gwcheck

Check .gnu.warning.* sections in ELF object files
Log | Files | Refs | README | LICENSE

README.md (2310B)


      1 # gwcheck
      2 
      3 ## Description
      4 
      5 gwcheck is a tool to check `.gnu.warning.*` sections in **ELF object
      6 files** and display their content.
      7 
      8 For an introduction to .gnu.warning.* sections, please refer to this
      9 [article][1].
     10 
     11 Support for emitting linker warnings when using a symbol for which a
     12 .gnu.warning.symbol section exists is implemented in GNU linkers (ld
     13 and gold), but currently not in LLVM's LLD linker.
     14 
     15 C libraries using this mechanism:
     16 
     17 - FreeBSD libc
     18 - NetBSD libc
     19 - OpenBSD libc
     20 - DragonFlyBSD libc
     21 - GNU C Library (glibc)
     22 - Newlib C library
     23 - diet libc
     24 - uClibc
     25 
     26 ## Requirements
     27 
     28 gwcheck requires Python 3 and the following Python module:
     29 
     30 - pyelftools
     31 
     32 ## Usage
     33 
     34 	gwcheck [-hv] object
     35 
     36 The options are as follows:
     37 
     38 	-h	Display usage.
     39 	-v	Display version.
     40 
     41 ## Example
     42 
     43 Here is the output of running gwcheck on OpenBSD 7.0 libc:
     44 
     45 	$ gwcheck libc.so.96.1
     46 	.gnu.warning.strcpy:
     47 		strcpy() is almost always misused, please use strlcpy()
     48 	.gnu.warning.stpcpy:
     49 		stpcpy() is dangerous; do not use it
     50 	.gnu.warning.wcscat:
     51 		wcscat() is almost always misused, please use wcslcat()
     52 	.gnu.warning.sprintf:
     53 		sprintf() is often misused, please use snprintf()
     54 	.gnu.warning.tempnam:
     55 		tempnam() possibly used unsafely; consider using mkstemp()
     56 	.gnu.warning.vsprintf:
     57 		vsprintf() is often misused, please use vsnprintf()
     58 	.gnu.warning.mktemp:
     59 		mktemp() possibly used unsafely; consider using mkstemp()
     60 	.gnu.warning.strcat:
     61 		strcat() is almost always misused, please use strlcat()
     62 	.gnu.warning.wcscpy:
     63 		wcscpy() is almost always misused, please use wcslcpy()
     64 	.gnu.warning.rand_r:
     65 		rand_r() is not random, it is deterministic.
     66 	.gnu.warning.rand:
     67 		rand() may return deterministic values, is that what you want?
     68 	.gnu.warning.getwd:
     69 		getwd() possibly used unsafely; consider using getcwd()
     70 	.gnu.warning.random:
     71 		random() may return deterministic values, is that what you want?
     72 	.gnu.warning.tmpnam:
     73 		tmpnam() possibly used unsafely; consider using mkstemp()
     74 
     75 Check the `examples` directory for gwcheck output on several other C
     76 libraries.
     77 
     78 ## License
     79 
     80 gwcheck is released under the BSD 2-Clause license. See `LICENSE` file for
     81 details.
     82 
     83 ## Author
     84 
     85 gwcheck is developed by Frederic Cambus.
     86 
     87 - Site: https://www.cambus.net
     88 
     89 [1]: https://ninjalj.blogspot.com/2011/11/your-own-linker-warnings-using-gnu.html