Compiler settings to harden C++ code
In the pursuit of robust and secure C++ code, configuring compiler settings plays a pivotal role. Compiler flags and options can significantly enhance code quality by enabling stricter error checking, warnings, and security features. This section focuses on recommended settings for three major compilers in the C++ ecosystem: the GNU Compiler Collection (GCC), Clang, and Microsoft Visual C++ (MSVC). These settings are particularly valuable in a static analysis context as they enable the detection of potential issues at compile time.
GCC
GCC is known for its extensive set of options that can help harden C++ code. Key flags include the following:
-Wall -Wextra: Enables most warning messages, catching potential issues such as uninitialized variables, unused parameters, and more-Werror: Treats all warnings as errors, forcing them to be addressed-Wshadow: Warns whenever a local variable shadows another variable, which can lead...
