To get a trial key
fill out the form below
Team License (standard version)
Enterprise License (extended version)
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Request our prices
New License
License Renewal
--Select currency--
USD
EUR
GBP
RUB
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
To get the licence for your open-source project, please fill out this form
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
To get the licence for your open-source project, please fill out this form
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
I am interested to try it on the platforms:
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Message submitted.

Your message has been sent. We will email you at


If you haven't received our response, please do the following:
check your Spam/Junk folder and click the "Not Spam" button for our message.
This way, you won't miss messages from our team in the future.

>
>
Examples of errors detected by the V528…

Examples of errors detected by the V528 diagnostic

Apr 05 2021

V528. It is odd that pointer is compared with the 'zero' value. Probably meant: *ptr != zero.


Ultimate TCP/IP

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *m_szPassword != '\0'. UTMail ut_crammd5.cpp 333


char *CUT_CramMd5::GetClientResponse(LPCSTR ServerChallenge)
{
  ....
  if (m_szPassword != NULL)
  {
    ....
    if (m_szPassword != '\0')
    {
  ....
}

Most likely this is what should be written here: (*m_szPassword != '\0').

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *m_szPassword != '\0'. UTMail ut_crammd5.cpp 331
  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *m_szUserName != '\0'. UTMail ut_crammd5.cpp 340
  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *m_szUserName != '\0'. UTMail ut_crammd5.cpp 342

Fennec Media

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *pSlash != '\0'. rtphint.cpp 346


void MP4RtpHintTrack::GetPayload(....)
{
  ....
  if (pSlash != NULL) {
    pSlash++;
    if (pSlash != '\0') {
      length = strlen(pRtpMap) - (pSlash - pRtpMap);
      *ppEncodingParams = (char *)MP4Calloc(length + 1);
      strncpy(*ppEncodingParams, pSlash, length);
    }
}

This is what should have been written here: (*pSlash != '\0').


CxImage

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *cp != '\0'. jasper jpc_util.c 154


int jpc_atoaf(char *s, int *numvalues, double **values)
{
  ....
  while ((cp = strtok(0, delim))) {
    if (cp != '\0') {
      ++n;
    }
  }
  ....
  while ((cp = strtok(0, delim))) {
    if (cp != '\0') {
      vs[n] = atof(cp);
      ++n;
    }
  }
  ....
}

This is an example of a Copy-Paste code with an error. This is an example of potential vulnerability. Pointer dereferencing is missing. This is what should have been written here: (*cp != '\0').

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *cp != '\0'. jasper jpc_util.c 172

Notepad++

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *headerM != '\0'. notepadPlus printer.cpp 378


TCHAR headerM[headerSize] = TEXT("");
....
size_t Printer::doPrint(bool justDoIt)
{
  ....
  if (headerM != '\0')
  ....
}

Miranda IM

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *str != '\0'. clist_modern modern_skinbutton.cpp 282


static char *_skipblank(char * str)
{
  char * endstr=str+strlen(str);
  while ((*str==' ' || *str=='\t') && str!='\0') str++;
  while ((*endstr==' ' || *endstr=='\t') &&
         endstr!='\0' && endstr<str)
    endstr--;
  ....
}

This code is a candidate for access violation: the '*' pointer dereferencing is missing twice.

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *endstr != '\0'. clist_modern modern_skinbutton.cpp 283

Doom 3

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *classname != '\0'. Game game_local.cpp 1250


bool idGameLocal::InitFromSaveGame(....)
{
  ....
  const char *classname =
    mapEnt->epairs.GetString( "classname" );
  if ( classname != '\0' ) {
    FindEntityDef( classname, false );
  }
  ....
}

Most likely this is what should be written here: ( *classname != '\0' )

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *soundShaderName != '\0'. Game game_local.cpp 1619

Mozilla Firefox

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *token == '\0'. svgnumberlist.cpp 96


nsresult
SVGNumberList::SetValueFromString(const nsAString& aValue)
{
  ....
  const char *token = str.get();
  if (token == '\0') {
    return NS_ERROR_DOM_SYNTAX_ERR; // nothing between commas
  }
  ....
}

Most likely this is what should be written here: (*token == '\0')


Trans-Proteomic Pipeline

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *pValue == '\0'. xtandem saxhandler.cpp 323


void SAXSpectraHandler::pushPeaks(....)
{
  ....
  while(*pValue != '\0' && a < m_peaksCount) {
    while(*pValue != '\0' && isspace(*pValue))
      pValue++;
    if(pValue == '\0')
      break;
    m_vfM.push_back((float)atof(pValue));
    ....
}

This is what should have been written here: if(*pValue == '\0')

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *pValue == '\0'. xtandem saxhandler.cpp 335
  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *pValue != '\0'. xtandem loadmspectrum.cpp 727
  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *pValue != '\0'. xtandem loadmspectrum.cpp 918

Visualization Toolkit (VTK)

