C++ / C#

Interesting checks for analyzing C/C++ code?

I am one of the developers of the PVS-Studio analyzer. You can read more about the analyzer here . We are constantly implementing new diagnostic rules. The list of what else can be implemented seems endless to me. We are constantly updating the todo list with new examples of errors that it would be good to learn how to diagnose. So we don't have problems with lack of tasks. But there is a problem of how to choose the most interesting and common types of errors. It is logical, first of all, to implement the diagnostics of those errors that are most often found in programs. The question is how to prioritize different tasks.
The idea was to create a section on the site where various examples of defects would be listed and users could vote for the mistakes that they think they make most often. I don't like this approach for two good reasons.
1) The list of errors will be very large. This means that no one will view it in its entirety. Priority will be given to examples at the top of the list. Of course, you can sort the examples randomly, but then it is not clear how to continue viewing the list, for example, the next day. And in general, everything becomes unnecessarily complicated.
2) Programmers underestimate simple mistakes (see myth two ). For example, they don't like to admit that a huge proportion of errors are due to Copy-Paste and typos. Few people will vote for an example like this:
bool isclosebrace(TCHAR c)
{
return c == _T('}') ||
c ==_T('}') || // should be ')'
c == _T (']') ||
c == _T('>');
}
Programmers will vote for uninitialized variables, overflowing arrays, and other interesting cases. But as our experience shows , a huge number of errors are misprints of various kinds. Thus, the vote will not reflect the real picture.
I came up with another option, how to prioritize. I ask you, dear programmers, to give measurements of the mistakes that you personally made. Write about any mistakes, no matter if they seem serious to you or not. The examples given will be alive and will reflect the real picture. I hope that it will be possible to see which problems occur most frequently.
I will make several such discussions on different sites. Error patterns that are in our database and about which someone will tell will receive a higher priority. If the same type of error is described several times, then this should generally be dealt with in the first place. We will be very grateful for your examples.
I will give a couple of code examples that would be interesting to see.
TCHAR headerM[headerSize] = TEXT("");
...
if (headerM != '\0')
We wanted to check if the string is empty, but forgot to exchange the pointer. A fairly common typo. Correct variant: "if (*headerM != '\0')".
if (memcmp(this, &other, sizeof(Matrix4) == 0)) {
The closing parenthesis is not there. As a result, the memcmp() function compares 0 bytes.
BOOL ret = TRUE;
if (m_hbitmap)
BOOL ret = picture.SaveToFile(fptr);
Once again declared the variable 'ret'. As a result, the case when the file cannot be saved will not be handled.
The examples given do not require complex AI and, as a result, are well diagnosed by static analysis tools. Would like to see something like this.
I think many of the examples that will be given are already diagnosed by PVS-Studio. But it's not scary, I'll filter them out. If you want, you can try yourself to see if PVS-Studio can find this or that type of error. To do this, you can use the demo version. By the way, it is fully functional and will allow you to try to check your projects at the same time.
---
Sincerely, Andrey Karpov
It is best to leave comments here, or write me an e-mail: karpov[@]viva64.com