporate blog Information Security *Programming *
In order to verify the quality of software, you have to use a lot of different tools, including static and dynamic analyzers. In this article, we'll try to figure out why only one type of analysis, whether static or dynamic, may not be enough for comprehensive software analysis and why it's preferable to use both.

Рисунок 1

Read more →
Total votes 21: ↑19 and ↓2 +17
Views 2K
Comments 0

Information

Founded
2008
Website
pvs-studio.com
Employees
31–50 employees
Registered