Walkthrough: Analyzing C/C++ Code for Defects

This walkthrough demonstrates how to analyze C/C++ code for potential code defects by using the code analysis tool for C/C++ code.

In this walkthrough, you step through the process of using code analysis to analyze your C/C++ code for potential code defects.

You will complete the following steps:

Prerequisites

Open the Demo solution in Visual Studio.

The Demo solution now populates Solution Explorer.
On the Build menu, click Rebuild Solution.

The solution builds without any errors or warnings.
In Solution Explorer, select the CodeDefects project.
On the Project menu, click Properties.

The CodeDefects Property Pages dialog box is displayed.
Click Code Analysis.
Click the Enable Code Analysis for C/C++ on Build check box.
Rebuild the CodeDefects project.

Code analysis warnings are displayed in the Error List.

On the View menu, click Error List.

Depending on the developer profile that you chose in Visual Studio, you might have to point to Other Windows on the View menu, and then click Error List.
In the Error List, double-click the following warning:

warning C6230: Implicit cast between semantically different types: using HRESULT in a Boolean context.

The code editor displays the line that caused the warning in the function boolProcessDomain(). This warning indicates that a HRESULT is being used in an 'if' statement where a Boolean result is expected.
Correct this warning by using the SUCCEEDED macro. Your code should resemble the following code:
```
if (SUCCEEDED (ReadUserAccount()) )
```
In the Error List, double-click the following warning:

warning C6282: Incorrect operator: assignment to constant in test context. Was == intended?
Correct this warning by testing for equality. Your code should look similar to the following code:
```
if ((len == ACCOUNT_DOMAIN_LEN) || (g_userAccount[len] != '\\'))
```

In the Bug.cpp file, add the following #pragma statement to the beginning of the file to treat the warning C6001 as an error:
```
#pragma warning (error: 6001)
```
Rebuild the CodeDefects project.

In the Error List, C6001 now appears as an error.
Correct the remaining two C6001 errors in the Error List by initializing i and j to 0.
Rebuild the CodeDefects project.

The project builds without any warnings or errors.

In Solution Explorer, select the Annotations project.
On the Project menu, click Properties.

The Annotations Property Pages dialog box is displayed.
Click Code Analysis.
Select the Enable Code Analysis for C/C++ on Build check box.
Rebuild the Annotations project.
In the Error List, double-click the following warning:

warning C6011: Dereferencing NULL pointer 'newNode'.

This warning indicates failure by the caller to check the return value. In this case, a call to AllocateNode might return a NULL value (see the annotations.h header file for function declaration for AllocateNode).
Open the annotations.cpp file.
To correct this warning, use an 'if' statement to test the return value. Your code should resemble the following code:

if (NULL != newNode)

{

newNode->data = value;

newNode->next = 0;

node->next = newNode;

}
Rebuild the Annotations project.

The project builds without any warnings or errors.

Annotate formal parameters and return value of the function AddTail by using the Pre and Post conditions as shown in this example:

[returnvalue:SA_Post (Null=SA_Maybe)] LinkedList* AddTail

(

[SA_Pre(Null=SA_Maybe)] LinkedList* node,

int value

)
Rebuild Annotations project.
In the Error List, double-click the following warning:

warning C6011: Dereferencing NULL pointer 'node'.

This warning indicates that the node passed into the function might be null, and indicates the line number where the warning was raised.
To correct this warning, use an 'if' statement to test the return value. Your code should resemble the following code:
```
  . . .
  LinkedList *newNode = NULL; 
  if (NULL == node)
  {
       return NULL;
      . . .
  }
```
Rebuild Annotations project.

The project builds without any warnings or errors.