Buffer overflow
Continue readingBugs in C/C++ projects
XNU, the MacOS Kernel
Espressif IoT Development Framework
ONLYOFFICE
Bouncy Castle
Command & Conquer
How to shoot yourself in the foot in C and C++. Haiku OS Cookbook
This story goes back to 2015, when Haiku OS and PVS-Studio static analyzer developers decided to join forces and improve this OS code quality. At first it was more like an experiment, as there was no Linux analyzer at that time and the team had to work only with the compiled executable analyzer file. The entire infrastructure for parsing compiler parameters, running preprocessor, analysis paralleling and so on was taken from the Compiler Monitoring UI utility in C#, which was ported in parts to the Mono platform in order to be run in Linux.
Brackets that didn’t help
A guy sent an email to our support saying that the analyzer was producing four false positives at once on one line of his code.
Android Operating System: One Potential Vulnerability per 4000 Lines of C++ Code
For many years, Andrey Karpov has been publishing articles on code quality, and bugs reviews of open source projects. For example, he is the author of such publications as “The Ultimate Question of Programming, Refactoring, and Everything” and “27 000 Errors in the Tizen Operating System“.
Recently, the open source Android operating system has become of interest for him. He researched that part of the operating system code, which is written in the C and C++ languages. After that he came to a conclusion, which always takes place after such research: human error is always possible. By using the PVS-Studio tool, it becomes possible to detect at least one security defect (potential vulnerability) per 4000 lines of code.
Static Analysis in Video Game Development: Top 10 Software Bugs
If you are a software developer working in the video game industry and wondering what else you could do to improve the quality of your product or make the development process easier and you don’t use static analysis – it’s just the right time to start doing so. You doubt that? OK, I’ll try to convince you. And if you are just looking to see what coding mistakes are common with video-game and game-engine developers, then you’re, again, at the right place: I have picked the most interesting ones for you.
