Pull to refresh
279.92

Open source *

Open source software

Show first
Rating limit
Level of difficulty

Short-lived Music or MuseScore Code Analysis

Reading time 11 min
Views 760

Having only programming background, it is impossible to develop software in some areas. Take the difficulties of medical software development as an example. The same is with music software, which will be discussed in this article. Here you need an advice of subject matter experts. However, it's more expensive for software development. That is why developers sometimes save on code quality. The example of the MuseScore project check, described in the article, will show the importance of code quality expertise. Hopefully, programming and musical humor will brighten up the technical text.

Читать далее
Total votes 2: ↑1 and ↓1 0
Comments 0

PVS-Studio, Blender: Series of Notes on Advantages of Regular Static Analysis of Code

Reading time 5 min
Views 462

PVS-Studio and Blender


In our articles, we regularly repeat an important idea: a static analyzer should be used regularly. This helps detect and cheaply fix many errors at the earliest stage. It looks nice in theory. As we know, actions still speak louder than words. Let's look at some recent bugs in new code of the Blender project.

Read more →
Rating 0
Comments 0

HDB++ TANGO Archiving System

Reading time 3 min
Views 1K
main

What is HDB++?


This is a TANGO archiving system, allows you to save data received from devices in the TANGO system.


Working with Linux will be described here (TangoBox 9.3 on base Ubuntu 18.04), this is a ready-made system where everything is configured.


What is the article about?


  • System architecture.
  • How to set up archiving.

It took me ~ 2 weeks to understand the architecture and write my own scripts for python for this case.


What is it for?


Allows you to store the history of the readings of your equipment.


  • You don't need to think about how to store data in the database.
  • You just need to specify which attributes to archive from which equipment.
Read more →
Rating 0
Comments 0

Free Heroes of Might and Magic II: Open-Source Project that You Want to Be Part of

Reading time 8 min
Views 3.8K

Recently we found out that the new version of the fheroes2 project was released. In our company there are many fans of Heroes of Might and Magic game series. So, we couldn't pass it up and checked the project by PVS-Studio.

Читать далее
Total votes 6: ↑6 and ↓0 +6
Comments 0

Why PVS-Studio Uses Data Flow Analysis: Based on Gripping Error in Open Asset Import Library

Reading time 5 min
Views 653

Why PVS-Studio Uses Data Flow Analysis
An essential part of any modern static code analyzer is data flow analysis. However, from an outside perspective, the use of data flow analysis and its benefit is unclear. Some people still consider static analysis a tool searching for something in code according to a certain pattern. Thus, we occasionally write blog posts to show how this or that technology, used in the PVS-Studio analyzer, helps to identify another interesting error. Today, we have such an article about the bug found in the Base64, one of the encoding standard implementations of binary data.

Read more →
Total votes 2: ↑2 and ↓0 +2
Comments 0

Just for Fun: PVS-Studio Team Came Up With Monitoring Quality of Some Open Source Projects

Reading time 5 min
Views 1.1K

Static code analysis is a crucial component of all modern projects. Its proper application is even more important. We decided to set up a regular check of some open source projects to see the effect of the analyzer's frequent running. We use the PVS-Studio analyzer to check projects. As for viewing the outcome, the choice fell on SonarQube. As a result, our subscribers will learn about new interesting bugs in the newly written code. We hope you'll have fun.

Читать далее
Rating 0
Comments 1

COVID-19 Research and Uninitialized Variable

Reading time 2 min
Views 1.2K

0796_covid_sim/image1.png
There is an open project COVID-19 CovidSim Model, written in C++. There is also a PVS-Studio static code analyzer that detects errors very well. One day they met. Embrace the fragility of mathematical modeling algorithms and why you need to make every effort to enhance the code quality.

Read more →
Total votes 2: ↑2 and ↓0 +2
Comments 5

Finding Typos in the GTK 4 Project by PVS-Studio

Reading time 16 min
Views 620

0793_GTK_4_continue/image1.png


You may have already read a recent article about the first PVS-Studio run and filtration of warnings. We used the GTK 4 project as an example. It's about time we worked with the received report in more detail. Our regular readers may have already guessed that this article will be a description of errors found in the code.

Read more →
Total votes 6: ↑5 and ↓1 +4
Comments 0

How PVS-Studio Checked ELKI in January

Reading time 9 min
Views 710

If you feel like the New Year just came, and you missed the first half of January, then all this time you've been busy looking for tricky bugs in the code you maintain. It also means that our article is what you need. PVS-Studio has checked the ELKI open source project to show you errors that may occur in the code, how cunningly they can hide there, and how you can deal with them.


ELKI/image1.png

Read more →
Total votes 3: ↑3 and ↓0 +3
Comments 1

Modern Portable Voice Activity Detector Released

Reading time 3 min
Views 4.7K

image


Currently, there are hardly any high quality / modern / free / public voice activity detectors except for WebRTC Voice Activity Detector (link). WebRTC though starts to show its age and it suffers from many false positives.


Also in some cases it is crucial to be able to anonymize large-scale spoken corpora (i.e. remove personal data). Typically personal data is considered to be private / sensitive if it contains (i) a name (ii) some private ID. Name recognition is a highly subjective matter and it depends on locale and business case, but Voice Activity and Number Detection are quite general tasks.


