Skip to content

Commit ee3056c

Browse files
thomasnymandavid-a-wheeler
thomasnyman
and
david-a-wheeler
committed
Add broader context on options affecting standardized behavior to "How should this guide be applied?"
Co-authored-by: David A. Wheeler <[email protected]> Signed-off-by: Thomas Nyman <[email protected]>
1 parent b74ca90 commit ee3056c

File tree

1 file changed

+2
-0
lines changed

1 file changed

+2
-0
lines changed

docs/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -119,6 +119,8 @@ How you apply this guide depends on your circumstances:
119119

120120
Applications should work towards compiling warning-free. This takes time, but warnings indicate a potential problem. Once done, any new warning indicates a potential problem.
121121

122+
We encourage developers to always use the approach guaranteed by standards to do something, as long as it's supported by their build processes. For example, in C23 or C++, assigning `{}` to a union guarantees the clearing of a whole union including padding bits (except for static storage duration initialization). Assigning `{0}` to a union does not guarantee clearing the whole union (e.g., in GCC 14 and below, this cleared a union, but in GCC 15[^gcc-release-notes-15] it does not). Using the standards' approach greatly reduces the risk that using a different compiler or a different compiler version will cause problems. That said, there may be no mechanism in the standards to ensure a particular property, sometimes compilers don't implement the standard way, and developers sometimes make mistakes. Thus, using option flags in addition to working within the standards where practical can be a powerful combination.
123+
122124
### What does compiler options hardening not do?
123125

124126
Compiler options hardening is not a silver bullet; it is not sufficient to rely solely on security features and functions to achieve secure software. Security is an emergent property of the entire system that relies on building and integrating all parts properly. However, if properly used, secure compiler options will complement existing processes, such as static and dynamic analysis, secure coding practices, negative test suites, profiling tools, and most importantly: security hygiene as a part of a solid design and architecture.

0 commit comments

Comments
 (0)