Comparison of Code Analysis Warnings and Errors - Visual Studio 2008 versus Visual Studio 2010
This blog compares the Code Analysis warnings and errors generated by Visual Studio 2008 and Visual Studio 2010.
Managed Code Analysis
Warning / Error Number |
Description |
Visual Studio 2008 Team System |
Visual Studio 2010 Premium |
An exception was raised within managed code analysis tool that does not indicate an expected error condition. |
Yes |
Yes |
|
No rules were selected. |
Yes |
Yes |
|
No targets were selected to analyze. |
Yes |
Yes |
|
Rule assembly could not be loaded. |
Yes |
Yes |
|
A custom rule assembly has invalid XML resources. |
Yes |
Yes |
|
Could not load file:<path> |
Yes |
Yes |
|
A project file has an incorrect version of the analysis tool. |
Yes |
Yes |
|
Violations cannot be mapped to the current set of targets and rules. |
Yes |
Yes |
|
Unable to load assemblies referenced. |
Yes |
Yes |
|
Command line switch error. |
Yes |
Yes |
|
Unable to load assemblies referenced indirectly. |
Yes |
Yes |
|
The rule 'RuleId' referenced in rule set 'RuleSetName' could not be found. |
- |
Yes |
|
The rule 'RuleId' could not be found. |
- | Yes |
|
Failed to load rule set file or one of its dependent rule set files. |
- | Yes |
|
No analysis was performed because the specified rule set did not contain any FxCop rules. |
- | Yes |
|
Unsupported metadata construct: Type 'TypeName' contains both a property and a field with the same name 'PropertyFieldName' |
- | Yes |
|
CA0066 |
- | Yes |
|
Directory not found. |
- | Yes |
|
Debug information could not be found for target assembly 'AssemblyName'. |
- | Yes |
|
UsingAlternatePlatform. FrameworkVersion1 could not be found. Using FrameworkVersion2 instead. For best analysis results please ensure that the correct .NET Framework is installed. |
- | Yes |
|
Unable to analyze permission attributes |
- | Yes |
|
Unable to read output report. |
Yes |
Yes |
|
Unsupported language. |
Yes |
Yes |
|
Additional warnings cannot be displayed. |
Yes |
Yes |
|
Rule directory was ignored because it does not exist |
- |
Yes |
|
The property is deprectated. Use the superceding property |
- | Yes |
|
Do not declare static members on generic types |
Yes |
Yes |
|
Types that own disposable fields should be disposable |
Yes |
Yes |
|
Do not expose generic lists |
Yes |
Yes |
|
Use generic event handler instances |
Yes |
Yes |
|
Generic methods should provide type parameter |
Yes |
Yes |
|
Avoid excessive parameters on generic types |
Yes |
Yes |
|
Do not nest generic types in member signatures |
Yes |
Yes |
|
Use generics where appropriate |
Yes |
Yes |
|
Enums should have zero value |
Yes |
Yes |
|
Declare event handlers correctly |
Yes |
Yes |
|
Collections should implement generic interface |
Yes |
Yes |
|
Consider passing base types as parameters |
Yes |
Yes |
|
Abstract types should not have constructors |
Yes |
Yes |
|
Overload operator equals on overloading add and subtract |
Yes |
Yes |
|
Mark assemblies with CLSCompliantAttribute |
Yes |
Yes |
|
Mark assemblies with AssemblyVersionAttribute |
Yes |
Yes |
|
Mark assemblies with ComVisibleAttribute |
Yes |
Yes |
|
Mark attributes with AttributeUsageAttribute |
Yes |
Yes |
|
Define accessors for attribute arguments |
Yes |
Yes |
|
Avoid namespaces with few types |
Yes |
Yes |
|
Avoid out parameters |
Yes |
Yes |
|
Indexers should not be multidimensional |
Yes |
Yes |
|
Use properties where appropriate |
Yes |
Yes |
|
Replace repetitive arguments with params array |
Yes |
Yes |
|
Default parameters should not be used |
Yes |
Yes |
|
Mark enums with FlagsAttribute |
Yes |
Yes |
|
Enum storage should be Int32 |
Yes |
Yes |
|
Use events where appropriate |
Yes |
Yes |
|
Do not catch general exception types |
Yes |
Yes |
|
Implement standard exception constructors |
Yes |
Yes |
|
Interface methods should be callable by child types |
Yes |
Yes |
|
Nested types should not be visible |
Yes |
Yes |
|
ICollection implementations have strongly typed members |
