Our website uses cookies to enhance your browsing experience.
Accept
to the top
close form

Fill out the form in 2 simple steps below:

Your contact information:

Step 1
Congratulations! This is your promo code!

Desired license type:

Step 2
Team license
Enterprise license
** By clicking this button you agree to our Privacy Policy statement
close form
Request our prices
New License
License Renewal
--Select currency--
USD
EUR
* By clicking this button you agree to our Privacy Policy statement

close form
Free PVS‑Studio license for Microsoft MVP specialists
* By clicking this button you agree to our Privacy Policy statement

close form
To get the licence for your open-source project, please fill out this form
* By clicking this button you agree to our Privacy Policy statement

close form
I am interested to try it on the platforms:
* By clicking this button you agree to our Privacy Policy statement

close form
check circle
Message submitted.

Your message has been sent. We will email you at


If you do not see the email in your inbox, please check if it is filtered to one of the following folders:

  • Promotion
  • Updates
  • Spam

Webinar: Evaluation - 05.12

>
>
>
Examples of errors detected by the V528…

Examples of errors detected by the V528 diagnostic

V528. Pointer is compared with 'zero' value. Probably meant: *ptr != zero.


Ultimate TCP/IP

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *m_szPassword != '\0'. UTMail ut_crammd5.cpp 333


char *CUT_CramMd5::GetClientResponse(LPCSTR ServerChallenge)
{
  ....
  if (m_szPassword != NULL)
  {
    ....
    if (m_szPassword != '\0')
    {
  ....
}

Most likely this is what should be written here: (*m_szPassword != '\0').

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *m_szPassword != '\0'. UTMail ut_crammd5.cpp 331
  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *m_szUserName != '\0'. UTMail ut_crammd5.cpp 340
  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *m_szUserName != '\0'. UTMail ut_crammd5.cpp 342

Fennec Media

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *pSlash != '\0'. rtphint.cpp 346


void MP4RtpHintTrack::GetPayload(....)
{
  ....
  if (pSlash != NULL) {
    pSlash++;
    if (pSlash != '\0') {
      length = strlen(pRtpMap) - (pSlash - pRtpMap);
      *ppEncodingParams = (char *)MP4Calloc(length + 1);
      strncpy(*ppEncodingParams, pSlash, length);
    }
}

This is what should have been written here: (*pSlash != '\0').


CxImage

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *cp != '\0'. jasper jpc_util.c 154


int jpc_atoaf(char *s, int *numvalues, double **values)
{
  ....
  while ((cp = strtok(0, delim))) {
    if (cp != '\0') {
      ++n;
    }
  }
  ....
  while ((cp = strtok(0, delim))) {
    if (cp != '\0') {
      vs[n] = atof(cp);
      ++n;
    }
  }
  ....
}

This is an example of a Copy-Paste code with an error. This is an example of potential vulnerability. Pointer dereferencing is missing. This is what should have been written here: (*cp != '\0').

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *cp != '\0'. jasper jpc_util.c 172

Notepad++

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *headerM != '\0'. notepadPlus printer.cpp 378


TCHAR headerM[headerSize] = TEXT("");
....
size_t Printer::doPrint(bool justDoIt)
{
  ....
  if (headerM != '\0')
  ....
}

Miranda IM

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *str != '\0'. clist_modern modern_skinbutton.cpp 282


static char *_skipblank(char * str)
{
  char * endstr=str+strlen(str);
  while ((*str==' ' || *str=='\t') && str!='\0') str++;
  while ((*endstr==' ' || *endstr=='\t') &&
         endstr!='\0' && endstr<str)
    endstr--;
  ....
}

This code is a candidate for access violation: the '*' pointer dereferencing is missing twice.

