AD2048: PeEnableStackVariableInitialization¶

Summary¶

Description¶

Uninitialized stack variables can leak sensitive information from previous function calls or contain values that lead to undefined behavior. The -ftrivial-auto-var-init flag automatically initializes local variables to zero or a pattern, eliminating this class of vulnerabilities.

This rule specifically checks PE binaries (Windows executables and DLLs) built with Clang/MinGW that contain DWARF debug information.

Initialization Modes¶

How to Fix¶

When building Windows binaries with Clang/MinGW, add the -ftrivial-auto-var-init=zero flag:

# Clang
clang -target x86_64-pc-windows-msvc -ftrivial-auto-var-init=zero -o binary.exe source.c

# MinGW
x86_64-w64-mingw32-gcc -ftrivial-auto-var-init=zero -o binary.exe source.c

MSVC Alternative¶

For binaries built with MSVC, similar functionality is provided by the /sdl flag which enables additional security checks including some uninitialized variable detection:

cl /sdl source.c

However, MSVC does not have an exact equivalent to -ftrivial-auto-var-init. Consider using static analysis tools like SAL annotations or /analyze for comprehensive uninitialized variable detection in MSVC builds.

Performance Impact¶

The performance overhead is typically minimal (0.1-1%). For performance-critical sections:

// Disable initialization for specific variable
int buffer[1024] __attribute__((uninitialized));

Applicability¶

This rule applies to: - PE binaries (.exe, .dll) built with Clang or GCC/MinGW - Binaries containing DWARF debug information

This rule does not apply to: - Binaries built with MSVC (no direct equivalent flag) - Binaries without DWARF debug information

References¶

• Clang -ftrivial-auto-var-init
• GCC -ftrivial-auto-var-init
• Microsoft SDL /sdl Flag

Related Rules¶

• AD3045: EnableStackVariableInitialization - ELF version of this rule
• AD2026: EnableMicrosoftCompilerSdlSwitch - MSVC /sdl flag
• AD2011: EnableStackProtection - Stack buffer overflow protection