Yes |
Yes |
|
Override methods on comparable types |
Yes |
Yes |
|
Enumerators should be strongly typed |
Yes |
Yes |
|
Lists are strongly typed |
Yes |
Yes |
|
Avoid empty interfaces |
Yes |
Yes |
|
Provide ObsoleteAttribute message |
Yes |
Yes |
|
Use integral or string argument for indexers |
Yes |
Yes |
|
Properties should not be write only |
Yes |
Yes |
|
Do not pass types by reference |
Yes |
Yes |
|
Do not overload operator equals on reference types |
Yes |
Yes |
|
Do not declare protected members in sealed types |
Yes |
Yes |
|
Do not declare virtual members in sealed types |
Yes |
Yes |
|
Types that own native resources should be disposable |
Yes |
Yes |
|
Declare types in namespaces |
Yes |
Yes |
|
Do not declare visible instance fields |
Yes |
Yes |
|
Static holder types should be sealed |
Yes |
Yes |
|
Static holder types should not have constructors |
Yes |
Yes |
|
URI parameters should not be strings |
Yes |
Yes |
|
URI return values should not be strings |
Yes |
Yes |
|
URI properties should not be strings |
Yes |
Yes |
|
String URI overloads call System.Uri overloads |
Yes |
Yes |
|
Types should not extend certain base types |
Yes |
Yes |
|
Members should not expose certain concrete types |
Yes |
Yes |
|
Move P/Invokes to NativeMethods class |
Yes |
Yes |
|
Do not hide base class methods |
Yes |
Yes |
|
Validate arguments of public methods |
- | Yes |
|
Implement IDisposable correctly |
Yes |
Yes |
|
Exceptions should be public |
Yes |
Yes |
|
Do not raise exceptions in unexpected locations |
Yes |
Yes |
|
Specify MessageBoxOptions |
Yes |
Yes |
|
Avoid duplicate accelerators |
Yes |
Yes |
|
Do not hardcode locale specific strings |
Yes |
Yes |
|
Do not pass literals as localized parameters |
- | Yes |
|
Specify CultureInfo |
Yes |
Yes |
|
Specify IFormatProvider |
Yes |
Yes |
|
Set locale for data types |
Yes |
Yes |
|
Specify StringComparison |
Yes |
Yes |
|
Normalize strings to uppercase |
Yes |
Yes |
|
Use ordinal StringComparison |
Yes |
Yes |
|
P/Invoke entry points should exist |
Yes |
Yes |
|
P/Invokes should not be visible |
Yes |
Yes |
|
Avoid overloads in COM visible interfaces |
Yes |
Yes |
|
Auto layout types should not be COM visible |
Yes |
Yes |
|
Call GetLastError immediately after P/Invoke |
Yes |
Yes |
|
COM visible type base types should be COM visible |
Yes |
Yes |
|
Avoid Int64 arguments for Visual Basic 6 clients |
Yes |
Yes |
|
Avoid static members in COM visible types |
Yes |
Yes |
|
Do not use AutoDual ClassInterfaceType |
Yes |
Yes |
|
Com visible types should be creatable |
Yes |
Yes |
|
COM registration methods should be matched |
Yes |
Yes |
|
COM registration methods should not be visible |
Yes |
Yes |
|
Mark ComSource interfaces as IDispatch |
Yes |
Yes |
|
Avoid non-public fields in COM visible value types |
Yes |
Yes |
|
Mark boolean P/Invoke arguments with MarshalAs |
Yes |
Yes |
|
Declare P/Invokes correctly |
Yes |
Yes |
|
Variable names should not match field names |
Yes |
Yes |
|
Variable names should not match field names |
Yes |
Yes |
|
Avoid excessive inheritance |
Yes |
Yes |
|
Avoid excessive inheritance |
Yes |
Yes |
|
Avoid excessive complexity |
Yes |
Yes |
|
Avoid excessive complexity |
Yes |
Yes |
|
Review misleading field names |
Yes |
Yes |
|
Review misleading field names |
Yes |
Yes |
|
Avoid unmaintainable code |
Yes |
Yes |
|
Avoid unmaintainable code |
Yes |
Yes |
|
Avoid excessive class coupling |
Yes |
Yes |
|
Avoid excessive class coupling |
Yes |
Yes |
|
Do not use idle process priority |
Yes |
Yes |
|
Do not use timers that prevent power state changes |
Yes |
Yes |
|
Do not name enum values 'Reserved' |
Yes |
Yes |
|
Resource string compound words should be cased correctly |
Yes |
Yes |
|
Compound words should be cased correctly |
Yes |
Yes |
|
Resource strings should be spelled correctly |
Yes |
Yes |
|
Identifiers should be spelled correctly |
Yes |
Yes |
|
Identifiers should not contain underscores |
Yes |
