gcc-poison ：帮助开发人员禁止应用程序中的不安全的C/C++函数的简单的头文件

gcc-poison ：帮助开发人员禁止应用程序中的不安全的C/C++函数的简单的头文件

gcc-poison

gcc-poison is a simple header file for developers to ban unsafe C/C++ functions from applications. It uses the #pragma GCC poison directive to define a number of identifiers (function names) as unsafe. Compilation will fail if these are present in your code.

Please see http://blog.leafsr.com/2013/12/gcc-poison.html for more information

http://leafsr.com

Example usage

#include #include #include "gcc-poison.h"int main(int argc, char *argv[]) { char buf[10]; strcpy(buf, argv[1]); return 0;}$ gcc -o 2 2.c1.c: In function ‘main’:1.c:8:2: error: attempt to use poisoned "strcpy"

Excluding specific functions from poisoning

As pointed out in the GCC documentation (http://gcc.gnu.org/onlinedocs/cpp/Pragmas.html), "If a poisoned identifier appears as part of the expansion of a macro which was defined before the identifier was poisoned, it will not cause an error. This lets you poison an identifier without worrying about system headers defining macros that use it."

Here is an example of how to use gcc-poison.h but continue to allow the usage of the 'strcat' function, via a macro:

#define _unsafe_strcat strcat#include "gcc-poison.h"int main(void){ char x[512]; /* this will raise an error */ strcat((char *)&x, "lol"); /* ... while this will NOT raise an error */ _unsafe_strcat((char *)&x, "lol");}

Note that you must define any such macros BEFORE you include gcc-poison.h. This can be a handy way to allow developers to continue to use certain functions for which libc has no safe alternative, while forcing them to acknowledge that they are doing so unsafely.

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。