1000 eyes that don’t want to check open-source code

There’s a myth that open-source software is better and safer that the closed one. This was reasonably questioned many times. People regularly find epic vulnerabilities in the open source code. These vulnerabilities have been there for a long time. I think the project quality depends on how the development managers arrange the process and what methodologies/tools are used. It has nothing to do with the project being open source or closed source.

Continue reading

Short-lived music [MuseScore code analysis]

No project is perfect – whichever open-source project you examine, you can find a bug, or two – or… Welcome to our new video series where we study cases like this one. Let’s start with MuseScore: we downloaded and inspected the project’s source code. Now sit back and relax while we talk about the peculiar code fragments we found.

Have fun watching this video and coding 🙂

PVS-Studio 7.14: intermodular analysis in C++ and plugin for JetBrains CLion

The PVS-Studio team is increasing the number of diagnostics with each new release. Besides, we are improving the analyzer’s infrastructure. This time we added the plugin for JetBrains CLion. Moreover, we introduced intermodular analysis of C++ projects and speeded up the C# analyzer core.

Continue reading