83

I am using Visual Studio 2013 Preview, although I'm sure I've seen it in earlier versions. When creating a new project using the wizard, I select C++, Win32 Console Application, and there is an option to enable Security Development Lifecycle Checks on my project. Could someone explain exactly what this option does to my code/project?

Subham Burnwal
  • 310
  • 2
  • 17
Neil Kirk
  • 21,327
  • 9
  • 53
  • 91

2 Answers2

73

The /sdl switch is described here. It turns some warnings into errors, which does not affect your code. Furthermore, it applies the /GS check more aggresively.

Don't expect too much from it. The Microsoft SDL is really a workaround for 1980's style C programming. Even it you use 20th century C++, you don't need it. E.g. operator+(std::string, std::string) is both safe and portable. Microsoft's SDL solution here in contrast is not portable, nor is it safe - the idea behind /GS is to find errors with C string handling at runtime and abort the program, limiting the consequences but not making it safe.

MSalters
  • 173,980
  • 10
  • 155
  • 350
  • Strings is not the only cause of memory errors. /sdl can help you identify use of unitialized variables, among other things. – Jørgen Fogh Mar 03 '16 at 15:12
  • @JørgenFogh: You're describing the C4700 warning, for which you don't need /sdl. It's a Level-1 warning; you need to turn off **all** warnings before C4700 disappears. If your developers are doing that, you've got problems which SDL won't solve either. – MSalters Mar 03 '16 at 15:24
  • I remember reading somewhere that the warnings become more detailed, because /sdl switches on a more detailed static analysis. I can't remember where I read it though. – Jørgen Fogh Mar 03 '16 at 16:06
  • If you find a source, feel free to add another answer. – MSalters Mar 03 '16 at 16:13
  • The MSDN article about the switch `/sdl` says it does modify how the code compile leading to runtime differences, the comment below is a copy and paste from MSDN. – Motomotes Nov 22 '16 at 18:06
  • 3
    Performs limited pointer sanitization. In expressions that do not involve dereferences and in types that have no user-defined destructor, pointer references are set to a non-valid address after a call to delete. This helps to prevent the reuse of stale pointer references. Performs class member initialization. Automatically initializes all class members to zero on object instantiation (before the constructor runs). This helps prevent the use of uninitialized data associated with class members that the constructor does not explicitly initialize. – Motomotes Nov 22 '16 at 18:06
  • 1
    @Motes: You should've written it as a separate answer. This is way more helpful than a (derisive) answer this comment is placed for. Additionally the link given there is bad. It [should be this](https://learn.microsoft.com/en-us/cpp/build/reference/sdl-enable-additional-security-checks). – ahmd0 May 09 '18 at 16:56
  • 2
    @ahmd0 I hate the way Microsoft obsoletes links on a regular basis. I had to go to https://web.archive.org/web/20150703000343/http://blogs.microsoft.com/cybertrust/2011/12/02/compiler-security-enhancements-in-visual-studio-11/ to see the link given in the answer. – Mark Ransom Dec 05 '18 at 16:49
3

The Microsoft Security Development Lifecycle is a software development process used and proposed by Microsoft to reduce software maintenance costs and increase reliability of software concerning software security related bugs.

These may helpful:

http://download.microsoft.com/download/B/5/A/B5A89F4C-D591-4AAB-BF45-D818D80527B6/SDLServices2011.pdf

http://msdn.microsoft.com/en-us/library/windows/desktop/84aed186-1d75-4366-8e61-8d258746bopq.aspx

Mohammad Izady
  • 427
  • 3
  • 11