Here′s a small compilation of curious talks at C# and .NET conferences over the past few years.

Our company talks a lot about code quality. While some of the projects chosen for code audits may not be that familiar to our readers, I′m sure many of them use finance apps. Our readers ma…

This is a brief story of how PVS-Studio collaborated with RavenDB. PVS-Studio is a static code analyzer. RavenDB is an open-source database. How can searching for errors in one project bene…

In this article, you′re going to find 60 terrible coding tips — and explanations of why they are terrible. It′s a fun and serious piece at the same time. No matter how terrible these tips look, they...

In this article, we will thoroughly examine the XSS vulnerability in a CMS written in C#. Let′s recall the theory, figure out how the security defect looks from a user′s perspective and in code, and...

PVS-Studio 7.25 has been released. In this version, we implemented the support of Qt Creator 10 and Rider 2022.2.3 (and higher), updated the libraries used by the analyzer, enhanced the doc…

There are a lot of fantastic games, but few of them are open source. In this article, we will examine the most curious bugs found in the source code of three best, to my mind, open-source games...

Today we are dissecting AWS SDK for .NET. We will look at suspicious code fragments, figure out what′s wrong with them, and try to reproduce some of the errors. Make yourself a cup of coffe…

Sometimes you might wish to feel nostalgic and play your favorite old game, but certain things in such games may seem outdated. So, to breathe new life into an old project, some enthusiasts set the...

Nintendo Switch′s popularity hasn′t waned, and with exclusive games winning awards, the desire to play them is only growing. However, not everyone has the opportunity to try out this portab…

MassTransit is an open-source distributed application framework for .NET. In this article, we′ll discuss some issues in its source code. A static analyzer will help us to identify them. Enjoy :).

How to simplify the process of bug fixing and prevent vulnerable code from being released? Use quality control tools. We will use PVS-Studio to search for errors and vulnerabilities, and DefectDojo...

PVS-Studio 7.26 has been released. Now you can run the analysis in plugins for VS Code and Qt Creator; upload the analysis results to DefectDojo, and more. In this note, we′ll take a closer look at...

The developers have an endless amount of ways to make mistakes while writing code. However, sometimes we can find obvious and interesting patterns in how and where developers make mistakes. Let′s...

How to improve the quality and reliability of a codebase? One of the answers to this question is to use static analysis. In this article, we are going to check how this methodology can impr…

In the words of Mr. John Carmack, Focus is a matter of deciding what things you′re not going to do. Taking inspiration from this quote, let′s not waste any time and delve into analyzing the code of...

I′ve been looking for a challenge to put the PVS-Studio analyzer through its paces, and that′s why I chose GCC, an open-source compiler collection. It′s not the first time we check this pro…

A user wrote to our support about a strange false positive issued by the PVS-Studio analyzer. Let′s see why this case deserves a separate note, and why developers don′t notice this simple e…

The PVS-Studio team started adding new diagnostic rules that detect errors typical for Unreal Engine projects. However, we need some help from the game development community. Please share y…