Linux Today: Linux News On Internet Time.

Making Code More Secure with gcc

Nov 19, 2019, 12:00 (0 Talkback[s])
(Other stories by Maxim Kartashev)

The Linux toolchain has many qualities of a program checker: the compiler can flag potential errors in the code, often at no additional cost to the user, the linker can help to find inconsistencies in inter-module calls and warn about the use of insecure and outdated interfaces, the run-time support libraries can do additional bookkeeping and help to locate accidental interface misuse. This post starts a short series, in which I am going to explore the capabilities of the GNU 7.3 toolchain in the area of secure programming. I'll focus on the power of the compiler as a static analyzer in this post.

Complete Story