#660 Created a build configuration for static analysis support

[Alexander Riccio]

I've created a configuration ("Unicode Static Analysis") that allows us to run static analysis. I'll post in a comment.

[Alexander Riccio]

Here it is.

[Menno Vogels]

Is "Static Analysis" available for every flavor of Visual Studio i.e. Express, Professional etc.?

[Alexander Riccio]

Short answer: Yes.

[Alexander Riccio]

Yeah, so, Microsoft realized that Windows enjoys the reputation of the software running thereon, and did the smart thing: give everybody static analysis.

[Alexander Riccio]

It's really eye opening, although it DOES NOT seem to detect the (mistake) of calling PathAppend( pszPath, pszMore ) with a std::string/std::wstring as pszPath. That's a CERTAIN buffer overflow.

Indeed, I'm also doing a major refactor of Parameters.cpp/Parameters.h, and have seen about a million of those mistakes.

[Alexander Riccio]

Give me a few minutes while I tear my hair out, run around screaming, scare small children, kill puppies, and generally exude misery.