PVS-Studio: static code analysis technology

PVS-Studio provides static analyzers for C, C++, C# and Java languages on Windows, Linux and macOS platforms. PVS-Studio analyzers can vary slightly due to certain features that the languages have. However, all our analyzers share common technologies and approaches to the implementation of static analysis.

Continue reading

Errors and suspicious code fragments in .NET 6 sources

The .NET 6 turned out to be much-awaited and major release. If you write for .NET, you could hardly miss such an event. We also couldn’t pass by the new version of this platform. We decided to check what interesting things we can find in the sources of .NET libraries.

Continue reading

1000 eyes that don’t want to check open-source code

There’s a myth that open-source software is better and safer that the closed one. This was reasonably questioned many times. People regularly find epic vulnerabilities in the open source code. These vulnerabilities have been there for a long time. I think the project quality depends on how the development managers arrange the process and what methodologies/tools are used. It has nothing to do with the project being open source or closed source.

Continue reading