C++代码静态分析工具-Prefast
来源:互联网 发布:淘宝网买基金 编辑:程序博客网 时间:2024/05/20 01:11
1. 什么是Prefast 3.Prefast能帮你找到哪些错误 // no initial void defect1() { int a; int b; b = a; } 会报: d:/test/testcode/testcode.cpp(18) : warning C6001: Using uninitialized memory 'a': Lines: 15, 16, 18 // one path dereference NULL void defect4( int b, int c) { int * p = NULL; int a = 1 ; if (b == 1 ) { if (c == 1 ) { p = & a; } else { } } else { if (c == 1 ) { } else { p = & a; } } * p; return ; } 会报:d:/test/testcode/testcode.cpp(65) : warning C6011: Dereferencing NULL pointer 'p': Lines: 45, 46, 48, 57, 65 void defect5() { int a = 1 ; int b = 1 ; int c = 1 ; if (a & b == c) return ; } 会报: d:/test/testcode/testcode.cpp(76) : warning C6281: Incorrect order of operations: relational operators have higher precedence than bitwise operators void defect8() { char buf[ 100 ]; char buf2[ 200 ]; int i = 100 ; sprintf(buf, " hello world %d " , i); strcpy(buf, buf2); } 会报: d:/test/testcode/testcode.cpp(133) : warning C6202: Buffer overrun for 'buf', which is possibly stack allocated, in call to 'strcpy': length '200' exceeds buffer size '100' // infinite loop void defect14() { signed char i; for (i = 100 ; i >= 0 ; i ++ ) { ; } } 会报: d:/test/testcode/testcode.cpp(198) : warning C6292: Ill-defined for-loop: counts up from maximum // Format string mismatch void defect21() { char buff[ 5 ]; sprintf(buff, " %s %s " , " a " ); } 会报: d:/test/testcode/testcode.cpp(277) : warning C6063: Missing string argument to 'sprintf' that corresponds to conversion specifier '2' void defect27() { CreateProcess(NULL, " c://program files//Project.exe arg1 " , // correct "/"c://program files//Project.exe/" arg1", NULL, NULL, false , 0 , NULL, NULL, NULL, NULL); } 会报: d:/test/testcode/testcode.cpp(327) : warning C6277: NULL application name with an unquoted path in call to 'CreateProcessA': results in a security vulnerability if the path contains spaces void defect32() { int a = 1 ; if (a = 2 ) return ; } 会报: d:/test/testcode/testcode.cpp(405) : warning C6282: Incorrect operator: assignment of constant in Boolean context. Consider using '==' instead // always false void defect45() { int x; if ( 0 && x ++ ) { ; } } 会报: d:/test/testcode/testcode.cpp(564) : warning C6237: (<zero> && <expression>) is always zero. <expression> is never evaluated and might have side effects |
- VS 2008中的C/C++静态代码分析工具Prefast
- 代码静态分析工具c类:prefast ,c++ test,xtests
- C++代码静态分析工具-Prefast
- C++代码静态分析工具-Prefast
- C++代码静态分析工具-Prefast
- C++代码静态分析工具-Prefast
- 安全编码实践三:C/C++静态代码分析工具Prefast
- 安全编码实践三:C/C++静态代码分析工具Prefast
- 安全编码实践三:C/C++静态代码分析工具Prefast
- 安全编码实践三:C/C++静态代码分析工具Prefast
- 安全编码实践三:C/C++静态代码分析工具Prefast
- C++代码静态分析工具-Prefast 和 Fxcop
- c代码静态分析工具
- C/C++静态代码分析工具
- 静态代码分析工具
- 静态代码分析工具
- 静态代码分析工具
- PVS-Studio C/C++/C++11 静态代码分析工具
- Win2003+Discuz!5.5+IIS6.0+MySql 5.0.37+PHP 5.2.1+Z
- 2008.11.09
- 数据库的几个应用技巧
- 怀念我的冒险岛
- jsp乱码解决大全
- C++代码静态分析工具-Prefast
- 更改Erlang的工作目录收藏
- WIN 2003下 IIS +PHP 环境建设过程
- Erlang 语言入门-1收藏
- 后院起火
- IE 自带的打印组件,WebBrowser,简单的解决B/S项目的打印解决方案,分页打印,打印预览
- sql语法语句大全收藏
- 一步一脚印 中国SOA标准体系初长成
- 12 RMAN 维护命令