VSCode: how to view reports of static analyzers that support SARIF

People increasingly start optimizing the process of finding code errors using static analyzers. Nowadays, we can choose from a variety of products to view analysis results. This post covers the ways how to view an analyzer report in the most stylish and feature-rich IDE among multifunctional ones โ€“ VSCode. The SARIF format and a special plugin for it allow us to perform our task. Keep reading to find out about this. Let’s get going!

Continue reading

Earning Trust in Public Cloud Services

GUEST POST

Author David Balaban

Public cloud Infrastructure should be secured. Who is to ensure it? How to control cloud service providers? What indicates the cloud service is provided by a trusted party? This article reviews the above as well as some other security concerns.

Businesses are opting for the cloud more and more. The ongoing Coronavirus is intensifying this transition. Governments, NGOโ€™s and enterprises of any size and profile are now subscribing to cloud provider services. A range of security concerns arise at this background ranging from the responsibilities to be distributed between the parties to the data integrity issues.

Continue reading

How to Use Mass Suppression in PVS-Studio for C#?

Have you just run the analyzer and now you have no idea what to do with all this abundance of warnings? ๐Ÿ“œ Nothing to worry about – we made a special mechanism that can help you deal with them ๐Ÿ’ช๐Ÿป

In this video, you’ll learn about the inner workings of mass warnings suppression mechanism in PVS-Studio for ะก#. If you’re interested in other programming language, follow the links bellow ๐Ÿ™‚

Mass Suppression in PVS-Studio for C++

Mass Suppression in PVS-Studio for Java

Conclusion Have fun watching this video and coding ๐Ÿ™‚

A beautiful error in the implementation of the string concatenation function

We, the PVS-Studio static code analyzer developers, have a peculiar view on beauty. On the beauty of bugs. We like to find grace in errors, examine them, try to guess how they appeared. Today we have an interesting case when the concepts of length and size got mixed up in the code.

Continue reading

Enums in C#: hidden pitfalls

C# has low barriers to entry and forgives a lot. Seriously, you may not understand how things work under the hood but still write code and remain easy-going about this. Though you still have to deal with different nuances over time. Today, we’ll look at one of such subtle aspects – handling enumerations.

Continue reading

Do Not Confuse Web Application Firewall and Next-Generation Firewall

GUEST POST

Author David Balaban

Some information security specialists confuse the concepts of WAF and NGFW. Moreover, even some representatives of companies manufacturing products positioned as NGFW commit this fault.

“We have an NGFW, do we need a WAF?” or “Why do we need WAF?” are very common questions. This calls for figuring out the background of such confusion, agreeing once and for all on the terms and definitions, and determining the areas of application of each concept.

Continue reading

How to Use Mass Suppression in PVS-Studio for Java?

Have you just run the analyzer and now you have no idea what to do with all this abundance of warnings? ๐Ÿ“œ Nothing to worry about – we made a special mechanism that can help you deal with them ๐Ÿ’ช๐Ÿป

In this video, you’ll learn about the inner workings of mass warnings suppression mechanism in PVS-Studio for Java. If you’re interested in other programming language, follow the links bellow ๐Ÿ™‚

Mass Suppression in PVS-Studio for C++

Mass Suppression in PVS-Studio for C#

Have fun watching this video and coding ๐Ÿ™‚

How WCF shoots itself in the foot with TraceSource

We don’t often get the chance to write something on parallel programming issues. This time we “got lucky”. The TraceEvent standard method has some implementation peculiarities. They resulted in an error with multiple threads blocking. So we’d like to warn users about this nuance and cover this interesting case from our users support practice. Why was our support involved? Keep reading to find out. Enjoy the reading!

Continue reading