Development of large complex projects is impossible without the use of programming techniques and tools helping to monitor the quality of the code. First, it requires a literate coding standard...
Until recently, in our articles we have positioned PVS-Studio as a tool for detecting errors in code. While we almost never regarded PVS-Studio in a security context. We will try to remedy...
For a start, it is worth to remember what is vulnerability, and why one shouldn't trust data received from outside. The vulnerabilities are simple bugs that will make you famous all over...
A new version of the PVS-Studio analyzer 6.23 is working under macOS, which allows you to check the projects written in C and C++. Our team decided to perform a XNU Kernel check to coincide it...
We'd like to present the series of articles dealing with the recommendations on writing code of high quality using the examples of errors found in the Chromium project. This is the fifth part...
This small article is an intermediate result of a search on a topic of already known vulnerabilities in open source C# projects. I wanted to look at the examples of code that was vulnerable...
This article will demonstrate that during the development of large projects static analysis is not just a useful, but a completely necessary part of the development process. This article is the...
A vulnerability in terms of computer security, is a flaw in the system allowing someone to violate the integrity, or deliberately cause a malfunction, of the program. Practice shows that even...
We have suddenly realized that there are opportunities for mutually beneficial cooperation between us and information security experts. Those experts who specialize in search of vulnerabilities...
Spreading the word about PVS-Studio static analyzer, we usually write articles for programmers. However, some things are seen by programmers quite one-sided. That is why there are project...
