Skip to content

Commit 914c6cb

Browse files
thomasnymandavid-a-wheeler
thomasnyman
and
david-a-wheeler
committed
Add broader context on options affecting standardized behavior to "How should this guide be applied?"
Co-authored-by: David A. Wheeler <[email protected]> Signed-off-by: Thomas Nyman <[email protected]>
1 parent a667567 commit 914c6cb

File tree

1 file changed

+2
-0
lines changed

1 file changed

+2
-0
lines changed

docs/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -117,6 +117,8 @@ How you apply this guide depends on your circumstances:
117117

118118
Applications should work towards compiling warning-free. This takes time, but warnings indicate a potential problem. Once done, any new warning indicates a potential problem.
119119

120+
We encourage developers to always use the approach guaranteed by standards to do something, as long as it's supported by their build processes. For example, in C23 or C++, assigning `{}` to a union guarantees the clearing of a whole union including padding bits (except for static storage duration initialization). Assigning `{0}` to a union does not guarantee clearing the whole union (e.g., in GCC 14 and below, this cleared a union, but in GCC 15[^gcc-release-notes-15] it does not). Using the standards' approach greatly reduces the risk that using a different compiler or a different compiler version will cause problems. That said, there may be no mechanism in the standards to ensure a particular property, sometimes compilers don't implement the standard way, and developers sometimes make mistakes. Thus, using option flags in addition to working within the standards where practical can be a powerful combination.
121+
120122
### What does compiler options hardening not do?
121123

122124
Compiler options hardening is not a silver bullet; it is not sufficient to rely solely on security features and functions to achieve secure software. Security is an emergent property of the entire system that relies on building and integrating all parts properly. However, if properly used, secure compiler options will complement existing processes, such as static and dynamic analysis, secure coding practices, negative test suites, profiling tools, and most importantly: security hygiene as a part of a solid design and architecture.

0 commit comments

Comments
 (0)