Share via


/sdl (Enable additional security checks)

Adds additional Security Development Lifecycle (SDL) recommended checks. These checks include enabling extra security-relevant warnings as errors and enabling additional secure code generation features.

/sdl[-]

Remarks

/sdl enables a superset of the baseline security checks provided by /GS and overrides /GS-. By default, /sdl is off. /sdl- disables the additional security checks.

Compile time checks

/sdl enables these warnings as errors:

Warning enabled by /sdl

Equivalent command-line switch

Description

C4146

/we4146

A unary minus operator was applied to an unsigned type, resulting in an unsigned result.

C4308

/we4308

A negative integral constant converted to unsigned type, resulting in a possibly meaningless result.

C4532

/we4532

Use of continue, break or goto keywords in a __finally/finally block has undefined behavior during abnormal termination.

C4533

/we4533

Code initializing a variable will not be executed.

C4700

/we4700

Use of an uninitialized local variable.

C4703

/we4703

Use of a potentially uninitialized local pointer variable.

C4789

/we4789

Buffer overrun when specific C run-time (CRT) functions are used.

C4995

/we4995

Use of a function marked with pragma deprecated.

C4996

/we4996

Use of a function marked as deprecated.

Runtime checks

When /sdl is enabled, the compiler generates code to perform these checks at runtime:

  • Enables the strict mode of /GS runtime buffer overrun detection, equivalent to compiling with #pragma strict_gs_check(push, on).

  • Performs limited pointer sanitization. In expressions not involving dereferences and in types that have no user-defined destructor, pointer references are set to a non-valid address after a call to delete. This helps to prevent the reuse of stale pointer references.

  • Performs class member initialization. Automatically initializes class members of pointer type to zero on object instantiation (before the constructor runs). This helps to prevent use of uninitialized data associated with class members that the constructor does not explicitly initialize.

Remarks

For more information, see Security Development Lifecycle Blog.

To set this compiler option in the Visual Studio development environment

  1. Open the project's Property Pages dialog box. For details, see How to: Open Project Property Pages.

  2. Select the C/C++ folder.

  3. On the General page, select the option from the SDL checks dropdown.

See Also

Reference

Compiler Options

Setting Compiler Options