[cfe-users] App security and the __FILE__ macro
Rick Mann via cfe-users
cfe-users at lists.llvm.org
Fri Apr 13 13:22:17 PDT 2018
I'm using `strrchr("/" __FILE__, '/') + 1`. Should that also get resolved? I'm building now to see if this is even the reason the strings are popping up, but our build is long and complicated, so I'm not sure there's not some other source of the data.
> On Apr 12, 2018, at 23:36 , Duncan P. N. Exon Smith <dexonsmith at apple.com> wrote:
> `strrchr(__FILE__, '/')+1` should get resolved at compile-time whenever you have optimizations on.
>> On Apr 12, 2018, at 15:38, Rick Mann via cfe-users <cfe-users at lists.llvm.org> wrote:
>> The higher-ups decided we needed penetration testing of our app. One of their concerns was that if you run the macOS strings tool on our binary and grep for /Users, you get a ton of absolute paths for source files in the project. This is because (I think) we use the __FILE__ macro as part of our logging, to log file:line information. I find this info a boon, and we log that even in release builds to help track down issues reported by customers. At run time, we trim off all of the path except for the filename and extension.
>> It would be great if there were a __FILENAME__ macro that did this for me. Is there any such thing?
>> Rick Mann
>> rmann at latencyzero.com
>> cfe-users mailing list
>> cfe-users at lists.llvm.org
rmann at latencyzero.com
More information about the cfe-users