Visual Studio added code analysis (/analyze) for C/C++ in order to help identify bad code. This is quite a nice feature but when you deal with and old project you may be overwhelmed by the number of warnings.
Most of the problems are generating because the old code is doing some ASSERT at the beginning of the method or function.
I think this is the ASSERT definition used in the code (from afx.h)
#define ASSERT(f) DEBUG_ONLY((void) ((f) || !::AfxAssertFailedLine(THIS_FILE, __LINE__) || (AfxDebugBreak(), 0)))
Example code:
ASSERT(pBytes != NULL);
*pBytes = 0; // <- warning C6011: Dereferencing NULL pointer 'pBytes'
I’m looking for an easy, clean and safe solution to solve these warnings that does not imply disabling these warnings. Did I mention that there are lots of occurrences in current codebase?
PREFast is telling you that you have a defect in your code; don’t ignore it. You do in fact have one, but you have only skittered around acknowleging it. The problem is this: just because
pByteshas never been NULL in development & testing doesn’t mean it won’t be in production. You don’t handle that eventuality. PREfast knows this, and is trying to warn you that production environments are hostile, and will leave your code a smoking, mutilated mass of worthless bytes./rant
There are two ways to fix this: the Right Way, and a hack.
The right way is to handle NULL pointers at runtime:
This will silence PREfast.
The hack is to use an annotation. For example:
EDIT: Here’s a link describing PREfast annotations. A starting point, anyway.