Proposed GCC 12 Security Option Would Auto Initialize Automatic Variables

An Oracle engineer has proposed introducing a new "-ftrivial-auto-var-init=" option for the GCC compiler that would allowing initializing automatic variables with either a pattern or zeroes in the name of security.

In trying to fight security issues stemming from uninitialized memory disclosure, the suggested -ftrivial-auto-var-init==zero would initialize automatic variables with zeroes unless the new "uninitialized" variable attribute was used on a particular variable for overriding the behavior.

Or there is the -ftrivial-auto-var-init=pattern option that would initialize automatic variables with patterns that would likely transform logic bugs into crashes. The pattern option can be useful for tracking down issues / making them more apparent.

With this patch suggested for GCC 12, the default behavior would remain that automatic variables are uninitialized. And as mentioned as new "uninitialized" attribute would be supported for excluding individual variables.

This is great for security but can incur additional run-time overhead, so if the patch is picked up we'll see how its adoption pans out moving forward. For now the proposed "-ftrivial-auto-var-init" option patch is residing on the GCC mailing list.