code-analysis

问题 I found this code injected in a number of PHP files on a client's site. Of course the original had been obfuscated and encoded. I've managed to decode it and format it to the current form. My question is: What exactly is it accomplishing and does the code suggest how it was injected and therefore shedding light on how to prevent this in future? <?php if(!function_exists('check_wp_head_load')){ function check_wp_head_load(){ if(!function_exists('cc')){ function cc($ll_0){ $ll_1 = "Mozilla/4.0

问题 public class MultiSomething { } //CA1704:IdentifiersShouldBeSpelledCorrectly When I run Code Analysis, I get an error because the Microsoft does not recognize the word 'Multi' (go figure they use it in IMultiValueConverter ). So, what I did to correct this was to add a CodeAnalysisDictionary.xml file and followed the steps supplied here. However, it doesn't seem to solve the situation, I still get a Code Analysis warning message. To ensure that this isn't a bug with the recognized words

问题 I'm writing a code analyzer with Roslyn, and I need to check if an ExpressionSyntax is of type Task or Task<T> . So far I have this: private static bool IsTask(ExpressionSyntax expression, SyntaxNodeAnalysisContext context) { var type = context.SemanticModel.GetTypeInfo(expression).Type; if (type == null) return false; if (type.Equals(context.SemanticModel.Compilation.GetTypeByMetadataName("System.Threading.Tasks.Task"))) return true; if (type.Equals(context.SemanticModel.Compilation

问题 For static code analysis tools, it is necessary to know all effective source paths for a given Delphi project, which are defined on project level and in the global IDE configuration. Is there a Delphi library which can collect this kind of project information? As far as I know, the registry settings for the Delphi IDE can be in different places, to support multiple configurations. But for a given combination of the IDE registry location and a project file, it should be possible to collect the

问题 We have this code, sortof: private void InitializeEvents() { this.Event1 += (s,e) => { }; this.Event2 += (s,e) => { }; this.Event3 += (s,e) => { }; this.Event4 += (s,e) => { }; this.Event5 += (s,e) => { }; this.Event6 += (s,e) => { }; this.Event7 += (s,e) => { }; this.Event8 += (s,e) => { }; this.Event9 += (s,e) => { }; this.Event10 += (s,e) => { }; this.Event11 += (s,e) => { }; this.Event12 += (s,e) => { }; this.Event13 += (s,e) => { }; } Code analysis in VS10 Ultimate says "cyclomatic

问题 FxCop (tool for static code analysis) gives me an error while checking code behind of .edmx model. How to prevent FxCop from analyzing auto-generated code (or at least Entity Framework generated classes)? 回答1: I have moved to Visual Studio Code Analysis, as it gives me the same functionality as FxCop. From FxCop blog: "That's correct, they are different products (FxCop and VS Code Analysys), however they do have a common engine. Visual Studio 2008 SP1 already comes with the same fixes and

问题 Does JSLint, JSHint, or some other open-source static code analysis tool support adding custom rules for code compliance, or are there some ECMAScript compliant parsers that I can use to get the results as close as possible to the ones seen in the snippet below? For example, I’d like to look into JavaScript code and list what functions are called, if it calls a library (or APIs provided by smartphones for HTML5 widgets) to register all that fall under the namespaces of that API, to make a

问题 I'm trying to solve a recurrence T(n) = T(n/8) + T(n/2) + T(n/4) . I thought it would be a good idea to first try a recurrence tree method, and then use that as my guess for substitution method. For the tree, since no work is being done at the non-leaves levels, I thought we could just ignore that, so I tried to come up with an upper bound on the # of leaves since that's the only thing that's relevant here. I considered the height of the tree taking the longest path through T(n/2) , which

问题 Is there a quick way to find all the commented-out code across Java files in Eclipse? Any option in Search, perhaps, or any add-on that can do this? It should be able to find only code which is commented out, but not ordinary comments. 回答1: Sonar can do it: http://www.sonarsource.org/commented-out-code-eradication-with-sonar/ 回答2: In Eclipse, I just do a file search with the regular expression checkbox turned on: (/\*.*;.*\*/)|(//.*;) It will find semicolons in // These; and /* these; */

问题 Are there any lint tools available for actionscript? One source would be ideal, but anything is welcome. My team is starting to adopt more a more rigorous style guide (where "more rigorous" means "existant"), and I think a linter would help us all adhere more easily to the style rules we've agreed on. I'm not above writing my own, but I'd like to see what else is out there first. A quick search on Google reveals nothing (at least so far). 回答1: If you're dealing with Flex, take a look at