Skip to content

AD3045: EnableStackVariableInitialization

Summary

Property Value
ID AD3045
Name EnableStackVariableInitialization
Category Security
Severity Note
Applies to ELF (Linux/Unix)

Description

Uninitialized stack variables are a common source of security vulnerabilities:

  • Information disclosure: Stack memory may contain sensitive data from previous function calls
  • Undefined behavior: Using uninitialized values leads to unpredictable program behavior
  • Exploitation: Attackers can manipulate uninitialized values to bypass security checks

The -ftrivial-auto-var-init compiler flag automatically initializes local variables, eliminating these vulnerabilities at the source.

Initialization Modes

Mode Flag Description
Zero -ftrivial-auto-var-init=zero Initialize all variables to zero (recommended for production)
Pattern -ftrivial-auto-var-init=pattern Initialize to a recognizable pattern (useful for debugging)

How to Fix

Clang (8+)

# Zero initialization (recommended)
clang -ftrivial-auto-var-init=zero -o binary source.c

# Pattern initialization (debugging)
clang -ftrivial-auto-var-init=pattern -o binary source.c

GCC (12+)

# Zero initialization
gcc -ftrivial-auto-var-init=zero -o binary source.c

# Pattern initialization
gcc -ftrivial-auto-var-init=pattern -o binary source.c

Performance Impact

The performance overhead is typically minimal: - Zero initialization: ~0.1-1% overhead in most applications - Pattern initialization: Similar overhead, but patterns are harder to compress

For performance-critical code paths, you can selectively disable initialization:

// Clang: Disable for specific variable
int buffer[1024] __attribute__((uninitialized));

// GCC: Use pragma
#pragma GCC uninitialized
int buffer[1024];

Security Benefits

  1. Eliminates uninitialized variable bugs - Entire class of vulnerabilities removed
  2. Deterministic behavior - Programs behave consistently across runs
  3. Defense in depth - Works alongside other mitigations like ASLR and stack canaries
  4. Kernel adoption - Linux kernel uses this feature (CONFIG_INIT_STACK_ALL_ZERO)

Applicability

This rule applies to: - All C/C++ binaries compiled with Clang 8+ or GCC 12+ - Both ELF and PE binaries with DWARF debug information

References