tags:

views:

91

answers:

4
+1  Q: 

Prevent committing code with svn if certain obsolete C/C++ functions are used

Is there a way to prevent developers from committing code when certain unsafe or obsolete functions are used? For example:

  • scanf
  • atoi
  • gets
  • etc..
+6  A: 

You could use a Subversion pre-commit hook. Example here: http://wordaligned.org/articles/a-subversion-pre-commit-hook

It shouldn't be too hard to write a few regular expressions to scan your commits for the functions you don't want

Manos Dilaverakis  2010-04-02 07:48:28
+1  A: 

Write a pre-commit hook which performs whatever checks you wish to enforce on the code. Info about pre-commit hooks.

crazyscot  2010-04-02 07:49:49
+8  A: 

A project I've worked uses a simple set of macros in a header that's included in every file (some compilers let you specify such a header on the command line, so you can force it's use in a makefile):

#define strcpy  strcpy_is_banned_use_strlcpy
#define strcat  strcat_is_banned_use_strlcat
#define strncpy strncpy_is_banned_use_strlcpy
#define strncat strncat_is_banned_use_strlcat
#define sprintf sprintf_is_banned_use_snprintf

With these macros, the build will fail if you try to use a banned function (and the linker will tell you what you should use instead).

So it doesn't get checked on commit, per se, but as long as your team members make sure things build before they check in, the system works. And if they don't, then everyone starts getting build break emails, which tends to quickly correct the behavior.

Simple, but effective.

Michael Burr  2010-04-02 07:51:57
+1 for a solution that doesn't depend on writing a C++ parser.
Bill  2010-04-02 16:37:07
+4  A: 

You can get part of the way using "svnlook changed" and then "svnlook cat" in a post-commit hook, and grep to check for the functions you're interested in.

That will give you some false positives, for example if the function is mentioned in a string or a comment. Depending on your circumstances (ie how many users you have, and how picky they are ;-), that may or may not be a problem for you. A more complete solution would have to parse the program text to find the functions that are called.

As an alternative, assuming (since you refer to them as obsolete functions) that you're using Visual Studio, you could change the warnings about these functions to errors in your project, so that the code doesn't even build if they are used.

Andy Mortimer  2010-04-02 07:53:50

related questions

Of Memory Management, Heap Corruption, and C++
How do I make a GUI?
Alpha blending sprites in Nintendo DS Homebrew
Thread safe lazy contruction of a singleton in C++
Interview Programming Questions - In house Exam
Link issues (VC6)
What are the barriers to understanding pointers and what can be done to overcome them?
Why are professors or schools picking Java over C++ to teach to students?
What is the best way to create a sparse array in C++
C/C++ library for reading MIDI signals from a USB MIDI device
How do you pack a visual studio c++ project for release?
How to set up unit testing for Visual Studio C++
How do I configure and communicate with a serial port?
Lightweight IDE for Linux
Mapping Stream data to data structures in C#
CPU throttling in C++
Asynchronous multi-direction server-client communication over the same open socket?
Exceptions in C++
Heap corruption under Win32; how to locate?
Build for Windows NT 4.0 using Visual Studio 2005?
C++: Should I use nested classes in this case?
BerkeleyDB Concurrency
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS