Obuka
Certifikacija
Microsoft Certified: Security Operations Analyst Associate - Certifications
Investigate, search for, and mitigate threats using Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft 365 Defender.
Code analysis for C/C++ overview
The C/C++ Code Analysis tool provides information about possible defects in your C/C++ source code. Common coding errors reported by the tool include buffer overruns, uninitialized memory, null pointer dereferences, and memory and resource leaks. The tool can also run checks against the C++ Core Guidelines.
The code analysis tool is fully integrated within the Visual Studio IDE.
During the build process, any warnings generated for the source code appear in the Error List. You can navigate to source code that caused the warning, and you can view additional information about the cause and possible solutions of the issue.
You can also use the analysis tool from the command line, as shown in the following example:
Windows Command Prompt
C:\>cl /analyze Sample.cpp
Visual Studio 2017 version 15.7 and later: You can run the tool from the command line with any build system including CMake.
You can use the #pragma directive to treat warnings as errors; enable or disable warnings, and suppress warnings for individual lines of code. For more information, see Pragma directives and the __pragma and _Pragma keywords.
Annotations improve the accuracy of the code analysis. Annotations provide additional information about pre- and post- conditions on function parameters and return types. For more information, see Using SAL Annotations to Reduce C/C++ Code Defects.
You might want to require that all source code check-ins satisfy certain policies. In particular, you want to make sure that analysis was run as a step of the most recent local build. For more information about enabling a code analysis check-in policy, see Creating and Using Code Analysis Check-In Policies.
You can use the integrated features of the build system to run code analysis tool as a step of the Azure DevOps build process. For more information, see Azure Pipelines.
- Quickstart: Code analysis for C/C++
- Walkthrough: Analyze C/C++ Code for Defects
- Code Analysis for C/C++ Warnings
- Use the C++ Core Guidelines checkers
- C++ Core Guidelines Checker Reference
- Use rule sets to specify the C++ rules to run
- Analyze Driver Quality by Using Code Analysis Tools
- Code Analysis for Drivers Warnings
Dodatni resursi
Dokumentacija
-
Quickstart: Code analysis for C/C++
Run static analysis on C++ code in Visual Studio to detect common coding problems and defects.
-
Walkthrough: Analyzing C/C++ code for defects
Demonstrates how to use code analysis with Microsoft C++ in Visual Studio.
-
Learn how Visual Studio can help you analyze C and C++ code quality.