pvsstudio

PVS-Studio 7.20: Unreal Engine, SAST, SCA

The bug related to Unreal Engine's inability to find PVS-Studio by the default path is finally fixed. Starting from Unreal Engine 5.0.3. you you can analyze projects without any workarounds. We've also enhanced the analysis of UE projects: you'll see more true warnings and fewer false ones.

PVS-Studio 7.20: Unreal Engine, SAST, SCA

by Sergey Vasiliev

From the article:

New diagnostics for C, C++:

  • V1086. Call of the 'Foo' function will lead to buffer underflow.
  • V1087. Upper bound of case range is less than its lower bound. This case may be unreachable.
  • V1088. No objects are passed to the 'std::scoped_lock' constructor. No locking will be performed. This can cause concurrency issues.
  • V1089. Waiting on condition variable without predicate. A thread can wait indefinitely or experience a spurious wake up.

PVS-Studio 7.04

PVS-Studio is a tool designed to detect errors and potential vulnerabilities in the source code of programs, written in C, C++, C#, Java. It works in Windows, Linux, and macOS environment.

PVS-Studio 7.04

by Svyatoslav Razmyslov

From the article:

When working on a task developers take code from so many various places. A popular source of Copy-Paste code is the Stackoverflow website and similar ones. There are cases when a developer takes the code from an open source project and doesn't check license requirements. Thus, a closed source project may accidentally get a few files from an open source project with a Copyleft license, which obliges to make the entire project code open source. In companies with a large number of employees, it's difficult to keep track of this, whereas such actions might cause adverse risks and problems. So, PVS-Studio now has a diagnostic, which will help to find such files. It relates to all supported languages (C, C++, C#, Java). The diagnostic is looking for the following "virus" licenses: AGPL-3.0, GPL-2.0, GPL-3.0, LGPL-3.0.

Free PVS-Studio for those who develops open source projects

On the New 2019 year's eve, a PVS-Studio team decided to make a nice gift for all contributors of open-source projects hosted on GitHub or Bitbucket. They are given free usage of PVS-Studio static analyzer for development of open source projects.

Free PVS-Studio for those who develops open source projects

by Andrey Karpov

From the article:

Everyone who wishes, can get a free license for 1 year. To get the license, you need to:

  1. Go to the page: https://www.viva64.com/en/open-source-license/
  2. Enter the e-mail, where you will be sent a license key;
  3. Enter the link to your GitHub/Bitbucket profile;
  4. Send a request for a free license.