Job Opportunities for Skilled C++ Candidates

This content brought to you by Andrew Dominik from qualityguestpost

C++ is an extension of C language. C++ programming language is complex, but strongly preferred in today’s IT sector. You will come across some part of its codebase in generally every system or program. It is the first language developers interested in programming start with. You can learn it with ease as it is purely a concept-based language. The syntax is uncomplicated, so you can easily replicate its writing. Its use is regarded as a safe language due to its valuable features and security. People learn C++ because of several reasons –

Continue reading

QEMU

Array overrun

V557 Array overrun is possible. The ‘dwc2_glbreg_read’ function processes value ‘[0..63]’. Inspect the third argument. Check lines: 667, 1040. hcd-dwc2.c 667

Warning N4V557 Array overrun is possible. The 'dwc2_glbreg_read' function processes value '[0..63]'. Inspect the third argument. Check lines: 667, 1040. hcd-dwc2.c 667#define HSOTG_REG(x) (x)                                             // <= 5
....
struct DWC2State {
....
#define DWC2_GLBREG_SIZE 0x70
uint32_t glbreg[DWC2_GLBREG_SIZE / sizeof(uint32_t)]; // <= 1
....
}
....
static uint64_t dwc2_glbreg_read(void *ptr, hwaddr addr, int index,
unsigned size)
{
....
val = s->glbreg[index]; // <= 2
....
}
static uint64_t dwc2_hsotg_read(void *ptr, hwaddr addr, unsigned size)
{
....
switch (addr) {
case HSOTG_REG(0x000) ... HSOTG_REG(0x0fc): // <= 4
val = dwc2_glbreg_read(ptr, addr,
(addr - HSOTG_REG(0x000)) >> 2, size); // <= 3
....
}
....
}

This code has a potential problem – an index outside the array bounds. The DWC2State structure defines a glbreg array consisting of 28 elements (comment 1). In the dwc2_glbreg_read function, our array is accessed by index (comment 2). Now note that the function dwc2_glbreg_read is passed the expression (addr – HSOTG_REG(0x000)) >> 2 (comment 3) as an index, which can take a value in the range [0..63]. To make sure of it, pay attention to comments 4 and 5. Perhaps, the range of values from comment 4 has to be fixed. 

Please click here to see more bugs from this project.

Kodi

Kodi

Missed semicolon

PVS-Studio warning: V504 It is highly probable that the semicolon ‘;’ is missing after ‘return’ keyword. AdvancedSettings.cpp:1476

void CAdvancedSettings::SetExtraArtwork(const TiXmlElement* arttypes,
   std::vector& artworkMap)
{
  if (!arttypes)
    return
  artworkMap.clear();
  const TiXmlNode* arttype = arttypes->FirstChild("arttype");
  ....
}

The code formatting suggests the following execution logic:

  • if arttypes is a null pointer, the method returns;
  • if arttypes is a non-null pointer, the artworkMap vector gets cleared and some actions are then performed.

But the missing ‘;’ character breaks it all, and the actual execution logic is as follows:

  • if arttypes is a null pointer, the artworkMap vector gets cleared and the method returns;
  • if arttypes is a non-null pointer, the program executes whatever actions come next but the artworkMap vector doesn’t get cleared.

To cut a long story short, this situation does look like a bug. After all, you hardly expect anyone to write expressions like return artworkMap.clear(); :).

Please click here to see more bugs from this project.

How to shoot yourself in the foot in C and C++. Haiku OS Cookbook

This story goes back to 2015, when Haiku OS and PVS-Studio static analyzer developers decided to join forces and improve this OS code quality. At first it was more like an experiment, as there was no Linux analyzer at that time and the team had to work only with the compiled executable analyzer file. The entire infrastructure for parsing compiler parameters, running preprocessor, analysis paralleling and so on was taken from the Compiler Monitoring UI utility in C#, which was ported in parts to the Mono platform in order to be run in Linux.

Artboard 1 copy (1)
Continue reading

Reasons Why You Should Keep Learning C/C++

C

Many beginners and students find C/C++ language hard to master because it requires them to think a lot. There are many language-specific quirks, especially in C++, that give students and programmers a hard time. It also has a steep learning curve and is rarely used in modern application development, which prompts many people to give up learning C/C++. However, even with these challenges, it is important for students to continue learning this programming language. This article highlights reasons why one should keep learning C/C++.

Continue reading