static analysis Archives

Static Analysis Fixes, Improvements, and Updates in Visual Studio 2019 version 16.10

Jordan Maples June 10, 2021 Jun 10, 2021 06/10/21

The C++ static analysis team is committed to making your C++ coding experience as safe as possible. We are adding richer code safety checks and addressing high impact customer feedback bugs posted on the C++ Developer Community page. Thank you for engaging with us and giving us great feedback on the past releases and early previews leading ...

New Static Analysis Rule for Bounds Checking

Jordan Maples May 11, 2021 May 11, 2021 05/11/21

We have added a new experimental static analysis rule in Visual Studio 16.10 version Preview 3 - C26458, WARNING_PATH_SENSITIVE_USE_GSL_AT. The new warning is a more precise and less noisy version of warning C26446, WARNING_USE_GSL_AT. Both warnings analyse standard containers for unchecked element access and they both share the warning ...

Static Analysis Fixes, Improvements, and Updates in Visual Studio 2019 16.9

Jordan Maples March 17, 2021 Mar 17, 2021 03/17/21

MSVC static analysis update for Visual Studio 16.9.

Even More New Safety Rules in C++ Code Analysis

Hwi-sung Im October 28, 2020 Oct 28, 2020 10/28/20

In Visual Studio version 16.8 Preview 3,  we have added a few safety rules to C++ Code Analysis that can find some common mistakes, which can lead to bugs ranging from simple broken features to costly security vulnerabilities. These new rules are developed around issues discovered in production software via ...

C++ Core Check in Visual Studio

Jordan Maples October 6, 2020 Oct 6, 2020 10/6/20

C++ Core Check is Microsoft’s static analysis tool that enforces the rules from the C++ Core Guidelines, which is maintained by the C++ Foundation. This post is to provide a snapshot of the C++ Core Guidelines coverage that C++ Core Check offers. For background, the C++ team introduced C++ Core Check in December 2015 as part of Visual ...

New Safety Rules in C++ Code Analysis

Hwi-sung Im October 2, 2020 Oct 2, 2020 10/2/20

In Visual Studio version 16.8 Preview 3, we are adding a few safety rules to C++ Code Analysis that can find some common mistakes, which can lead to bugs ranging from simple broken features to costly security vulnerabilities. These new rules are developed around issues discovered in production software via security reviews and...

New safety rules in C++ Core Check

Sunny Chatterjee September 4, 2020 Sep 4, 2020 09/4/20

Rust and C++ are two popular systems programming languages. For years, the focus of C++ has been on performance. We are increasingly hearing calls from customers and security researchers that C++ should have stronger safety guarantees in the language. C++ often falls behind Rust when it comes to programming safety. Visual Studio 2019 ...

Lifetime Profile Update in Visual Studio 2019 Preview 2

Kyle Reed January 24, 2019 Jan 24, 2019 01/24/19

The C++ Core Guidelines' Lifetime Profile, which is part of the C++ Core Guidelines, aims to detect lifetime problems, like dangling pointers and references, in C++ code. It uses the type information already present in the source along with some simple contracts between functions to detect defects at compile time with minimal annotation. ...

C++ Core Checks in Visual Studio 2017 15.7 Preview 2

Sunny Chatterjee March 22, 2018 Mar 22, 2018 03/22/18

This post was written by Sergiy Oryekhov. The C++ Core Guidelines Check extension received several new rules in Visual Studio 2017 15.7 Preview 2. The primary focus in this iteration was on the checks that would make it easier to adopt utilities from the Guidelines Support Library. Below is a quick summary of these additions. For more ...

C++ Code Analysis Improvements for Visual Studio 2017 15.7 Preview 1

Kyle Reed March 13, 2018 Mar 13, 2018 03/13/18

点这里看中文版 We're making it easier to configure and use the C++ code analysis features with a set of changes targeting 15.7. In the first 15.7 preview we've cleaned up the UI, fixed our documentation links and, most importantly, simplified the way analysis extensions are configured. If you're not familiar with C++ Core Check, it's...

C++ Team Blog

static analysis Archives | C++ Team Blog