------- Comment #52 from kargl at gcc dot gnu dot org 2007-01-23 00:45 ------- (In reply to comment #51) > Sure, new security checks can be written in a compliant manner. > > But what plan do you suggest to find instances of non-compliant overflow > checking in the existing body? Think something like a whole Linux > distribution. Something in the order of 15000 packages. Dozens of millions of > lines of code. Any suggestion? >
How about http://scan.coverity.com/ -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=30475
