[SOLVED] Finding client-side vulnerabilities at compile time with GCC

Gullible Jones · 05-15-2014, 09:12 AM

To what extent can GCC detect possibly vulnerable conditions when compiling C and C++ applications? And if I want to take full advantage of such capabilities, what GCC options should I use?

The obvious one is -Werror, but in particular I'm wondering what categories of extended warning options it should be used in combination with. e.g. a lot of stuff won't compile with -Wpedantic -Werror, because POSIX violates the "pedantic" rules.

Failing that, are there other tools for checking code for vulnerable conditions that GCC may miss, *before* said code is compiled? In particular, are there tools to help vet preprocessor macros?

Edit: please disregard, I just discovered splint and cppcheck.

Edit 2: though the above should probably be considered complementary rather than replacing compiler warnings. In any case, -Wall -Werror seems to catch a lot of stuff in most programs, and you can just exclude stuff with -Wno-[whatever] if you absolutely must.

padeen · 05-15-2014, 10:04 PM

And valgrind for checking compiled program's potential bugs.

ntubski · 05-15-2014, 11:30 PM

Quote:

Originally Posted by Gullible Jones

In any case, -Wall -Werror seems to catch a lot of stuff in most programs, and you can just exclude stuff with -Wno-[whatever] if you absolutely must.

FYI, -Wall doesn't enable all warnings, you might want -Wextra and since you are interested in vulnerabilities, -Wformat=2.

http://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html