[
  {
    "path": "README.md",
    "content": "gcc-poison\n==========\n\ngcc-poison is a simple header file for developers to ban unsafe C/C++ functions from applications. It uses the #pragma GCC poison directive to define a number of identifiers (function names) as unsafe. Compilation will fail if these are present in your code.\n\nPlease see [http://blog.leafsr.com/2013/12/gcc-poison.html](http://blog.leafsr.com/2013/12/gcc-poison.html) for more information\n\nhttp://leafsr.com\n\nExample usage\n=============\n\n    #include <stdio.h>\n    #include <string.h>\n    #include \"gcc-poison.h\"\n    \n    int main(int argc, char *argv[]) {\n       char buf[10];\n       strcpy(buf, argv[1]);\n       return 0;\n    }\n    \n    $ gcc -o 2 2.c\n    1.c: In function ‘main’:\n    1.c:8:2: error: attempt to use poisoned \"strcpy\"\n    \nExcluding specific functions from poisoning\n===========================================\n\nAs pointed out in the GCC documentation (http://gcc.gnu.org/onlinedocs/cpp/Pragmas.html), \"If a poisoned identifier appears as part of the expansion of a macro which was defined before the identifier was poisoned, it will not cause an error. This lets you poison an identifier without worrying about system headers defining macros that use it.\"\n\nHere is an example of how to use gcc-poison.h but continue to allow the usage of the 'strcat' function, via a macro:\n\n    #define _unsafe_strcat strcat\n    #include \"gcc-poison.h\"\n    \n    int main(void)\n    {\n        char x[512];\n        /* this will raise an error */\n        strcat((char *)&x, \"lol\");\n        /* ... while this will NOT raise an error */\n        _unsafe_strcat((char *)&x, \"lol\");\n    }\n\nNote that you must define any such macros BEFORE you include gcc-poison.h. This can be a handy way to allow developers to continue to use certain functions for which libc has no safe alternative, while forcing them to acknowledge that they are doing so unsafely.\n"
  },
  {
    "path": "poison.h",
    "content": "/* Copyright 2013 - Leaf Security Research\nhttp://leafsr.com\n\npoison.h - A C header file for poisoning unsafe C/C++\nfunctions. This is far from complete, you will need to\nadd your own in-house deprecated and insecure APIs for\nit to be very effective */\n\n#ifdef __GNUC__\n\n/* String handling functions */\n#\tpragma GCC poison strcpy wcscpy stpcpy wcpcpy\n#\tpragma GCC poison scanf sscanf vscanf fwscanf swscanf wscanf\n#\tpragma GCC poison gets puts\n#\tpragma GCC poison strcat wcscat\n#\tpragma GCC poison wcrtomb wctob\n#\tpragma GCC poison sprintf vsprintf vfprintf\n#\tpragma GCC poison asprintf vasprintf\n#\tpragma GCC poison strncpy wcsncpy\n#\tpragma GCC poison strtok wcstok\n#\tpragma GCC poison strdupa strndupa\n\n/* Signal related */\n#\tpragma GCC poison longjmp siglongjmp\n#\tpragma GCC poison setjmp sigsetjmp\n\n/* Memory allocation */\n#\tpragma GCC poison alloca\n#\tpragma GCC poison mallopt\n\n/* File API's */\n#\tpragma GCC poison remove\n#\tpragma GCC poison mktemp tmpnam tempnam\n#\tpragma GCC poison getwd\n\n/* Misc */\n#\tpragma GCC poison getlogin getpass cuserid\n#\tpragma GCC poison rexec rexec_af\n\n/* Your custom insecure APIs here */\n//#\tpragma GCC poison iEatLargeStrings\n\n#endif\n"
  }
]