{"id":27927,"date":"2021-05-06T15:00:15","date_gmt":"2021-05-06T15:00:15","guid":{"rendered":"https:\/\/devblogs.microsoft.com\/cppblog\/?p=27927"},"modified":"2022-04-25T16:25:21","modified_gmt":"2022-04-25T16:25:21","slug":"ignoring-automatic-initialization-for-code-analysis","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/cppblog\/ignoring-automatic-initialization-for-code-analysis\/","title":{"rendered":"Ignoring Automatic Initialization for Code Analysis"},"content":{"rendered":"

Reading uninitialized memory is one of the major sources of security vulnerabilities in C and C++ programs. Microsoft developed many tools to find such errors including compiler warnings, static analysis checks, and more recently: code instrumentation.\u00a0\u00a0For a more detailed overview of uninitialized memory related vulnerabilities and mitigations please refer to Microsoft Security Response Center\u2019s great blog post<\/a><\/span>. This blog post summarizes the potential interactions between code analysis and code instrumentation and improvements we’ve made in Visual Studio 2019 version 16.9.1.<\/span>\u00a0<\/span><\/p>\n

When we turn on the automatic initialization features of MSVC it will initialize certain constructs on the stack with a pattern. This solution can help mitigate the risks of reading uninitialized memory. However, to keep the performance costs of this mitigation minimal, the compiler will not initialize everything. It is a best effort method that tries to hit a good balance in mitigating security risks and avoiding noticeable performance regressions. Moreover, this is a non-standard feature that might not be available (or might behave differently) in other compilers, or in other versions of the same compiler. As a result, users should never rely on such an instrumentation. The proper fix is to explicitly initialize memory in the source code and only use instrumentation as a mitigation for any error that slipped through the code reviews, static analysis or any other tools of the QA process.<\/span>\u00a0<\/span><\/p>\n

As a result, we want the compiler to warn on the following code regardless of the\u00a0options used to compile the code:<\/span>\u00a0<\/span><\/p>\n

void\u00a0g(int);\u00a0\r\nvoid\u00a0f() {\u00a0\r\n\u00a0\u00a0\u00a0 int\u00a0l;\u00a0\r\n\u00a0\u00a0\u00a0 g(l); \/\/ Warning C6001 expected regardless of the\u00a0build\u00a0configuration.\u00a0\r\n}<\/pre>\n
Starting from Visual Studio 2019 version 16.9.1, and 16.10 Preview 2 we ensured that the code analysis always sees the code as written as opposed to the instrumented version.\u00a0 This behavior is in line with other toolchains and encourages developers to not rely on the automatic initialization feature.<\/span><\/p>\n
Download\u00a0the latest\u00a0Visual Studio 2019 Preview<\/a>\u00a0today and give it a try. We\u2019d love to hear from you to help us prioritize and build the right features for you. We can be reached via the comments below,\u00a0Developer Community<\/a>, and Twitter (@VisualC<\/a>). The best way to file a bug or suggest a feature is via Developer Community.<\/p>\n","protected":false},"excerpt":{"rendered":"
Reading uninitialized memory is one of the major sources of security vulnerabilities in C and C++ programs. Microsoft developed many tools to find such errors including compiler warnings, static analysis checks, and more recently: code instrumentation.\u00a0\u00a0For a more detailed overview of uninitialized memory related vulnerabilities and mitigations please refer to Microsoft Security Response Center\u2019s great […]<\/p>\n","protected":false},"author":89854,"featured_media":35994,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-27927","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cplusplus"],"acf":[],"blog_post_summary":"
Reading uninitialized memory is one of the major sources of security vulnerabilities in C and C++ programs. Microsoft developed many tools to find such errors including compiler warnings, static analysis checks, and more recently: code instrumentation.\u00a0\u00a0For a more detailed overview of uninitialized memory related vulnerabilities and mitigations please refer to Microsoft Security Response Center\u2019s great […]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/posts\/27927","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/users\/89854"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/comments?post=27927"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/posts\/27927\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/media\/35994"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/media?parent=27927"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/categories?post=27927"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/tags?post=27927"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}