On Sat, Jan 31, 2004 at 07:12:01PM +0100, Florian Weimer wrote: > > This program will scan source files for code which uses > > variadic functions and warn of potential abuses it's a useful > > tool for those performing source code audits. > > How does this tool compare to the various -Wformat options in recent GCC > versions?
I believe this is more comprehensive as it knows about a lot of functions and can be given lists of new ones which gcc knows nothing about. However I've not used the -Wformat options extensively, and they are both aimed at a different market. pscan is aimed more at static analysis of source files whereas GCC can only be used to build the program. (Which may be difficult if the necessary development libraries are not installed, for example). Steve --- # Debian Security Audit Project http://www.steve.org.uk/Debian/
