As indicated in the title:
What is the purpose of SAL (source annotation language) and what is the difference between SAL 1 and SAL 2?
I understand the basics of use, and this serves to highlight the purpose of each of the variables passed to the function along with other things to analyze the static code, but how much difference does it do (ignoring the increased clarity of the parameter requirements for other programmers in the project)?
If I had the following prototype:
_Success_(return == 1)
int TestFunction( _In_ int* pTest, _Inopt_ char* pOptional );
It is assumed that the static analyzer will “tell” that the function will return 1 after a successful operation, that it pTestis a pointer that should not be nullptr, but pOptionala pointer that may or may not be nullptr. However, can a static analyzer get this information from the function definition itself? Moreover, what does he do with the information he receives, for example, with success criteria?
Also, why is there a difference between SAL 1 and SAL 2, why did Microsoft decide to change the way they named their macros (i.e., from __outto _Out_and __successto _Success_?)
, MSDN, - StackOverflow , , .
!