Webinar: Evaluation - 05.12
In this article, I'm going to tell you about PVS-Studio, an analyzer for C and C++ code, and show you how to use it in the Visual C++ environment. This guide is specifically intended for beginner users.
PVS-Studio supports Microsoft Visual Studio 2019, 2017, 2015, 2013, 2012, and 2010. See the documentation for the system requirements. Currently, PVS-Studio can analyze projects written in C, C++, C#, and Java. However, this article focuses on programmers who work in Visual C++ and are looking for help to get started with the analyzer.
The installation package can be downloaded here. After running it, you'll be offered a number of integration options (Figure 1) to choose from. Unavailable options are greyed out.
Figure 1. Integration components selection window.
After you have installed PVS-Studio, open the About window of Visual Studio and make sure the analyzer is present among installed products.
Once the installation is complete, you can go on to check your project. You can also try analyzing the entire solution. To do that, click Extensions > PVS-Studio > Check > Solution (Figure 2).
Figure 2. Checking a solution with PVS-Studio.
If you have any difficulties running the check, see the "PVS-Studio: Troubleshooting" section on our website. Those are not some dumb hints like "make sure the plug is plugged into the outlet". The section describes typical issues that our users have reported and ways to solve them.
Once the check is complete, the diagnostic messages will appear in a special window. This window has a lot of elements, which all serve to manipulate the list so that you can view only the warnings of interest. At first, however, it might look somewhat complicated.
Figure 3. Warnings window. Click on the image to enlarge.
The complete overview of the window's elements can be found in the documentation, but now we'll focus only on the basic ones:
PVS-Studio is a tool for static application security testing (SAST), which means it can detect potential vulnerabilities in source code and show the corresponding weakness identifier according to a particular classification.
PVS-Studio supports the following weakness classifications:
To enable CWE codes, open the analyzer window's drop-down menu and then tick Show Columns > CWE
Figure 4. Enabling CWE codes from the drop-down menu.
Another way to do that is Extensions > PVS-Studio > Display CWE Codes in Output Window on Visual Studio's menu bar
Figure 5. PVS-Studio submenu in the Extensions menu.
Unlike that, MISRA diagnostics are enabled in the options window:
Figure 6. List of detectable weaknesses.
You can learn more about these classifications here.
PVS-Studio_Cmd.exe is a utility to check C++ .vcxproj projects and solutions from the command line. It can be useful if you want to automate the analysis process. The program can be found in the installation directory, which is 'C:\Program Files (x86)\PVS-Studio' by default.
The utility has multiple parameters, but you'll need only three to get started:
This is what you will see after starting the check:
Figure 7. Output of the PVS-Studio_Cmd.exe utility
Once the check is finished, a plog file containing the analysis report will be created in the directory specified in the start parameters. This report can be converted into other formats using the PlogConverter.exe utility, and if you want to open the report in the IDE, simply double-click on the plog file in the Windows Explorer.
The report file can also be opened from the Extensions menu: Extensions > PVS-Studio > Open/Save > Open Analysis Report...
Figure 8. Opening an analysis report from the plugin's menu.
See the documentation for details on the utility and its parameters.
The analyzer provides a variety of means to suppress false positives. They are described in detail in the following sections:
Let's take a look at an example of a warning issued by the analyzer. The following code snippet is taken from the ReactOS project:
VOID NTAPI
AtapiDmaInit(....)
{
....
ULONG treg = 0x54 + (dev < 3) ? (dev << 1) : 7;
....
}
PVS-Studio's diagnostic message: V502 Perhaps the '?:' operator works in a different way than it was expected. The '?:' operator has a lower priority than the '+' operator. uniata id_dma.cpp 1610
The 0x54 + (dev < 3) expression will always evaluate to true: the non-null constant 0x54 is first added to the result of the (dev < 3) expression, which can evaluate either to 0 or 1, and only then is the resulting value compared with zero.
This is what the correct version looks like:
VOID NTAPI
AtapiDmaInit(....)
{
....
ULONG treg = 0x54 + ((dev < 3) ? (dev << 1) : 7);
....
}
We have solved the issue by enclosing the '?:' operation in parentheses so that its result will now depend on the result of the (dev < 3) expression.
That was a brief introduction into getting started with PVS-Studio for Visual C++. It doesn't cover all of the aspects, of course, so welcome to our blog, where we explain in detail how to work with the analyzer, and see the documentation for complete descriptions of the diagnostic messages and tool's settings.
0