https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63479
Bug ID: 63479
Summary: Compiler flag to zero structure padding
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: enhancement
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: josh at joshtriplett dot org
Many memory disclosure vulnerabilities occur due to uninitialized structure
padding. For instance, if the kernel declares a structure, initializes its
fields, and copies the entire structure to userspace, it discloses the contents
of the padding to userspace.
To eliminate that source of memory disclosure vulnerabilities, GCC could have a
compiler option to always zero structure padding, either when initializing all
fields of the structure, or when doing structure assignment. In many cases,
this could be done very inexpensively, or even with no additional instructions
at all. For instance, given a struct like this:
struct foo {
char c;
uint64_t i;
};
On 64-bit x86, GCC typically generates four 64-bit mov instructions, into and
out of registers. GCC could instead generate a movzx and three mov
instructions.
