[torquedev] Useful GCC flags for security/error catching
simont at mail.muni.cz
Wed Jul 22 02:47:14 MDT 2009
> The Ubuntu Wiki has a useful page on GCC flags that
> are used by default to build there packages. These
> are of interest as they relate to catching things
> like smashing the stack and unchecked return values,
> FWIW 2.3.7 compiles cleanly when adding:
> -fstack-protector -Wformat -Wformat-security -DFORTIFY_SOURCE=2
> to the standard CFLAGS (which is nice!).
Personally I prefer using Splint (it is capable of finding very deep bugs).
It is a bit hard to setup (because it will usually find thousands of
bugs on the first run), but has very neat features (like tagging
variables as I/O, not NULL, etc...).
Mgr. Simon Toth
160 00 Praha 6
More information about the torquedev