Yes |
|
Identifiers should differ by more than case |
Yes |
Yes |
|
Identifiers should be cased correctly |
Yes |
Yes |
|
Identifiers should have correct suffix |
Yes |
Yes |
|
Identifiers should not have incorrect suffix |
Yes |
Yes |
|
Do not prefix enum values with type name |
Yes |
Yes |
|
Events should not have before or after prefix |
Yes |
Yes |
|
Flags enums should have plural names |
Yes |
Yes |
|
Identifiers should have correct prefix |
Yes |
Yes |
|
Identifiers should not match keywords |
Yes |
Yes |
|
Only FlagsAttribute enums should have plural names |
Yes |
Yes |
|
Parameter names should not match member names |
Yes |
Yes |
|
Identifiers should not contain type names |
Yes |
Yes |
|
Property names should not match get methods |
Yes |
Yes |
|
Identifiers should not have incorrect prefix |
Yes |
Yes |
|
Type names should not match namespaces |
Yes |
Yes |
|
Parameter names should match base declaration |
Yes |
Yes |
|
Use preferred terms |
Yes |
Yes |
|
Do not cast unnecessarily |
Yes |
Yes |
|
Review unused parameters |
Yes |
Yes |
|
Use literals where appropriate |
Yes |
Yes |
|
Remove unused locals |
Yes |
Yes |
|
Do not initialize unnecessarily |
Yes |
No |
|
Do not ignore method results |
Yes |
Yes |
|
Avoid excessive locals |
Yes |
Yes |
|
Initialize reference type static fields inline |
Yes |
Yes |
|
Avoid uncalled private code |
Yes |
Yes |
|
Avoid uninstantiated internal classes |
Yes |
Yes |
|
Avoid unsealed attributes |
Yes |
Yes |
|
Prefer jagged arrays over multidimensional |
Yes |
Yes |
|
Override equals and operator equals on value types |
Yes |
Yes |
|
Call GC.SuppressFinalize correctly |
Yes |
Yes |
|
Properties should not return arrays |
Yes |
Yes |
|
Test for empty strings using string length |
Yes |
Yes |
|
Remove empty finalizers |
Yes |
Yes |
|
Mark members as static |
Yes |
Yes |
|
Avoid unused private fields |
Yes |
Yes |
|
Mark assemblies with NeutralResourcesLanguageAttribute |
Yes |
Yes |
|
Value type fields should be portable |
Yes |
Yes |
|
P/Invoke declarations should be portable |
Yes |
Yes |
|
Use only API from targeted framework |
Yes |
Yes |
|
Dispose objects before losing scope |
- |
Yes |
|
Avoid calling problematic methods |
Yes |
Yes |
|
Do not lock on objects with weak identity |
Yes |
Yes |
|
Do not treat fibers as threads |
Yes |
Yes |
|
Remove calls to GC.KeepAlive |
Yes |
Yes |
|
Use SafeHandle to encapsulate native resources |
Yes |
Yes |
|
Review SQL queries for security vulnerabilities |
- |
Yes |
|
Specify marshaling for P/Invoke string arguments |
Yes |
Yes |
|
Catch non-CLSCompliant exceptions in general handlers |
Yes |
Yes |
|
Review imperative security |
Yes |
Yes |
|
Do not declare read only mutable reference types |
Yes |
Yes |
|
Array fields should not be read only |
Yes |
Yes |
|
Secure asserts |
Yes |
Yes |
|
Review deny and permit only usage |
Yes |
Yes |
|
Review declarative security on value types |
Yes |
Yes |
|
Review visible event handlers |
Yes |
Yes |
|
Pointers should not be visible |
Yes |
Yes |
|
Secured types should not expose fields |
Yes |
Yes |
|
Method security should be a superset of type |
Yes |
Yes |
|
Call GC.KeepAlive when using native resources |
Yes |
Yes |
|
APTCA methods should only call APTCA methods |
Yes |
Yes |
|
APTCA types should only extend APTCA base types |
Yes |
Yes |
|
Review SuppressUnmanagedCodeSecurityAttribute usage |
Yes |
Yes |
|
Seal methods that satisfy private interfaces |
Yes |
Yes |
|
Secure serialization constructors |
Yes |
Yes |
|
Static constructors should be private |
Yes |
Yes |
|
Do not indirectly expose methods with link demands |
Yes |
Yes |
|
Override link demands should be identical to base |
Yes |
Yes |
|
Wrap vulnerable finally clauses in outer try |
Yes |
Yes |
|
Type link demands require inheritance demands |
Yes |
Yes |
|
Security transparent assemblies should not contain security critical code |
Yes |
No |
|
Security transparent code should not assert |
Yes |
No |
|
