PVS-Studio 7.17: Unreal Engine, ASP.NET Core, Texas Instruments

We are pleased to announce the first release of PVS-Studio in 2022. In this article, we discuss various enhancements in managing Unreal Engine and ASP.NET Core projects. Keep reading to learn about new diagnostics and latest articles by PVS-Studio.

Various enhancements

Managing suppression files for Unreal Engine projects from IDE

We continue to enhance scenarios for working with Unreal Engine projects. Now you can manage suppression files with PVS-Studio plugins for Visual Studio and JetBrains Rider. This makes baselining more convenient when you are just integrating the analyzer in your development process. Also, you can easily suppress/unsuppress the warnings after introducing the analyzer in your regular work.

You can read more about this in the documentation.

Improving the analysis of ASP.NET Core projects

Now, the C# analyzer contains new annotations for the most common classes in ASP.NET Core libraries. Thus, PVS-Studio better understands what is happening in the code written with ASP.NET Core. As a result — the analyzer detects more errors and issues fewer false positives.

Supporting the C6000-CGT compiler by Texas Instruments

The PVS-Studio analyzer for C and C++ now can check projects for C6000-CGT — the compiler for embedded systems developed by Texas Instruments. By the way, you can find the full list of platforms and compilers supported by PVS-Studio here.

Changing the hash algorithms for suppression files in JSON format

Perhaps, the heading makes you wonder why we did this. :) Let me explain. Changing the hash algorithms will make JSON suppress files fully cross-platform for all use-case scenarios of PVS-Studio in future releases.

We changed the algorithm in the LLVM Compilation Database analysis and tracing tool (pvs-studio-analyzer), and in the log conversion tool (plog-converter). The support of old-format suppress files still remains as backward compatibility. If you need to append warnings to your suppress files, you should re-generate the suppress files in a new format.

New diagnostics

C, C++

  • V1077. Constructor contains potentially uninitialized members.
  • V1078. An empty container is iterated. The loop will not be executed.
  • V2017. String literal is identical to variable name. It is possible that the variable should be used instead of the string literal.

C#

  • V3174. Suspicious subexpression in a sequence of similar comparisons.
  • V5617. OWASP. Assigning potentially negative or large value as timeout of HTTP session can lead to excessive session expiration time.
  • V5618. OWASP. Possible server-side request forgery. Potentially tainted data is used in the URL.

More from PVS-Studio

Here’s how we summed up 2021:

Also, we made the lists of useful resources for C++ and C# developers:

Of course, we continue to check projects. Take a look at our recent articles about .NET 6 and Flipper Zero. If you want to expand your knowledge, we invite you to read about the evolution of constexpr in C++ or about static code analysis technology in PVS-Studio.

And just one more thing — don’t forget about our YouTube channel. We regularly upload new videos — welcome to our channel!

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Unicorn Developer

The developer, the debugger, the unicorn. I know all about static analysis and how to find bugs and errors in C, C++, C#, and Java source code.