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *this->GeometryFileName == '\0'. vtkIO vtkbyureader.cxx 109


int vtkBYUReader::RequestData(....)
{
  ....
  if (this->GeometryFileName == NULL ||
      this->GeometryFileName == '\0')
  ....
}

This is what should have been written here: this->GeometryFileName[0] == '\0'


OpenCV

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *cp != '\0'. jpc_util.c 105


int jpc_atoaf(char *s, int *numvalues, double **values)
{
  char *cp;
  ....
  while ((cp = strtok(0, delim))) {
    if (cp != '\0') {
      ++n;
    }
  }
  ....
}

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *cp != '\0'. jpc_util.c 123

Snes9x

V528 It is odd that pointer to 'wchar_t' type is compared with the L'\0' value. Probably meant: *ext == L'\0'. wsnes9x.cpp 6952


bool RegisterExt(TCHAR *ext) {
  LONG  regResult;
  TCHAR  szRegKey[PATH_MAX];
  TCHAR  szExePath[PATH_MAX];
  TCHAR   *szExeName;
  HKEY  hKey;

  if (!ext || ext==TEXT('\0'))
    return false;
  ....
}

Apache HTTP Server

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: ** ctx->re_source == '\0'. libhttpd util_expr_eval.c 167


typedef struct {
  ....
  const char **re_source;
  ....
} ap_expr_eval_ctx_t;

static const char *ap_expr_eval_re_backref(
  ap_expr_eval_ctx_t *ctx, unsigned int n)
{
  int len;
  if (!ctx->re_pmatch || !ctx->re_source ||
      *ctx->re_source == '\0' ||
      ctx->re_nmatch < n + 1)
    return "";
  ....
}

Scilab

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: ** category == '\0'. sci_xcospalload.cpp 57


int sci_xcosPalLoad(char *fname, unsigned long fname_len)
{
  ....
  char **category = NULL;
  ....
  if (category == NULL ||
      (lenCategory == 1 && *category == '\0'))
  ....
}

Scilab

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *st->start != '\0'. pldstr.c 303


struct PLD_strtok
{
  char *start;
  char delimeter;
};

char *PLD_strtok(....)
{
  ....
  if ((st->start)&&(st->start != '\0'))
  ....
}

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: ** category == '\0'. sci_xcospalload.cpp 57

TortoiseGit

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *last_dot + 1 != '\0'. path.c 1258


void
svn_path_splitext(const char **path_root,
                  const char **path_ext,
                  const char *path,
                  apr_pool_t *pool)
{
  const char *last_dot;
  ....
  last_dot = strrchr(path, '.');
  if (last_dot && (last_dot + 1 != '\0'))
  ....
}

Most likely this is what should be written here: "if (last_dot && (*(last_dot + 1) != '\0'))" or "if (last_dot && last_dot[1] != '\0')".


TortoiseGit

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *src_orig == '\0'. utf.c 501


static const char *
fuzzy_escape(const char *src, apr_size_t len, apr_pool_t *pool)
{
  const char *src_orig = src;
  ....
  while (src_orig < src_end)
  {
    if (! svn_ctype_isascii(*src_orig) || src_orig == '\0')
  ....
}

Most likely this is what should be written here: if (! svn_ctype_isascii(*src_orig) || *src_orig == '\0').


Miranda NG

V528 It is odd that pointer to 'wchar_t' type is compared with the L'\0' value. Probably meant: *dbv.ptszVal != L'\0'. SimpleStatusMsg msgbox.cpp 247


HWND WINAPI CreateRecentComboBoxEx(....)
{
  ....
  if (dbv.ptszVal != NULL && dbv.ptszVal != '\0') {
  ....
}

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *fp->trust != '\0'. MirOTR options.cpp 759
  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *(end + 1) != '\0'. DbEditorPP exportimport.cpp 425
  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *(end + 1) != '\0'. DbEditorPP exportimport.cpp 433
  • And 1 additional diagnostic messages.

The GTK+ Project

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *data->groups[0] != '\0'. gtkrecentmanager.c 979


struct _GtkRecentData
{
  ....
  gchar **groups;
  ....
};

gboolean
gtk_recent_manager_add_full (GtkRecentManager    *manager,
                             const gchar         *uri,
                             const GtkRecentData *data)
{
  ....
  if (data->groups && data->groups[0] != '\0')
      ....
  ....
}

The GTK+ Project

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *priv->icon_list[0] == '\0'. gtkscalebutton.c 987


struct _GtkScaleButtonPrivate
{
  ....
  gchar **icon_list;
  ....
};

struct _GtkScaleButton
{
  ....
  GtkScaleButtonPrivate *priv;
};

static void
gtk_scale_button_update_icon (GtkScaleButton *button)
{
  GtkScaleButtonPrivate *priv = button->priv;
  ....
  if (!priv->icon_list || priv->icon_list[0] == '\0')
  ....
}