Security transparent code should not reference non-public security critical members |
Yes |
No |
|
Security critical constants should be transparent |
- |
Yes |
|
Security critical types may not participate in type equivalence |
- |
Yes |
|
Default constructors must be at least as critical as base type default constructors |
- |
Yes |
|
Delegates must bind to methods with consistent transparency |
- |
Yes |
|
Methods must keep consistent transparency when overriding base methods |
- |
Yes |
|
Level 2 assemblies should not contain LinkDemands |
- |
Yes |
|
Members should not have conflicting transparency annotations |
- |
Yes |
|
Transparent methods must contain only verifiable IL |
- |
Yes |
|
Transparent methods must not call methods with the SuppressUnmanagedCodeSecurity attribute |
- |
Yes |
|
Transparent methods may not use the HandleProcessCorruptingExceptions attribute |
- |
Yes |
|
Transparent code must not reference security critical items |
- |
Yes |
|
Transparent methods must not satisfy LinkDemands |
- |
Yes |
|
Transparent code should not be protected with LinkDemands |
- |
Yes |
|
Transparent methods should not use security demands |
- |
Yes |
|
Transparent code should not load assemblies from byte arrays |
- |
Yes |
|
Transparent methods should not be decorated with the SuppressUnmanagedCodeSecurityAttribute |
- |
Yes |
|
Types must be at least as critical as their base types and interfaces |
- |
Yes |
|
Transparent methods may not use security asserts |
- |
Yes |
|
Transparent methods must not call native code |
- |
Yes |
|
Rethrow to preserve stack details |
Yes |
Yes |
|
Do not raise reserved exception types |
Yes |
Yes |
|
Do not dispose objects multiple times |
- |
Yes |
|
Literals should be spelled correctly |
- |
Yes |
|
Use managed equivalents of Win32 API |
Yes |
Yes |
|
Initialize value type static fields inline |
Yes |
Yes |
|
Instantiate argument exceptions correctly |
Yes |
Yes |
|
Assemblies should have valid strong names |
Yes |
Yes |
|
Non-constant fields should not be visible |
Yes |
Yes |
|
Do not mark serviced components with WebMethod |
Yes |
Yes |
|
Disposable fields should be disposed |
Yes |
Yes |
|
Do not call overridable methods in constructors |
Yes |
Yes |
|
Dispose methods should call base class dispose |
- |
Yes |
|
Disposable types should declare finalizer |
Yes |
Yes |
|
Do not mark enums with FlagsAttribute |
Yes |
Yes |
|
Override GetHashCode on overriding Equals |
Yes |
Yes |
|
Do not raise exceptions in exception clauses |
Yes |
Yes |
|
Finalizers should call base class finalizer |
Yes |
Yes |
|
Finalizers should be protected |
Yes |
Yes |
|
Do not decrease inherited member visibility |
Yes |
Yes |
|
Members should differ by more than return type |
Yes |
Yes |
|
Override equals on overloading operator equals |
Yes |
Yes |
|
Operator overloads have named alternates |
Yes |
Yes |
|
Operators should have symmetrical overloads |
Yes |
Yes |
|
Collection properties should be read only |
Yes |
Yes |
|
Do not ship unreleased resource formats |
Yes |
Yes |
|
Implement serialization constructors |
Yes |
Yes |
|
Use params for variable arguments |
Yes |
Yes |
|
Overload operator equals on overriding ValueType.Equals |
Yes |
Yes |
|
Mark Windows Forms entry points with STAThread |
Yes |
Yes |
|
Operations should not overflow |
Yes |
Yes |
|
Pass System.Uri objects instead of strings |
Yes |
Yes |
|
Mark all non-serializable fields |
Yes |
Yes |
|
Call base class methods on ISerializable types |
Yes |
Yes |
|
Mark ISerializable types with SerializableAttribute |
Yes |
Yes |
|
Implement serialization methods correctly |
Yes |
Yes |
|
Provide deserialization methods for optional fields |
Yes |
Yes |
|
Implement ISerializable correctly |
Yes |
Yes |
|
Provide correct arguments to formatting methods |
- |
Yes |
|
Test for NaN correctly |
Yes |
Yes |
|
Attribute string literals should parse correctly |
Yes |
Yes |
FxCopCmd Errors
No changes between Visual Studio 2008 and Visual Studio 2010.
