/sdl (Enable Additional Security Checks)
Adds recommended Security Development Lifecycle (SDL) checks. These checks include extra security-relevant warnings as errors, and additional secure code-generation features.
/sdl enables a superset of the baseline security checks provided by /GS and overrides /GS-. By default, /sdl is off. /sdl- disables the additional security checks.
/sdl enables these warnings as errors:
|Warning enabled by /sdl||Equivalent command-line switch||Description|
|C4146||/we4146||A unary minus operator was applied to an unsigned type, resulting in an unsigned result.|
|C4308||/we4308||A negative integral constant converted to unsigned type, resulting in a possibly meaningless result.|
|C4533||/we4533||Code initializing a variable will not be executed.|
|C4700||/we4700||Use of an uninitialized local variable.|
|C4703||/we4703||Use of a potentially uninitialized local pointer variable.|
|C4789||/we4789||Buffer overrun when specific C run-time (CRT) functions are used.|
|C4995||/we4995||Use of a function marked with pragma deprecated.|
|C4996||/we4996||Use of a function marked as deprecated.|
When /sdl is enabled, the compiler generates code to perform these checks at run time:
Enables the strict mode of /GS run-time buffer overrun detection, equivalent to compiling with
#pragma strict_gs_check(push, on).
Performs limited pointer sanitization. In expressions that do not involve dereferences and in types that have no user-defined destructor, pointer references are set to a non-valid address after a call to
delete. This helps to prevent the reuse of stale pointer references.
Performs class member pointer initialization. Automatically initializes class members of pointer type to nullptr on object instantiation (before the constructor runs). This helps prevent the use of uninitialized pointers that the constructor does not explicitly initialize. The compiler-generated member pointer initialization is called as long as:
The object is not allocated using a custom (user defined)
The object is not allocated as part of an array (for example
The class is not managed or imported
The class has a user-defined default constructor.
To be initialized by the compiler-generated class initialization function, a member must be a pointer, and not a property or constant.
For more information, see Warnings, /sdl, and improving uninitialized variable detection.
To set this compiler option in the Visual Studio development environment
Open the project's Property Pages dialog box. For details, see Set C++ compiler and build properties in Visual Studio.
Select the C/C++ folder.
On the General page, select the option from the SDL checks drop-down list.
We'd love to hear your thoughts. Choose the type you'd like to provide:
Our feedback system is built on GitHub Issues. Read more on our blog.