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *endstr != '\0'. clist_modern modern_skinbutton.cpp 283

Doom 3

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *classname != '\0'. Game game_local.cpp 1250


bool idGameLocal::InitFromSaveGame(....)
{
  ....
  const char *classname =
    mapEnt->epairs.GetString( "classname" );
  if ( classname != '\0' ) {
    FindEntityDef( classname, false );
  }
  ....
}

Most likely this is what should be written here: ( *classname != '\0' )

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *soundShaderName != '\0'. Game game_local.cpp 1619

Mozilla Firefox

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *token == '\0'. svgnumberlist.cpp 96


nsresult
SVGNumberList::SetValueFromString(const nsAString& aValue)
{
  ....
  const char *token = str.get();
  if (token == '\0') {
    return NS_ERROR_DOM_SYNTAX_ERR; // nothing between commas
  }
  ....
}

Most likely this is what should be written here: (*token == '\0')


Trans-Proteomic Pipeline

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *pValue == '\0'. xtandem saxhandler.cpp 323


void SAXSpectraHandler::pushPeaks(....)
{
  ....
  while(*pValue != '\0' && a < m_peaksCount) {
    while(*pValue != '\0' && isspace(*pValue))
      pValue++;
    if(pValue == '\0')
      break;
    m_vfM.push_back((float)atof(pValue));
    ....
}

This is what should have been written here: if(*pValue == '\0')

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *pValue == '\0'. xtandem saxhandler.cpp 335
  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *pValue != '\0'. xtandem loadmspectrum.cpp 727
  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *pValue != '\0'. xtandem loadmspectrum.cpp 918

Visualization Toolkit (VTK)

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *this->GeometryFileName == '\0'. vtkIO vtkbyureader.cxx 109


int vtkBYUReader::RequestData(....)
{
  ....
  if (this->GeometryFileName == NULL ||
      this->GeometryFileName == '\0')
  ....
}

This is what should have been written here: this->GeometryFileName[0] == '\0'


OpenCV

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *cp != '\0'. jpc_util.c 105


int jpc_atoaf(char *s, int *numvalues, double **values)
{
  char *cp;
  ....
  while ((cp = strtok(0, delim))) {
    if (cp != '\0') {
      ++n;
    }
  }
  ....
}

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *cp != '\0'. jpc_util.c 123

Snes9x

V528 It is odd that pointer to 'wchar_t' type is compared with the L'\0' value. Probably meant: *ext == L'\0'. wsnes9x.cpp 6952


bool RegisterExt(TCHAR *ext) {
  LONG  regResult;
  TCHAR  szRegKey[PATH_MAX];
  TCHAR  szExePath[PATH_MAX];
  TCHAR   *szExeName;
  HKEY  hKey;

  if (!ext || ext==TEXT('\0'))
    return false;
  ....
}

Apache HTTP Server

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: ** ctx->re_source == '\0'. libhttpd util_expr_eval.c 167


typedef struct {
  ....
  const char **re_source;
  ....
} ap_expr_eval_ctx_t;

static const char *ap_expr_eval_re_backref(
  ap_expr_eval_ctx_t *ctx, unsigned int n)
{
  int len;
  if (!ctx->re_pmatch || !ctx->re_source ||
      *ctx->re_source == '\0' ||
      ctx->re_nmatch < n + 1)
    return "";
  ....
}

Scilab

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: ** category == '\0'. sci_xcospalload.cpp 57


int sci_xcosPalLoad(char *fname, unsigned long fname_len)
{
  ....
  char **category = NULL;
  ....
  if (category == NULL ||
      (lenCategory == 1 && *category == '\0'))
  ....
}

Scilab

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *st->start != '\0'. pldstr.c 303


struct PLD_strtok
{
  char *start;
  char delimeter;
};

char *PLD_strtok(....)
{
  ....
  if ((st->start)&&(st->start != '\0'))
  ....
}

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: ** category == '\0'. sci_xcospalload.cpp 57

TortoiseGit

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *last_dot + 1 != '\0'. path.c 1258


void
svn_path_splitext(const char **path_root,
                  const char **path_ext,
                  const char *path,
                  apr_pool_t *pool)
{
  const char *last_dot;
  ....
  last_dot = strrchr(path, '.');
  if (last_dot && (last_dot + 1 != '\0'))
  ....
}

Most likely this is what should be written here: "if (last_dot && (*(last_dot + 1) != '\0'))" or "if (last_dot && last_dot[1] != '\0')".


