HP C/aC++ for PA-RISC Software manual Security Diagnostics

Page 5

"lock.c", line 12: warning #20223-D: Trying to unlock a lock held conditionally

+wperfadvice

This option enables performance advisory messages. It offers both integrity-specific and architecture-independent performance advice. The advice emitted is dependent on the optimization options used for compilation.

Example

$ cat large.c struct X{

int i;

int arr[1000]; } x;

int foo( struct X); int main() {

foo (x);

}

$ cc –c +wperfadvice large.c

"large.c", line 8: warning #4319-D: performance

advice: passing a

large (4004 bytes) parameter by value is inefficient, consider passing

by reference foo (x);

^

+w

Enable all warnings about potentially questionable constructs in the compiler. This includes warnings such as +wlint and +w64bit warnings. The number of warnings with this option may be up to 5-10 times more than those emitted with +wlint. Some examples of warnings enabled with +w option:

Variable is declared but never referenced

Comparison of unsigned integer with signed integer

Padding size of structure to alignment boundary

Argument is incompatible with corresponding format string conversion

+Oinfo

This option displays informational messages about the optimization process. It may be helpful in understanding what optimizations are occurring. These messages are not emitted with the +w option.

+Oinitcheck

This option enables warnings about local variables that may be used before they are defined. Many of the warnings generated with this option may be false positives.

Security Diagnostics

+wsecurity

This option enables compile time diagnostics for potential security vulnerabilities. Security flaws are not only very costly to fix, but also can lead to a potential loss of customers and reputation. Most developers are not trained to detect security vulnerabilities.

With the +wsecurity option, warnings are emitted for scenarios where untrusted (tainted) data may reach a critical reference point in the program. This is based on cross-module analysis performed by the compiler, which is much more powerful compared to simple scanning and parsing tools. The +wsecurity option implicitly enables a limited form of cross module analysis, even if -

5

Image 5
Contents Page What’s New Compile Time DiagnosticsIntroduction Example Page Security Diagnostics Example of unsafe loop exit condition Customization of Compiler Diagnostics Runtime Checking +Olit=none option Page Page Executable name.pid.threads Ch = intval & 0xff Execution Path Recovery Further information
Related manuals
Manual 230 pages 50.97 Kb