Key features:


  • Modern, portable;
  • Low memory footprint;
  • Superior metrics to WebRTC;
  • Trained on huge spoken corpora and noise / sound libraries;
  • Slower than WebRTC, but fast enough for IOT / edge / mobile applications;
  • Unlike WebRTC (which mostly tells silence from voice), our VAD can tell voice from noise / music / silence;
  • PyTorch (JIT) and ONNX checkpoints;

Typical use cases:


  • Spoken corpora anonymization;
  • Can be used together with WebRTC;
  • Voice activity detection for IOT / edge / mobile use cases;
  • Data cleaning and preparation, number and voice detection in general;
  • PyTorch and ONNX can be used with a wide variety of deployment options and backends in mind;
Read more →
Rating 0
Comments 0

ONLYOFFICE Community Server: how bugs contribute to the emergence of security problems

Reading time 12 min
Views 910
image1.png

Server-side network applications rarely get the chance to join the ranks of our reviews of errors found in open source software. This is probably due to their popularity. After all, we try to pay attention to the projects that readers themselves offer us. At the same time, servers often perform very important functions, but their performance and benefits remain invisible to most users. So, by chance, the code of ONLYOFFICE Community Server was checked. It turned out to be a very fun review.
Read more →
Total votes 4: ↑3 and ↓1 +2
Comments 2

Talking About Errors in the QuantConnect Lean Code

Reading time 17 min
Views 392
image1.png

This article discusses errors found using a static analyzer in an open source project. There are some simple things that can help you avoid them. For example, the usage of language syntactic constructs starting from C# 8.0. We hope it will be exciting. Have fun reading!
Read more →
Total votes 2: ↑1 and ↓1 0
Comments 0

cGit-UI — a web interface for Git Repositories

Reading time 7 min
Views 3K

cGit-UI — is a web interface for Git repositories. cGit-UI is based on CGI script written in С.


This article covers installing and configuring cGit-UI to work using Nginx + uWsgi. Setting up server components is quite simple and practically does not differ from setting up cGit.


cGit-UI supports Markdown files that are processed on the server side using the md4c library, which has proven itself in the KDE Plasma project. cGit-UI provides the ability to add site verification codes and scripts from systems such as Google Analytics and Yandex.Metrika for trafic analysis. Users who wonder to receive donations for his projects can create and import custom donation modal dialogs.


Instead of looking at screenshots, it is better to look at the working site to decide on installing cGit-UI on your own server.

Read more →
Rating 0
Comments 2

Analyzing the Code Quality of Microsoft's Open XML SDK

Reading time 10 min
Views 895
image1.png

My first encounter with Open XML SDK took place when I was looking for a library that I could use to create some accounting documents in Word. After more than 7 years of working with Word API, I wanted to try something new and easier-to-use. That's how I learned that Microsoft offered an alternative solution. As tradition has it, before our team adopts any program or library, we check them with the PVS-Studio analyzer.
Read more →
Total votes 5: ↑2 and ↓3 -1
Comments 1

Modern Web-UI for SVN repositories

Reading time 8 min
Views 2.6K

cSvn — is a web interface for Subversion repositories. cSvn is based on CGI script written in С.


This article covers installing and configuring cSvn to work using Nginx + uWsgi. Setting up server components is quite simple and practically does not differ from setting up cGit.


cSvn supports Markdown files that are processed on the server side using the md4c library, which has proven itself in the KDE Plasma project. cSvn provides the ability to add site verification codes and scripts from systems such as Google Analytics and Yandex.Metrika for trafic analysis. Users who wonder to receive donations for his projects can create and import custom donation modal dialogs.


Instead of looking at screenshots, it is better to look at the working site to decide on installing cSvn on your own server.


It should be noted that you can browse not only your own repositories, but also configure viewing of third-party resources via HTTPS and SVN protocols.

Read more →
Rating 0
Comments 0

Checking Clang 11 with PVS-Studio

Reading time 10 min
Views 685
PVS-Studio: I'm still worthy

Every now and then, we have to write articles about how we've checked another fresh version of some compiler. That's not really much fun. However, as practice shows, if we stop doing that for a while, folks start doubting whether PVS-Studio is worth its title of a good catcher of bugs and vulnerabilities. What if the new compiler can do that too? Sure, compilers evolve, but so does PVS-Studio – and it proves, again and again, its ability to catch bugs even in high-quality projects such as compilers.
Read more →
Total votes 3: ↑2 and ↓1 +1
Comments 0

Checking a Header-Only C++ Library Collection (awesome-hpp)

Reading time 17 min
Views 1.1K
PVS-Studio and Awesome hpp

Somehow, we've happened to check most of the libraries making up a collection called "Awesome hpp". These are small header-only projects in C++. Hopefully, the information about the bugs we've found will help make the libraries better. We'll also be happy to see the developers use PVS-Studio on a regular basis thanks to the free-license option we provide.
Read more →
Rating 0
Comments 0

Amnesia: The Dark Descent or How to Forget to Fix Copy Paste

Reading time 14 min
Views 754
image1.png

Just before the release of the "Amnesia: Rebirth" game, the vendor "Fractional Games" opened the source code of the legendary "Amnesia: The Dark Descent" and its sequel "Amnesia: A Machine For Pigs". Why not use the static analysis tool to see what dreadful mistakes are hidden in the inside of these cult horror games?
Read more →
Rating 0
Comments 0

Authors' contribution