Warning / Error Number |
Description |
Visual Studio Team System 2008 |
Visual Studio 2010 Premium |
0x0 |
No errors |
Yes |
Yes |
0x1 |
Analysis error |
Yes |
Yes |
0x2 |
Rule exceptions |
Yes |
Yes |
0x4 |
Project load error |
Yes |
Yes |
0x8 |
Assembly load error |
Yes |
Yes |
0x10 |
Rule library load error |
Yes |
Yes |
0x20 |
Import report load error |
Yes |
Yes |
0x40 |
Output error |
Yes |
Yes |
0x80 |
Command line switch error |
Yes |
Yes |
0x100 |
Initialization error |
Yes |
Yes |
0x200 |
Assembly references error |
Yes |
Yes |
0x400 |
BuildBreakingMessage |
Yes |
Yes |
0x1000000 |
Unknown error |
Yes |
Yes |
C/C++ Code Analysis
No changes between Visual Studio 2008 and Visual Studio 2010.
Warning / Error Number |
Description |
Visual Studio Team System 2008 |
Visual Studio 2010 Premium |
using uninitialized memory <variable> |
Yes |
Yes |
|
dereferencing NULL pointer <name> |
Yes |
Yes |
|
possible buffer overrun in call to <function>: use of unchecked value |
Yes |
Yes |
|
return value ignored: <function> could return unexpected value |
Yes |
Yes |
|
call to <function> may not zero-terminate string <variable> |
Yes |
Yes |
|
string <variable> may not be zero-terminated |
Yes |
Yes |
|
buffer overrun due to number of characters/number of bytes mismatch in call to <function> |
Yes |
Yes |
|
Incorrect length parameter in call to <function>. Pass the number of remaining characters, not the buffer size of <variable> |
Yes |
Yes |
|
missing string argument to <function> corresponding to conversion specifier <number> |
Yes |
Yes |
|
missing integer argument to <function> corresponding to conversion specifier <number> |
Yes |
Yes |
|
non-pointer passed as parameter <number> when pointer is required in call to <function> |
Yes |
Yes |
|
parameter <number> in call to <function> must be the address of the string |
Yes |
Yes |
|
index <name> is out of valid index range <min> to <max> for non-stack buffer <variable> |
Yes |
Yes |
|
buffer overrun for <variable>, which is possibly stack allocated: index <name> is out of valid index range <min> to <max> |
Yes |
Yes |
|
buffer overrun for <variable>, which is possibly stack allocated, in call to <function>: length <size> exceeds buffer size <max> |
Yes |
Yes |
|
buffer overrun for buffer <variable> in call to <function>: length <size> exceeds buffer size |
Yes |
Yes |
|
possible buffer overrun in call to <function>: use of unchecked parameter <variable> |
Yes |
Yes |
|
using 'sizeof<variable1>' as parameter <number> in call to <function> where <variable2> may be an array of wide characters, did you intend to use character count rather than byte count? |
Yes |
Yes |
|
Leaking memory <pointer> due to an exception. Consider using a local catch block to clean up memory |
Yes |
Yes |
|
cast between semantically different integer types: HRESULT to a Boolean type |
Yes |
Yes |
|
cast between semantically different integer types: a Boolean type to HRESULT |
Yes |
Yes |
|
compiler-inserted cast between semantically different integral types: a Boolean type to HRESULT |
Yes |
Yes |
|
Implicit cast between semantically different integer types: testing HRESULT with 'not'. Consider using SUCCEEDED or FAILED macro instead |
Yes |
Yes |
|
Implicit cast between semantically different integer types: comparing HRESULT to 1 or TRUE. Consider using SUCCEEDED or FAILED macro instead |
Yes |
Yes |
|
warning C6220 - Implicit cast between semantically different integer types: comparing HRESULT to -1. Consider using SUCCEEDED or FAILED macro instead |
Yes |
Yes |
|
Implicit cast between semantically different integer types: comparing HRESULT to an integer. Consider using SUCCEEDED or FAILED macros instead |
Yes |
Yes |
|
Implicit cast between semantically different integer types: assigning 1 or TRUE to HRESULT. Consider using S_FALSE instead |
Yes |
Yes |
|
Implicit cast between semantically different integer types: assigning -1 to HRESULT. Consider using E_FAIL instead |
Yes |
Yes |
|
implicit cast between semantically different integer types: using HRESULT in a Boolean context |
Yes |
Yes |
|
(<non-zero constant> || <expression>) is always a non-zero constant |
Yes |
Yes |
|
(<expression> || <non-zero constant>) is always a non-zero constant |
Yes |
Yes |
|
(<zero> && <expression>) is always zero. <expression> is never evaluated and may have side effects |
Yes |
Yes |
|
(<non-zero constant> && <expression>) always evaluates to the result of <expression>. Did you intend to use the bitwise-and operator? |
Yes |
Yes |
|
(<expression> && <non-zero constant>) always evaluates to the result of <expression>. Did you intend to use the bitwise-and operator? |
Yes |
Yes |
|
A jump out of this try-block forces local unwind. Incurs severe performance penalty |
Yes |
Yes |
|
local declaration of <variable> hides previous declaration at <line> of <file> |
Yes |
Yes |
|
Local declaration of <variable> hides declaration of same name in outer scope. Additional Information: See previous declaration at <location>. |
Yes |
Yes |
|
setting a SECURITY_DESCRIPTOR’s DACL to NULL will result in an unprotected object |
Yes |
Yes |
|
Calling <function> VirtualFree without the MEM_RELEASE flag may free memory but not address descriptors (VADs); results in address space leaks |
Yes |
Yes |
|
_alloca indicates failure by raising a stack overflow exception. Consider using _alloca_s instead |
Yes |
Yes |
|
using TerminateThread does not allow proper thread clean up |
Yes |
Yes |
|
labeled code is unreachable: (<expression> & <constant>) in switch-expr cannot evaluate to <case-label> |
Yes |
Yes |
|
sizeof * sizeof is almost always wrong, did you intend to use a character count or a byte count? |
Yes |
Yes |
|
Function uses <constant> bytes of stack: exceeds /analyze:stacksize<constant>. Consider moving some data to heap |
Yes |
Yes |
|
using _alloca in a loop; this can quickly overflow stack |
Yes |
Yes |
|
Incorrect order of operations: (<TYPE1>)(<TYPE2>)x + y. Possible missing parentheses in (<TYPE1>)((<TYPE2>)x + y) |
Yes |
Yes |
|
possible incorrect order of operations: dereference ignored |
Yes |
Yes |
|
missing float argument to <function>: add a float argument corresponding to conversion specifier <number> |
Yes |
Yes |
|
extra argument passed to <function>: parameter <number> is not used by the format string |
Yes |
Yes |
|
non-float passed as argument <number> when float is required in call to <function> |
Yes |
Yes |
|
warning 6273 - non-integer passed as parameter <number> when integer is required in call to <function>: if a pointer value is being passed, %p should be used |
Yes |
Yes |
|
non-character passed as parameter <number> when character is required in call to <function> |
Yes |
Yes |
|
Cast between semantically different string types: char* to wchar_t*. Use of invalid string can lead to undefined behavior |
Yes |
Yes |
|
NULL application name with an unquoted path in call to <function>: results in a security vulnerability if the path contains spaces |
Yes |
Yes |
|
<variable> is allocated with array new [], but deleted with scalar delete. Destructors will not be called |
Yes |
Yes |
|
<variable> is allocated with scalar new, deleted with array delete [] |
Yes |
Yes |
|
<variable> is allocated with <function>, but deleted with <function> |
Yes |
Yes |
|
warning 6281 - incorrect order of operations: relational operators have higher precedence than bitwise operators |
Yes |
Yes |
|
Incorrect operator: assignment of constant in Boolean context. Consider using '==' instead |
Yes |
Yes |
|
<variable> is allocated with array new [], but deleted with scalar delete |
Yes |
Yes |
|
object passed as parameter '%d' when string is required in call to <function>. |
Yes |
Yes |
|
(<non-zero constant> || <non-zero constant>) is always a non-zero constant. Did you intend to use the bitwise-and operator? |
Yes |
Yes |
|
(<non-zero constant> || <expression>) is always a non-zero constant. <expression> is never evaluated and may have side effects |
Yes |
Yes |
|
redundant code: the left and right sub-expressions are identical |
Yes |
Yes |
|
Incorrect operator: mutual inclusion over && is always zero. Did you intent to use || instead? |
Yes |
Yes |
|
