Kodi

07.10.201906.12.2019 / hownot2code / Leave a comment

Kodi

Missed semicolon

PVS-Studio warning: V504 It is highly probable that the semicolon ‘;’ is missing after ‘return’ keyword. AdvancedSettings.cpp:1476

void CAdvancedSettings::SetExtraArtwork(const TiXmlElement* arttypes,
   std::vector& artworkMap)
{
  if (!arttypes)
    return
  artworkMap.clear();
  const TiXmlNode* arttype = arttypes->FirstChild("arttype");
  ....
}

The code formatting suggests the following execution logic:

if arttypes is a null pointer, the method returns;
if arttypes is a non-null pointer, the artworkMap vector gets cleared and some actions are then performed.

But the missing ‘;’ character breaks it all, and the actual execution logic is as follows:

if arttypes is a null pointer, the artworkMap vector gets cleared and the method returns;
if arttypes is a non-null pointer, the program executes whatever actions come next but the artworkMap vector doesn’t get cleared.

To cut a long story short, this situation does look like a bug. After all, you hardly expect anyone to write expressions like return artworkMap.clear(); :).

Please click here to see more bugs from this project.

Search for Bugs in Code at the Early Stage

08.11.201706.02.2018 / hownot2code / 3 Comments

Every developer knows about a debugger, version control system or, for example, unit-tests. Nevertheless, not all developers are familiar with the methodology of static code analysis. Meanwhile, the technology becomes an integral part of the development cycle of programs. I would like to suggest a small introductory course for anyone interested in modern development trends.

Continue reading →

PVS-Studio 6.16 released

28.06.201728.06.2017 / hownot2code / Leave a comment

PVS-Studio is a static code analyzer that detects errors and potential vulnerabilities in the source code of programs written in C/C++/C#. Version 6.16 has obtained 11 new general analysis diagnostics.

djjCz8xuPV4

Continue reading →

Top 10 C# projects errors found in 2016

21.06.201721.06.2017 / hownot2code / Leave a comment

To measure the efficiency of our analyzer, and also to promote the methodology of static analysis, we regularly analyze open source projects for bugs and write articles about the results. 2016 was no exception. This year is especially important as it is the year of the “growth” of the C# analyzer. PVS-Studio has obtained a large number of new C# diagnostics, an improved virtual values mechanism (symbolic execution) and much more. Based on the results of our teamwork, I compiled a kind of chart of the most interesting bugs, found in various C# projects in 2016.

Continue reading →

Videos about static code analysis

28.04.201728.04.2017 / hownot2code / 1 Comment

IT conferences and meetings on programming languages see a growing number of speakers talking about static code analysis. Although this field is quite specific, there is still a number of interesting discussions to be found here to help programmers understand the methods, ways of use, and specifics of static code analysis. In this article, we have collected a number of videos on static analysis whose easy style of presentation makes them useful and interesting to a wide audience of both skilled and novice programmers.

What is Static Analysis?

Author: Matt Might

Static analyzers allow programmers to bound and predict the behavior of software without running it. Once used exclusively for program optimization, they have rapidly risen in prominence for areas like software security and automatic parallelization. The author takes you on a tour of the landscape of static analysis through the lens of abstract interpretation.

Continue reading →

PVS-Studio

17.03.2017 / hownot2code / Leave a comment

A logical error
Continue reading →

PVS-Studio: 25 Suspicious Code Fragments in CoreCLR

21.10.201605.06.2017 / hownot2code / 1 Comment

The Microsoft Corporation has recently published, for free, access the source code of the CoreCLR engine, which is a key component of .NET Core. We couldn’t help but pay attention to this event. The wider a project’s audience is, the worse defects found in the code will seem, won’t they? Despite Microsoft themselves being the authors of the product, there are still some issues to examine and think over in their code – just like in any other large project.

Continue reading →

Big Brother is helping you

08.08.201605.06.2017 / hownot2code / Leave a comment

Once more I got reassured that programmers write programs absolutely carelessly, so that their programs work not because of their skill but due to chance and care of Microsoft or Intel compiler developers. Right, it is them who really care and put crutches under our lop-sided programs when necessary.

Here is a byte-breaking story of the CString class and daughter of it, the Format function.

Big_Brother_15_-_2014_-_Eye_Logo_-_HQ_-_White_Background

Continue reading →

How Not To Code

C, C++, C#, Java bad practices: learn how to make a good code by bad example

PVS-Studio

Kodi

Search for Bugs in Code at the Early Stage

PVS-Studio 6.16 released

Top 10 C# projects errors found in 2016

Videos about static code analysis

What is Static Analysis?

PVS-Studio

PVS-Studio: 25 Suspicious Code Fragments in CoreCLR

Big Brother is helping you

Share with:

Like this:

Share with:

Like this:

Share with:

Like this:

Share with:

Like this:

What is Static Analysis?

Share with:

Like this:

Share with:

Like this:

Share with:

Like this:

Share with:

Like this: