Question 1

How to exclude specific functions from gcc-poison?

Accepted Answer

Define a macro for the function name before including gcc-poison.h, as shown in the README. For example, #define _unsafe_strcat strcat allows strcat through the macro while still poisoning direct use, forcing explicit acknowledgment.

Question 2

gcc-poison vs Clang-Tidy for security checks?

Accepted Answer

gcc-poison is simpler and compile-time only, blocking specific unsafe functions with zero overhead, while Clang-Tidy offers broader static analysis for various vulnerabilities but requires more setup and may have runtime analysis components.

Question 3

Does gcc-poison work with C++ projects?

Accepted Answer

Yes, it supports both C and C++ by poisoning function identifiers, but be cautious with C++ standard library functions that might have safe alternatives or different naming conventions.

Question 4

What unsafe functions does gcc-poison block by default?

Accepted Answer

It includes common dangerous C functions like strcpy, gets, and sprintf, but the exact list can be checked in the source code or the linked 2013 blog post for specifics.

Question 5

How to integrate gcc-poison into a Makefile build?

Accepted Answer

Add the header file to your include paths and ensure it's included in relevant source files; in a Makefile, use -I flags to specify the directory containing gcc-poison.h for compilation.

Question 6

Is gcc-poison still maintained or updated?

Accepted Answer

Based on the README, the primary documentation is a 2013 blog post with no recent updates mentioned, so it may lack support for newer compilers or functions, requiring manual verification.

gcc-poison

What is gcc-poison?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions