Over the course of its history, humanity has been making enormous efforts to study the night sky. By now, we have mapped almost the entire area of it. We have observed hundreds of thousands of asteroids, comets, planets and stars, nebulas and galaxies. To see all these wonders yourself, you don't even have to leave home and buy a telescope - you can simply install Stellarium, a virtual planetarium, on your computer and explore the night sky while stretching out comfortably on your sofa... But is it that comfortable? Let's check the code of Stellarium for bugs to find it out.
Read more →
Starting with the version 6.27, the PVS-Studio static code analyzer can classify its warnings according to MISRA C and MISRA C++ standards. Due to support of these standards it has become possible to effectively use the analyzer to increase the level of security, portability and reliability of programs for embedded systems.
Read more →
Microsoft is not the only company to go open source recently - other companies are following this trend too. This brings us, the developers of PVS-Studio, another wonderful opportunity to test our analyzer and see if it can find any interesting bugs to report to the project authors. Today we're going to look into the code of a project developed by a Fast Reports company.
Read more →
Because of our ever-expanding audience, we have to write new articles so that the new readers could learn about the correct way of using static code analysis. We believe that it is extremely important to get across the idea that static analysis tools must be used regularly, not sporadically. With this article, we'll try to demonstrate this just one more time by rechecking the Godot project as an example.
Read more →
We have been heavily participating in various IT conferences both in Russia and abroad lately. We try to have our own booth at most events and give talks sometimes. Participating in conferences is a good way for us not only to promote our product (PVS-Studio static code analyzer) but also - and most importantly - get to know our potential and current users better. When talking to guests at our booth, our team have to answer the same questions, some of which are pretty funny. In this article, I'll try to answer the most frequently asked questions about static analysis in general and PVS-Studio in particular.
Read more →
A brief description of technologies used in the PVS-Studio tool, which let us effectively detect a large number of error patterns and potential vulnerabilities. The article describes the implementation of the analyzer for C and C++ code, but this information is applicable for modules responsible for the analysis of C# and Java code.
Read more →
Modern computer technologies, hardware and software solutions all make it much easier and faster for us to do various kinds of scientific research. Computer simulation is often the only way to verify many theories. Scientific software has its own peculiarities. For instance, it's often heavily tested yet poorly documented. But anyway, software is written by humans, and humans tend to make mistakes. When found in scientific applications, programming mistakes could cast doubt on the results of much of the research work. In this article, we will look at dozens of defects found in the code of the NCBI Genome Workbench software package.
Read more →
Posting of projects sources by Microsoft is a good reason to perform their analysis. This time is no exception and today we will look at suspicious places, found in Infer.NET code. Down with summary - get to the point!.
Read more →
Embedded systems have been around for a long time. It is paramount that they should be stable and reliable, and fixing bugs in them is extremely costly. That's why embedded developers benefit greatly from regular use of specialized code quality control tools. This article is going to tell you about support for GNU Arm Embedded Toolchain in the PVS-Studio analyzer, and demonstrate some code issues found in the Mbed OS project.
Read more →
Contact Us
