It was a fairly straightforward bug. A wide-character string function was called with a byte count instead of a character count, leading to a buffer overrun. After finding the problem the fix was as simple as changing sizeof to _countof. … Continue reading
I recently discovered that Microsoft’s VC++ compiler loads mshtml.dll – also known as Internet Explorer. The compiler does this whenever the /analyze option (requesting static code analysis) is used. I’m no compiler architecture expert, but a compiler that loads Internet … Continue reading
VS 2013 is almost done and VS 2014 is being planned and I’ve been pushing for the VC++ features/bug-fixes that matter most to me. I’ve come up with two requests that seem plausible and valuable. If you like them then … Continue reading
I’ve been running static code analysis on four large code bases for over two years now. After the initial work of looking through all of the warnings and fixing the serious bugs I put the projects into code analysis maintenance … Continue reading
Last October I wrote about a crashing bug in the /analyze feature of Microsoft’s VC++ compiler – a use-after-free in their annotation parser. It’s now fixed.
Last month I posted about a crashing bug in Visual Studio 2012’s static code analysis feature. The irony was delicious. Yesterday I found another bug in the same feature. This one isn’t quite as dramatic, but I found it amusing, … Continue reading
All software has bugs, but there is something ironic about a crashing bug in the /analyze portion of Microsoft’s VC++ 2012 compiler. The investigation of this bug also shows yet another reason you should test your software using Microsoft’s Application … Continue reading