What's the best way to check if C code has deprecated POSIX calls?

Question

I've been working on some older C code. I found out that there are quite some POSIX calls that are now outdated and marked deprecated in the manual pages.

What's the best way to check if there are still deprecated POSIX calls in your code? I'm thinking of either:

• special gcc warning options.
• some kind of lint tool detecting these calls.

Answer 1

Lint can find deprecated things (-deprecated flag).

Coverity finds this kind of issue routinely with c and c++ codebases.

Additionally, and perhaps more importantly, static analysis tools find a very much wider range of issues and bugs.

You can never have too much static code analysis. There is benefit from using several tools.

Answer 2

My first attempt would be a simple tool using grep (even though it may throw up false positives).

>> cd src_dir

>> cat deprecated_calls
printf
strcpy

>> for i in $(cat deprecated_calls) ; do
+>     grep -R $i .
+> done
binmath.c:printf ("   0 sum:[%s]\n",sum);
binmath.c:printf (" 100 sum:[%s]\n",sum);
binmath.c:printf (" 200 sum:[%s]\n",sum);
binmath.c:printf (" 300 sum:[%s]\n",sum);
qq.c:printf("%d %d %d\n",i,j,k);
xx.c:        fprintf (stderr, "Cannot open 'words.txt', error = %d\n", errno);
binmath.c:strcpy (buff, "0");
oldstuff/qq.c:printf("%d %d %d\n",i,j,k);

I doubt you need a full-blown parser-type tool for this.