airbus-seclab / c-compiler-security

Security-related flags and options for C compilers
https://airbus-seclab.github.io/c-compiler-security/
Creative Commons Attribution Share Alike 4.0 International
184 stars 16 forks source link

about "disable the warnings that have too much false positives" #7

Closed szennou closed 3 years ago

szennou commented 3 years ago

Strongly disagree with that statement: if you used early in the development phase (and not compiling the code with security flags just before going into production), the false positive rate should not be that high

trou commented 3 years ago

I was thinking about existing code bases, and some warnings are not fool proof and can have false positives (even if on well written code this should not be the case).

Maybe I could add a note about pragma to selectively disable some warnings in some specific functions ?