TortoiseGit

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *src_orig == '\0'. utf.c 501


static const char *
fuzzy_escape(const char *src, apr_size_t len, apr_pool_t *pool)
{
  const char *src_orig = src;
  ....
  while (src_orig < src_end)
  {
    if (! svn_ctype_isascii(*src_orig) || src_orig == '\0')
  ....
}

Most likely this is what should be written here: if (! svn_ctype_isascii(*src_orig) || *src_orig == '\0').


Miranda NG

V528 It is odd that pointer to 'wchar_t' type is compared with the L'\0' value. Probably meant: *dbv.ptszVal != L'\0'. SimpleStatusMsg msgbox.cpp 247


HWND WINAPI CreateRecentComboBoxEx(....)
{
  ....
  if (dbv.ptszVal != NULL && dbv.ptszVal != '\0') {
  ....
}

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *fp->trust != '\0'. MirOTR options.cpp 759
  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *(end + 1) != '\0'. DbEditorPP exportimport.cpp 425
  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *(end + 1) != '\0'. DbEditorPP exportimport.cpp 433
  • And 1 additional diagnostic messages.

The GTK+ Project

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *data->groups[0] != '\0'. gtkrecentmanager.c 979


struct _GtkRecentData
{
  ....
  gchar **groups;
  ....
};

gboolean
gtk_recent_manager_add_full (GtkRecentManager    *manager,
                             const gchar         *uri,
                             const GtkRecentData *data)
{
  ....
  if (data->groups && data->groups[0] != '\0')
      ....
  ....
}

The GTK+ Project

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *priv->icon_list[0] == '\0'. gtkscalebutton.c 987


struct _GtkScaleButtonPrivate
{
  ....
  gchar **icon_list;
  ....
};

struct _GtkScaleButton
{
  ....
  GtkScaleButtonPrivate *priv;
};

static void
gtk_scale_button_update_icon (GtkScaleButton *button)
{
  GtkScaleButtonPrivate *priv = button->priv;
  ....
  if (!priv->icon_list || priv->icon_list[0] == '\0')
  ....
}

GCC

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *xloc.file == '\0'. ubsan.c 1472


static bool
ubsan_use_new_style_p (location_t loc)
{
  if (loc == UNKNOWN_LOCATION)
    return false;

  expanded_location xloc = expand_location (loc);
  if (xloc.file == NULL || strncmp (xloc.file, "\1", 2) == 0
      || xloc.file == '\0' || xloc.file[0] == '\xff'
      || xloc.file[1] == '\xff')
    return false;

  return true;
}

ReOpenLDAP

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *ludp->lud_filter != '\0'. backend.c 1525


int
fe_acl_group(....)
{
  ....
  if ( ludp->lud_filter != NULL &&
       ludp->lud_filter != '\0') // <=
  {
    ....
  }
}

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *(* lsei)->lsei_values[0] == '\0'. syntax.c 240
  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *(* lsei)->lsei_values[1] != '\0'. syntax.c 241

GDB

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: ** argp == '\0'. location.c 527


struct event_location *
string_to_explicit_location (const char **argp, ....)
{
  ....
  if (argp == NULL
      || *argp == '\0'
      || *argp[0] != '-'
      || !isalpha ((*argp)[1])
      || ((*argp)[0] == '-' && (*argp)[1] == 'p'))
    return NULL;
  ....
}

Partio

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *charArray[i] != '\0'. MC.cpp 109


int CharArrayLen(char** charArray)
{
  int i = 0;
  if(charArray != false)
  {
    while(charArray[i] != '\0')   // <=
    {
      i++;
    }
  }
  return i;
}

Aspell

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *word == '\0'. check_funs.cpp 650


static void print_truncate(
  FILE * out, const char * word, int width)
{
  ....
  if (i == width-1) {
    if (word == '\0')
      put(out,' ');
    else if (word[len] == '\0')
      put(out, word, len);
    else
      put(out,'$');
    ++i;
  }
  ....
}