Why not initialize all variables to zero?

By: blaine (myname.delete@this.acm.org), March 27, 2020 1:23 pm
Room: Moderated Discussions
Doug S (foo.delete@this.bar.bar) on March 26, 2020 12:13 pm wrote:
> Its 2020 and exploits involving uninitialized variables are still very much a thing. Why in the
> world should that still be true, or more to the point why aren't we doing more about it?
>
> Is there any reason compilers shouldn't automatically zero all stack variables (as is already the case
> for global/extern/static variables) unless an explicit assignment was given in its declaration?
>
> In the past there may have been some reasonable objections about performance, but is that really an issue
> any longer? Any current compiler could easily remove most of the unnecessary zeroing instructions when
> it would detect the variable was assigned before use, so there would be few such assignments remaining.
> Unless you had a function with many large stack variables and/or was called many many times, the performance
> impact would be impossible to measure. For cases where it is, or for those who value absolute performance
> and trust their code the compiler would of course provide a switch to turn off this behavior.
>
> Now I don't claim this would completely cure the issue, as you can assign variables created via malloc, re-use
> variables without clearing them etc., but it would go a long way towards fixing the main source of uninitialized
> variables - which aren't a problem simply for exploits but also bugs and inconsistent behavior in general.
> How many man years of effort are wasted each year trying to track down such bugs, or worse trying and failing
> to do so? Personally I wouldn't mind a compiler changing malloc() calls into calloc() as part of a "--security-over-performance"
> switch that could make other similar "helpful" transforms.
>
> What good is it to gain additional performance from the hardware every year if you don't direct
> some of it as appropriate to address some of the actual software issues that plague us?


For floats NaN would be better. For addresses something to cause an overflow. Unfortunately on RISC machines there is no Not a (Pointer/Integer).

It is a trade-off between allowing bad code to run with a possibly correct value, or catching the error.
< Previous Post in ThreadNext Post in Thread >
TopicPosted ByDate
Why not initialize all variables to zero?Doug S2020/03/26 12:13 PM
  Most (all?) modern programming languages do this, right?Mark Roulo2020/03/26 04:44 PM
    Most (all?) modern programming languages do this, right?Konrad Scharz2020/03/27 01:09 AM
      Most (all?) modern programming languages do this, right?Gionatan Danti2020/03/27 03:13 AM
        Most (all?) modern programming languages do this, right?Foo_2020/03/27 03:45 AM
          Most (all?) modern programming languages do this, right?Gionatan Danti2020/03/27 09:19 AM
            Most (all?) modern programming languages do this, right?Foo_2020/03/28 02:32 AM
              Most (all?) modern programming languages do this, right?Montaray Jack2020/03/28 10:26 AM
      Most (all?) modern programming languages do this, right?Jeff S.2020/03/27 07:22 AM
        Most (all?) modern programming languages do this, right?anonymou52020/03/27 01:08 PM
  Why not initialize all variables to zero?Etienne2020/03/27 01:56 AM
    Why not initialize all variables to zero?NoSpammer2020/03/27 02:31 AM
  Why not initialize all variables to zero?Carlie Coats2020/03/27 06:17 AM
    Why not initialize all variables to zero?Jukka Larja2020/03/27 10:14 PM
      Why not initialize all variables to zero?Anon2020/03/28 12:01 AM
        Why not initialize all variables to zero?Jukka Larja2020/03/28 08:25 AM
          Why not initialize all variables to zero?Anon2020/03/28 11:20 AM
            Why not initialize all variables to zero?Jukka Larja2020/03/28 11:45 AM
              Why not initialize all variables to zero?Anon2020/03/28 01:21 PM
                Why not initialize all variables to zero?Jukka Larja2020/03/28 09:49 PM
    Why not initialize all variables to zero?Doug S2020/03/28 11:27 AM
      Why not initialize all variables to zero?Anon2020/03/28 01:24 PM
        Why not initialize all variables to zero?Carlie Coats2020/03/29 06:56 AM
  Why not initialize all variables to zero?Gabriele Svelto2020/03/27 06:52 AM
    Why not initialize all variables to zero?Foo_2020/03/28 02:34 AM
      Why not initialize all variables to zero?Linus Torvalds2020/03/28 09:40 AM
        Why not initialize all variables to zero?Doug S2020/03/28 11:21 AM
          Why not initialize all variables to zero?Linus Torvalds2020/03/28 01:01 PM
            Why not initialize all variables to zero?Etienne2020/04/02 01:14 AM
              Why not initialize all variables to zero?gallier22020/04/02 05:41 AM
              Why not initialize all variables to zero?Doug S2020/04/02 09:51 AM
        Why not initialize all variables to zero?Gabriele Svelto2020/03/28 01:46 PM
          Why not initialize all variables to zero?Linus Torvalds2020/03/28 04:28 PM
            Why not initialize all variables to zero?Anon32020/03/29 04:23 AM
            Why not initialize all variables to zero?Gabriele Svelto2020/03/29 12:28 PM
              Why not initialize all variables to zero?Anon32020/03/29 01:05 PM
                Why not initialize all variables to zero?Gabriele Svelto2020/03/30 12:52 AM
        Why not initialize all variables to zero?Carlie Coats2020/03/29 07:03 AM
        Why not initialize all variables to zero?gallier22020/03/29 11:48 PM
          Why not initialize all variables to zero?Michael S2020/03/30 02:24 AM
            Why not initialize all variables to zero?gallier22020/03/30 03:11 AM
        Why not discard variables after last use?2020/03/31 08:02 AM
          Makes no sense at allHeikki Kultala2020/03/31 01:01 PM
            An example (maybe)Mark Roulo2020/03/31 04:07 PM
              An example (maybe)Doug S2020/04/01 11:01 AM
                An example (maybe)Simon Farnsworth2020/04/02 02:21 AM
            Why not discard variables after last use?2020/04/02 12:41 PM
    Why not initialize all variables to zero?j2020/03/28 09:16 AM
    Why not initialize all variables to zero?Montaray Jack2020/03/28 11:42 AM
  Why not initialize all variables to zero?blaine2020/03/27 01:23 PM
    Why not initialize all variables to zero?James2020/03/28 03:18 AM
      Why not initialize all variables to zero?Anon32020/03/28 05:14 AM
      Why not initialize all variables to zero?Doug S2020/03/28 11:32 AM
        Why not initialize all variables to zero?Anon32020/03/28 11:45 AM
    Why not initialize all variables to zero?gallier22020/03/30 12:03 AM
  Why not initialize all variables to zero?gallier22020/03/29 11:32 PM
    Why not initialize all variables to zero?Michael S2020/03/30 02:30 AM
      Why not initialize all variables to zero?gallier22020/03/30 03:45 AM
Reply to this Topic
Name:
Email:
Topic:
Body: No Text
How do you spell purple?