Incorrect operator: mutual exclusion over || is always a non-zero constant. Did you intend to use && instead? |
Yes |
Yes |
|
Bitwise operation on logical result: ! has higher precedence than &. Use && or (!(x & y)) instead |
Yes |
Yes |
|
Bitwise operation on logical result: ! has higher precedence than |. Use || or (!(x | y)) instead |
Yes |
Yes |
|
ill-defined for-loop: counts up from maximum |
Yes |
Yes |
|
Ill-defined for-loop: counts down from minimum |
Yes |
Yes |
|
Ill-defined for-loop: initial condition does not satisfy test. Loop body not executed |
Yes |
Yes |
|
Ill-defined for-loop: <variable> values are of the range "min" to "max". Loop executed indefinitely |
Yes |
Yes |
|
Ill-defined for-loop: Loop body only executed once |
Yes |
Yes |
|
Arithmetic overflow: 32-bit value is shifted, then cast to 64-bit value. Result may not be an expected value |
Yes |
Yes |
|
using a read-only string <pointer> as a writable string argument: this will attempt to write into static read-only memory and cause random crashes |
Yes |
Yes |
|
explicitly comparing a bit field to a Boolean type will yield unexpected results |
Yes |
Yes |
|
format string mismatch: character string passed as parameter <number> when wide character string is required in call to <function> |
Yes |
Yes |
|
format string mismatch: wide character string passed as parameter <number> when character string is required in call to <function> |
Yes |
Yes |
|
potential mismatch between sizeof and countof quantities |
Yes |
Yes |
|
incorrect call to <function>: consider using <function> which accepts a va_list as an argument |
Yes |
Yes |
|
'realloc' may return null pointer: assigning a null pointer to <variable>, which is passed as an argument to 'realloc', will cause the original memory block to be leaked |
Yes |
Yes |
|
argument <number> is null: it does not adhere to function specification of <function> |
Yes |
Yes |
|
illegal constant in exception filter can cause unexpected behavior |
Yes |
Yes |
|
Possible infinite loop: use of the constant EXCEPTION_CONTINUE_EXECUTION in the exception-filter expression of a try-except |
Yes |
Yes |
|
Incorrect operator: Zero-valued flag cannot be tested with bitwise-and. Use an equality test to look for zero-valued flags |
Yes |
Yes |
|
Incorrect order of operations: bitwise-or has higher precedence than the conditional-expression operator. Add parentheses to clarify intent |
Yes |
Yes |
|
Incorrect order of operations: bitwise-and has higher precedence than bitwise-or. Add parentheses to clarify intent |
Yes |
Yes |
|
Incorrect operator: tested expression is constant and non-zero. Use bitwise-and to determine whether bits are set |
Yes |
Yes |
|
incorrect operator: logical-not (!) is not interchangeable with ones-complement (~) |
Yes |
Yes |
|
Ill-defined __try/__except: use of the constant EXCEPTION_CONTINUE_SEARCH or another constant that evaluates to zero in the exception-filter expression. The code in the exception handler block is not executed |
Yes |
Yes |
|
use of the comma-operator in a tested expression causes the left argument to be ignored when it has no side-effects |
Yes |
Yes |
|
exception-filter expression is the constant EXCEPTION_EXECUTE_HANDLER. This may mask exceptions that were not intended to be handled |
Yes |
Yes |
|
empty _except block |
Yes |
Yes |
|
warning 6323 - use of arithmetic operator on Boolean type(s) |
Yes |
Yes |
|
potential incorrect use of <function1>: Did you intend to use <function2>? |
Yes |
Yes |
|
potential comparison of a constant with another constant |
Yes |
Yes |
|
Potential buffer overrun: SysAllocStringLen copies <number> characters from the string <variable> without validating the number of characters to copy. The code may crash |
Yes |
Yes |
|
warning C6328:<type> passed as parameter <number> when <type> is required in call to <function> |
Yes |
Yes |
|
Invalid parameter: passing MEM_RELEASE and MEM_DECOMMIT in conjunction to <function> is not allowed. This results in the failure of this call |
Yes |
Yes |
|
Invalid parameter: passing zero as the dwFreeType parameter to <function> is not allowed. This results in the failure of this call |
Yes |
