Our website uses cookies to enhance your browsing experience.
Accept
to the top
>
>
PVS-Studio 7.19: what's new?

PVS-Studio 7.19: what's new?

Jun 24 2022

Recently, we have released a new PVS-Studio version — 7.19. In this note, we'll tell you about new features in the analyzer, the enhanced documentation, as well as what to read and... what to play.

0958_Release_7_19/image1.png

Enhancements

PVS-Studio supports Unreal Engine 5

Now, you can use PVS-Studio to analyze projects on Unreal Engine 5. For the most part, projects on UE 5 are analyzed in the same way as projects on UE 4. The difference is described in the documentation.

Unreal Engine 5 bug: Unable to find PVS-Studio

Unreal Engine 5 has a bug that doesn't let Unreal Build Tool find PVS-Studio by the default installation path. A pull request is made to fix this issue. The fix will be included in one of the next versions of the engine.

As of now, there's a temporary workaround. You can read about it in the documentation.

The C++ analyzer now works better with QNX compilers

We have enhanced the work of the C++ analyzer with the QNX compilers:

  • the analyzer better recognizes the target platform of the QNX Momentics QCC compilers. Thanks to this, we reduced the number of false positives issued on code under QNX;
  • we supported the latest versions of the QNX compiler.

The PVS-Studio plugin for SonarQube

The PVS-Studio plugin for SonarQube now supports JSON reports. Since PVS-Studio reports in the JSON format are available for all platforms, this simplifies cross-platform work scenarios.

Developer notification utility (blame-notifier)

The blame-notifier utility is used to notify developers and managers about code errors found by the analyzer. The notifications are sent via emails containing analyzer warnings.

Now you can attach files to such emails (for example, the full analyzer report) and change the subject of the email.

You can find the documentation for the blame-notifier utility here.

Documentation

Analyzer reports and conversion utilities

You can convert PVS-Studio analysis results to various formats using special utilities (PlogConverter.exe, plog-converter). To browse various formats, you can read the document which describes:

  • formats into which reports can be converted, and the purpose of these formats;
  • report conversion utilities and startup flags;
  • examples of conversion commands.

You can find the information here.

Unreal Engine

We have updated the documentation on using Unreal Engine and PVS-Studio. It describes:

  • how to check projects from the IDE and from the command line;
  • how to embed the analyzer in a project and not to see warnings on legacy code;
  • how to exclude files and directories from analysis;
  • features of using the analyzer with different engine versions.

The documentation is available here.

New diagnostics

C, C++

  • V834. Incorrect type of a loop variable. This leads to the variable binding to a temporary object instead of a range element.
  • V835. Passing cheap-to-copy argument by reference may lead to decreased performance.
  • V1083. Signed integer overflow in arithmetic expression. This leads to undefined behavior.
  • V1084. The expression is always true/false. The value is out of range of enum values.
  • V1085. Negative value is implicitly converted to unsigned integer type in arithmetic expression.

C#

  • V3175. Locking operations must be performed on the same thread. Using 'await' in a critical section may lead to a lock being released on a different thread.
  • V3176. The '&'= or '|=' operator is redundant because the right operand is always true/false.
  • V5622. OWASP. Possible XPath injection. Potentially tainted data is used in the XPath expression.
  • V5623. OWASP. Possible open redirect vulnerability. Potentially tainted data is used in the URL.

What to read and what to... play

What to read

PVS-Studio enhancements

We not only improve the analyzer, but also tell you what we are doing, how and why. You can read about it in the following articles:

Project checks

We continue to check the quality of the Open Source projects code. What errors did we find there? Read in these articles:

What to play

We've made a quiz where you can test your skills and find errors in code fragments. So far, the quiz has only the C++ version. Do you want this quiz to be for C# too? Leave a comment. :)

You can play this game here.

Try PVS-Studio 7.19

You can download the latest version of PVS-Studio here. Don't have a license? Request a trial key!

Popular related articles


Comments (0)

Next comments next comments
close comment form
close form

Fill out the form in 2 simple steps below:

Your contact information:

Step 1
Congratulations! This is your promo code!

Desired license type:

Step 2
Team license
Enterprise license
** By clicking this button you agree to our Privacy Policy statement
close form
Request our prices
New License
License Renewal
--Select currency--
USD
EUR
* By clicking this button you agree to our Privacy Policy statement

close form
Free PVS‑Studio license for Microsoft MVP specialists
* By clicking this button you agree to our Privacy Policy statement

close form
To get the licence for your open-source project, please fill out this form
* By clicking this button you agree to our Privacy Policy statement

close form
I am interested to try it on the platforms:
* By clicking this button you agree to our Privacy Policy statement

close form
check circle
Message submitted.

Your message has been sent. We will email you at


If you do not see the email in your inbox, please check if it is filtered to one of the following folders:

  • Promotion
  • Updates
  • Spam