GCC

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *xloc.file == '\0'. ubsan.c 1472


static bool
ubsan_use_new_style_p (location_t loc)
{
  if (loc == UNKNOWN_LOCATION)
    return false;

  expanded_location xloc = expand_location (loc);
  if (xloc.file == NULL || strncmp (xloc.file, "\1", 2) == 0
      || xloc.file == '\0' || xloc.file[0] == '\xff'
      || xloc.file[1] == '\xff')
    return false;

  return true;
}

ReOpenLDAP

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *ludp->lud_filter != '\0'. backend.c 1525


int
fe_acl_group(....)
{
  ....
  if ( ludp->lud_filter != NULL &&
       ludp->lud_filter != '\0') // <=
  {
    ....
  }
}

Similar errors can be found in some other places:

  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *(* lsei)->lsei_values[0] == '\0'. syntax.c 240
  • V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *(* lsei)->lsei_values[1] != '\0'. syntax.c 241

GDB

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: ** argp == '\0'. location.c 527


struct event_location *
string_to_explicit_location (const char **argp, ....)
{
  ....
  if (argp == NULL
      || *argp == '\0'
      || *argp[0] != '-'
      || !isalpha ((*argp)[1])
      || ((*argp)[0] == '-' && (*argp)[1] == 'p'))
    return NULL;
  ....
}

Partio

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *charArray[i] != '\0'. MC.cpp 109


int CharArrayLen(char** charArray)
{
  int i = 0;
  if(charArray != false)
  {
    while(charArray[i] != '\0')   // <=
    {
      i++;
    }
  }
  return i;
}

Aspell

V528 It is odd that pointer to 'char' type is compared with the '\0' value. Probably meant: *word == '\0'. check_funs.cpp 650


static void print_truncate(
  FILE * out, const char * word, int width)
{
  ....
  if (i == width-1) {
    if (word == '\0')
      put(out,' ');
    else if (word[len] == '\0')
      put(out, word, len);
    else
      put(out,'$');
    ++i;
  }
  ....
}

Popular related articles
The Last Line Effect

Date: May 31 2014

Author: Andrey Karpov

I have studied many errors caused by the use of the Copy-Paste method, and can assure you that programmers most often tend to make mistakes in the last fragment of a homogeneous code block. I have ne…
Characteristics of PVS-Studio Analyzer by the Example of EFL Core Libraries, 10-15% of False Positives

Date: Jul 31 2017

Author: Andrey Karpov

After I wrote quite a big article about the analysis of the Tizen OS code, I received a large number of questions concerning the percentage of false positives and the density of errors (how many erro…
How PVS-Studio Proved to Be More Attentive Than Three and a Half Programmers

Date: Oct 22 2018

Author: Andrey Karpov

Just like other static analyzers, PVS-Studio often produces false positives. What you are about to read is a short story where I'll tell you how PVS-Studio proved, just one more time, to be more atte…
Static analysis as part of the development process in Unreal Engine

Date: Jun 27 2017

Author: Andrey Karpov

Unreal Engine continues to develop as new code is added and previously written code is changed. What is the inevitable consequence of ongoing development in a project? The emergence of new bugs in th…
Free PVS-Studio for those who develops open source projects

Date: Dec 22 2018

Author: Andrey Karpov

On the New 2019 year's eve, a PVS-Studio team decided to make a nice gift for all contributors of open-source projects hosted on GitHub, GitLab or Bitbucket. They are given free usage of PVS-Studio s…
PVS-Studio for Java

Date: Jan 17 2019

Author: Andrey Karpov

In the seventh version of the PVS-Studio static analyzer, we added support of the Java language. It's time for a brief story of how we've started making support of the Java language, how far we've co…
Technologies used in the PVS-Studio code analyzer for finding bugs and potential vulnerabilities

Date: Nov 21 2018

Author: Andrey Karpov

A brief description of technologies used in the PVS-Studio tool, which let us effectively detect a large number of error patterns and potential vulnerabilities. The article describes the implementati…
The way static analyzers fight against false positives, and why they do it

Date: Mar 20 2017

Author: Andrey Karpov

In my previous article I wrote that I don't like the approach of evaluating the efficiency of static analyzers with the help of synthetic tests. In that article, I give the example of a code fragment…
Appreciate Static Code Analysis!

Date: Oct 16 2017

Author: Andrey Karpov

I am really astonished by the capabilities of static code analysis even though I am one of the developers of PVS-Studio analyzer myself. The tool surprised me the other day as it turned out to be sma…
The Ultimate Question of Programming, Refactoring, and Everything

Date: Apr 14 2016

Author: Andrey Karpov

Yes, you've guessed correctly - the answer is "42". In this article you will find 42 recommendations about coding in C++ that can help a programmer avoid a lot of errors, save time and effort. The au…

Comments (0)

Next comments

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
This website uses cookies and other technology to provide you a more personalized experience. By continuing the view of our web-pages you accept the terms of using these files. If you don't want your personal data to be processed, please, leave this site.
Learn More →
Accept