PVS-Studio 7.17: Unreal Engine, ASP.NET Core, Texas Instruments

• Various enhancements
• New diagnostics
  • C, C++
  • C#
• More from PVS-Studio

We are pleased to announce the first release of PVS-Studio in 2022. In this article, we discuss various enhancements in managing Unreal Engine and ASP.NET Core projects. Keep reading to learn about new diagnostics and latest articles by PVS-Studio.

Various enhancements

Managing suppression files for Unreal Engine projects from IDE

We continue to enhance scenarios for working with Unreal Engine projects. Now you can manage suppression files with PVS-Studio plugins for Visual Studio and JetBrains Rider. This makes baselining more convenient when you are just integrating the analyzer in your development process. Also, you can easily suppress/unsuppress the warnings after introducing the analyzer in your regular work.

You can read more about this in the documentation.

Improving the analysis of ASP.NET Core projects

Now, the C# analyzer contains new annotations for the most common classes in ASP.NET Core libraries. Thus, PVS-Studio better understands what is happening in the code written with ASP.NET Core. As a result — the analyzer detects more errors and issues fewer false positives.

Supporting the C6000-CGT compiler by Texas Instruments

The PVS-Studio analyzer for C and C++ now can check projects for C6000-CGT — the compiler for embedded systems developed by Texas Instruments. By the way, you can find the full list of platforms and compilers supported by PVS-Studio here.

Changing the hash algorithms for suppression files in JSON format

Perhaps, the heading makes you wonder why we did this. :) Let me explain. Changing the hash algorithms will make JSON suppress files fully cross-platform for all use-case scenarios of PVS-Studio in future releases.

We changed the algorithm in the LLVM Compilation Database analysis and tracing tool (pvs-studio-analyzer), and in the log conversion tool (plog-converter). The support of old-format suppress files still remains as backward compatibility. If you need to append warnings to your suppress files, you should re-generate the suppress files in a new format.

New diagnostics

C, C++

• V1077. Constructor contains potentially uninitialized members.
• V1078. An empty container is iterated. The loop will not be executed.
• V2017. String literal is identical to variable name. It is possible that the variable should be used instead of the string literal.

C#

• V3174. Suspicious subexpression in a sequence of similar comparisons.
• V5617. OWASP. Assigning potentially negative or large value as timeout of HTTP session can lead to excessive session expiration time.
• V5618. OWASP. Possible server-side request forgery. Potentially tainted data is used in the URL.

More from PVS-Studio

Here's how we summed up 2021:

• What's new in PVS-Studio in 2021?
• Top 10 bugs found in C++ projects in 2021
• Top 10 bugs found in C# projects in 2021

Also, we made the lists of useful resources for C++ and C# developers:

• The most interesting blogs and websites for C++ developers
• The most interesting C# / .NET blogs and websites

Of course, we continue to check projects. Take a look at our recent articles about .NET 6 and Flipper Zero. If you want to expand your knowledge, we invite you to read about the evolution of constexpr in C++ or about static code analysis technology in PVS-Studio.

And just one more thing — don't forget about our YouTube channel. We regularly upload new videos — welcome to our channel!