gcc-poison

gcc-poison is a simple header file for developers to ban unsafe C/C++ functions from applications. It uses the #pragma GCC poison directive to define a number of identifiers (function names) as unsafe. Compilation will fail if these are present in your code.

Please see http://blog.leafsr.com/2013/12/gcc-poison.html for more information

http://leafsr.com

Example usage

#include <stdio.h>
#include <string.h>
#include "gcc-poison.h"

int main(int argc, char *argv[]) {
   char buf[10];
   strcpy(buf, argv[1]);
   return 0;
}

$ gcc -o 2 2.c
1.c: In function ‘main’:
1.c:8:2: error: attempt to use poisoned "strcpy"

Excluding specific functions from poisoning

As pointed out in the GCC documentation (http://gcc.gnu.org/onlinedocs/cpp/Pragmas.html), "If a poisoned identifier appears as part of the expansion of a macro which was defined before the identifier was poisoned, it will not cause an error. This lets you poison an identifier without worrying about system headers defining macros that use it."

Here is an example of how to use gcc-poison.h but continue to allow the usage of the 'strcat' function, via a macro:

#define _unsafe_strcat strcat
#include "gcc-poison.h"

int main(void)
{
    char x[512];
    /* this will raise an error */
    strcat((char *)&x, "lol");
    /* ... while this will NOT raise an error */
    _unsafe_strcat((char *)&x, "lol");
}

Note that you must define any such macros BEFORE you include gcc-poison.h. This can be a handy way to allow developers to continue to use certain functions for which libc has no safe alternative, while forcing them to acknowledge that they are doing so unsafely.

An implementation of memcpy for amd64 with clang/gcc

memcpy-amd64 A memcpy library for amd64 platforms. Parameters void memcpy_set/get_erms_threshold(size_t) (default 2048): threshold to use rep movsb

13 Feb 5, 2022

GCC/gcov code coverage data extraction from the actual embedded system, without requiring a file system, or an operating system, or standard C libraries.

100 Dec 23, 2022

Comments

how could I remove the warnings generated by include files.

I included string.h and poison.h to my sample program and it results in warning :

In file included from example.c:3:
./poison.h:12:21: warning: poisoning existing macro
#       pragma GCC poison strcpy wcscpy stpcpy wcpcpy
                          ^
./poison.h:12:35: warning: poisoning existing macro
#       pragma GCC poison strcpy wcscpy stpcpy wcpcpy
                                        ^
./poison.h:15:21: warning: poisoning existing macro
#       pragma GCC poison strcat wcscat
                          ^
./poison.h:17:21: warning: poisoning existing macro
#       pragma GCC poison sprintf vsprintf vfprintf
                          ^
./poison.h:17:29: warning: poisoning existing macro
#       pragma GCC poison sprintf vsprintf vfprintf
                                  ^
./poison.h:19:21: warning: poisoning existing macro
#       pragma GCC poison strncpy wcsncpy
                          ^
example.c:7:3: error: attempt to use a poisoned identifier
  strcpy(a,b);
  ^
6 warnings and 1 error generated.

how can I remove the warnings from the include files ?

opened by subh007 2