After a year of development, GCC published the release of a free set of compilers GCC 14.1, the first significant issue in the new branch of GCC 14.X. In accordance with a new scheme numbering of issues, version 14.0 was used during the development process, and shortly before GCC 14.1, the branch was already branching GCC 15.0, on the basis of which the following significant release of GCC 15.1 will be formed.
The main changes:
- Significantly expanded capabilities for static analysis of code in the language of SI, available through the option “-fanalyzer”. The analysis of operations with lines and verification of the presence of the final string of the zero symbol has been enhanced. Added a new warning “-wanalyzer-infinite-loop” to identify endless cycles. Added a warning series “-Wanalyzer-Tainted-*” to identify problems with entry check. The possibilities of preventing “-wanalyzer-out-off-bounds” have been expanded to identify buffer overflowing, for example, the ability to display a diagram with visualization of the state leading to overflow.
- Added a new assembly option “–enable-host-pie” for assembling the executable compiler files in Pie (Position Independent Executable), as well as the “–enable-Host-Now” option to bind options “- Wl, -z, Now”.
- Added a new option “-fhardened” including security flags (-D_Fortify_Source = 3, -D_glibcxx_assertions, -FTRIVIAL-AUTO-VAR -INIT = Zero, -fpie -pie -wl, -z, redro, -z, Now, -fstack-protector-strong, -fstack-Clash-Protection, -FCF-propration = Full).
- Added the option to identify certain forms of indefinite behavior at the end of code functions which potentially lead to a violation of normal procedure flow as a result of exploits that change indicators stored in memory and transmit management between functions.
- Added a new attribute type “Hardbool” which allows you to reduce the values compared with the signs of True and False for the difficulty of some types of attacks.
- Added a new attribute of types Strub.
/Reports, release notes, official announcements.