static analysis Archives

C++ Core Check in Visual Studio

Jordan MaplesOctober 6, 2020Oct 6, 202010/6/20

C++ Core Check is Microsoft’s static analysis tool that enforces the rules from the C++ Core Guidelines, which is maintained by the C++ Foundation. This post is to provide a snapshot of the C++ Core Guidelines coverage that C++ Core Check offers. For background, the C++ team introduced C++ Core Check in December 2015 as part of Visual ...

New Safety Rules in C++ Code Analysis

Hwi-sung ImOctober 2, 2020Oct 2, 202010/2/20

In Visual Studio version 16.8 Preview 3, we are adding a few safety rules to C++ Code Analysis that can find some common mistakes, which can lead to bugs ranging from simple broken features to costly security vulnerabilities. These new rules are developed around issues discovered in production software via security reviews and...

New safety rules in C++ Core Check

Sunny ChatterjeeSeptember 4, 2020Sep 4, 202009/4/20

Rust and C++ are two popular systems programming languages. For years, the focus of C++ has been on performance. We are increasingly hearing calls from customers and security researchers that C++ should have stronger safety guarantees in the language. C++ often falls behind Rust when it comes to programming safety. Visual Studio 2019 ...

Lifetime Profile Update in Visual Studio 2019 Preview 2

Kyle ReedJanuary 24, 2019Jan 24, 201901/24/19

The C++ Core Guidelines' Lifetime Profile, which is part of the C++ Core Guidelines, aims to detect lifetime problems, like dangling pointers and references, in C++ code. It uses the type information already present in the source along with some simple contracts between functions to detect defects at compile time with minimal annotation. ...

C++ Core Checks in Visual Studio 2017 15.7 Preview 2

Sunny ChatterjeeMarch 22, 2018Mar 22, 201803/22/18

This post was written by Sergiy Oryekhov. The C++ Core Guidelines Check extension received several new rules in Visual Studio 2017 15.7 Preview 2. The primary focus in this iteration was on the checks that would make it easier to adopt utilities from the Guidelines Support Library. Below is a quick summary of these additions. For more ...

C++ Code Analysis Improvements for Visual Studio 2017 15.7 Preview 1

Kyle ReedMarch 13, 2018Mar 13, 201803/13/18

点这里看中文版 We're making it easier to configure and use the C++ code analysis features with a set of changes targeting 15.7. In the first 15.7 preview we've cleaned up the UI, fixed our documentation links and, most importantly, simplified the way analysis extensions are configured. If you're not familiar with C++ Core Check, it's...

Arithmetic overflow checks in C++ Core Check

Sunny ChatterjeeFebruary 23, 2018Feb 23, 201802/23/18

点这里看中文版 We've improved the C++ Code Analysis toolset with every major compiler update in Visual Studio 2017. Version 15.6, now in Preview, includes a set of arithmetic overflow checks. This article discusses those checks and why you’ll want to enable them in your code. If you’re just getting started with C++ Code Analysis ...

C++ Core Check in Visual Studio 2017 15.6 Preview 2

Andrew PardoeJanuary 18, 2018Jan 18, 201801/18/18

点这里看中文版 This post was written by Sergiy Oryekhov. Note that some of the links to docs.microsoft.com do not yet resolve. Not all of the official documentation has yet been written for this topic. Visual Studio 2017 15.6 Preview 2 includes a set of updates to the C++ Core Guidelines Check extension. We added more checks to help ...

C++ Static Analysis Improvements for Visual Studio 2017 15.6 Preview 2

Kyle ReedJanuary 10, 2018Jan 10, 201801/10/18

点这里看中文版 We've made a few changes to the C++ static analysis feature that should make it faster and easier to use. The behavior has changed slightly, and the menus have been moved around a bit, but we think that the new experience is faster and more consistent. Let's take a quick look at the changes. Single File Analysis ...

C++ Core Check improvements in Visual Studio 2017 15.5

Andrew PardoeNovember 15, 2017Nov 15, 201711/15/17

点这里看中文版 This post was written by Sergiy Oryekhov. In Visual Studio 2017 version 15.5 Preview 4 we have refreshed our C++ Core Guidelines Check extension for native code static analysis tools. Most of the work since 15.3 has been focused on new rules that will help developers starting new projects write safer C++ and those with...

C++ Team Blog

static analysis Archives | C++ Team Blog