Yes |
|
Invalid parameter: passing MEM_RELEASE and a non-zero dwSize parameter to <function> is not allowed. This results in the failure of this call |
Yes |
Yes |
|
sizeof operator applied to an expression with an operator may yield unexpected results |
Yes |
Yes |
|
leaking process information handle <handlename> |
Yes |
Yes |
|
arithmetic operator has precedence over question operator, use parentheses to clarify intent |
Yes |
Yes |
|
Shutdown API <function> requires a valid dwReason or lpMessage |
Yes |
Yes |
|
buffer overrun due to conversion of an element count into a byte count: an element count is expected for parameter <number> in call to <function> |
Yes |
Yes |
|
dividing sizeof a pointer by another value |
Yes |
Yes |
|
invalid data: accessing <buffer name>, the readable size is <size1> bytes, but <size2> bytes may be read: Lines: x, y |
Yes |
Yes |
|
buffer overrun: accessing <buffer name>, the writable size is <size1> bytes, but <size2> bytes may be written: Lines: x, y |
Yes |
Yes |
|
<argument> may be <value>: this does not adhere to the specification for the function <function name>: Lines: x, y |
Yes |
Yes |
|
<argument> may not be <value>: this does not adhere to the specification for the function <function name>: Lines: x, y |
Yes |
Yes |
|
Using <function name> to perform a case-insensitive compare to constant string <string name>. Yields unexpected results in non-English locales |
Yes |
Yes |
|
Using <function name> in a default locale to perform a case-insensitive compare to constant string < string name>. Yields unexpected results in non-English locales |
Yes |
Yes |
|
invalid annotation: value for <name> property is invalid |
Yes |
Yes |
|
annotation conflict: <name> property conflicts with previously specified property |
Yes |
Yes |
|
annotation conflict: references may not be marked Null=Yes or Null=Maybe |
Yes |
Yes |
|
invalid annotation: property may only be used on values of pointer, pointer-to-member, or array type |
Yes |
Yes |
|
invalid annotation: MustCheck property may not be used on values of void type |
Yes |
Yes |
|
invalid annotation: <name> property may only be used on values of pointer or array types |
Yes |
Yes |
|
annotation conflict: Null property at Deref=0 on a post condition must be a subset of the Null property on the precondition |
Yes |
Yes |
|
invalid annotation: write access is not allowed on const values |
Yes |
Yes |
|
invalid annotation: 'return' cannot be referenced from a precondition |
Yes |
Yes |
|
invalid annotation: NullTerminated property may only be used on values of pointer or array type |
Yes |
Yes |
|
invalid annotation: MustCheck property must be Yes or No |
Yes |
Yes |
|
invalid annotation: Null property must be Maybe if the Valid property is No |
Yes |
Yes |
|
invalid annotation: ElementSizeConst requires additional size properties |
Yes |
Yes |
|
invalid annotation: value of the <name> property exceeds the size of the array |
Yes |
Yes |
|
warning C6515 - invalid annotation: <name> property may only be used on values of pointer type |
Yes |
Yes |
|
invalid annotation: no properties specified for <name> attribute |
Yes |
Yes |
|
annotation conflict: ValidElementsConst and ValidBytesConst may not be specified on the buffers that are not readable |
Yes |
Yes |
|
annotation conflict: WriteableElementsConst and WriteableBytesConst may not be specified on buffers that are not writable |
Yes |
Yes |
|
invalid size specification: * operator can only be applied to pointer types |
Yes |
Yes |
|
invalid size specification: expression must be of integral type |
Yes |
Yes |
|
invalid size specification: parameter <name> not found |
Yes |
Yes |
|
invalid size specification: property value may not be valid |
Yes |
Yes |
|
warning C6526 - invalid size specification: expression must be of array or pointer type |
Yes |
Yes |
|
warning 6530: unrecognized format string style <name> |
Yes |
Yes |
|
buffer cannot be of size <n>, bigger than max(size_t) |
Yes |
Yes |
Comments
Anonymous
April 08, 2010
C6302 has the wrong description, see linked actual error.Anonymous
April 14, 2010
Good catch. Fixed it.