Clever Geek Handbook

GTK: Wie der erste Durchlauf des Analysators in Zahlen aussieht

Für manche Menschen scheint die Einführung eines statischen Analysators in ein Projekt ein unüberwindbares Hindernis zu sein. Aus irgendeinem Grund ist die Meinung weit verbreitet, dass das Volumen der beim ersten Start veröffentlichten Analyseergebnisse so groß ist, dass nur zwei Optionen in Betracht gezogen werden: Nicht damit herumspielen oder alle Personen wechseln, um Warnungen zu beheben. In diesem Artikel werden wir versuchen, diesen Mythos zu zerstreuen, indem wir den Analysator in einem GTK-Projekt implementieren und konfigurieren.





Einführung

GTK – . GTK 4, PVS-Studio. , . PVS-Studio C++ .





GTK

:





4 (Fails) + 1102 (High) + 1159 (Medium) + 3093 (Low) = 5358 .





, .





:





V530 [CWE-252] The return value of function 'g_strrstr_len' is required to be utilized. strfuncs.c 1803





/* Testing functions bounds */
static void
test_bounds (void)
{
  ....
  g_strrstr_len (string, 10000, "BUGS");
  g_strrstr_len (string, 10000, "B");
  g_strrstr_len (string, 10000, ".");
  g_strrstr_len (string, 10000, "");
  ....
}

, GTK, PVS-Studio.





:





gtk/_build/
gtk/subprojects/
gtk/tests/
gtk/testsuite/

:





2 (Fails) + 819 (High) + 461 (Medium) + 1725 (Low) = 3007 .





, , — .





, , - . :





V501 There are identical sub-expressions '* (& pipe->ref_count)' to the left and to the right of the '^' operator. gdkpipeiostream.c 65





static GdkIOPipe *
gdk_io_pipe_ref (GdkIOPipe *pipe)
{
  g_atomic_int_inc (&pipe->ref_count);

  return pipe;
}

- - . . . , :





#V501
//-V:g_atomic_int_:501
#V547
//-V:GTK_IS_:547
//-V:GDK_IS_:547
//-V:G_IS_:547
//-V:G_VALUE_HOLDS:547
#V568
//-V:g_set_object:568

, V501, V547 V568.





:





2 (Fails) + 773 (High) + 417 (Medium) + 1725 (Low) = 2917 .





. V1042:





V1042 [CWE-1177] This file is marked with copyleft license, which requires you to open the derived source code. main.c 12





, . GTK , :





2 (Fails) + 164 (High) + 417 (Medium) + 1725 (Low) = 2308 .





2 Fails:





  • V002 Some diagnostic messages may contain incorrect line number in this file. gdkrectangle.c 1





  • V002 Some diagnostic messages may contain incorrect line number in this file. gdktoplevelsize.c 1





, , . 1-2 , - . , MSVC.





.





:





164 (High) + 417 (Medium) + 1725 (Low) = 2306 .





, , , , : , . , V501 , :





V501 There are identical sub-expressions 'G_PARAM_EXPLICIT_NOTIFY' to the left and to the right of the '|' operator. gtklistbase.c 1151





static void
gtk_list_base_class_init (GtkListBaseClass *klass)
{
  ....
  properties[PROP_ORIENTATION] =
    g_param_spec_enum ("orientation",
                       P_("Orientation"),
                       P_("The orientation of the orientable"),
                       GTK_TYPE_ORIENTATION,
                       GTK_ORIENTATION_VERTICAL,
                       G_PARAM_READWRITE |
                       G_PARAM_EXPLICIT_NOTIFY |  // <=
                       G_PARAM_EXPLICIT_NOTIFY);  // <=
  ....
}

! . 57%. , .





, , . , , . , .





.





, , . , , , . , .





, . , . , , , . , . , EFL Core Libraries , , 10-15% . , , 1-2 8-9 .





, . . . , . " legacy ".





.





, : Svyatoslav Razmyslov. GTK: The First Analyzer Run in Figures.







More articles:


All Articles