[Bug 1972043] Re: Please add -ftrivial-auto-var-init=zero to default build flags

[Alex Murray]

doko can you please provide more details on why you think this should be
done in dpkg instead of gcc (as we have done for almost all the other
hardening options)? As Kees says, adding it to gcc means not only does
this benefit Ubuntu archive packages, but also any software which is
built on a Ubuntu machine using gcc (ie snaps built by launchpad,
packages built on Github using Ubuntu as the CI backend etc) - which is
a great benefit IMO.

What advantages do you see in adding this to dpkg rather than gcc?

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to dpkg in Ubuntu.
https://bugs.launchpad.net/bugs/1972043

Title:
  Please add -ftrivial-auto-var-init=zero to default build flags

Status in dpkg package in Ubuntu:
  New
Status in gcc-12 package in Ubuntu:
  New
Status in dpkg source package in Kinetic:
  New
Status in gcc-12 source package in Kinetic:
  New

Bug description:
  Please add "-ftrivial-auto-var-init=zero" for GCC 12 (which is the
  first release of GCC to provide this flag).

  It goes well with the other important security flaw mitigation flags already enabled in Ubuntu for GCC:
  https://wiki.ubuntu.com/ToolChain/CompilerFlags

  While many variables are initialized (due to -Wuninitialized), there
  is a blind spot for variables passed by reference, padding, and cases
  where -Wuninitialized just fails to track it. Universally wiping the
  variables eliminates nearly the entire class of uninitialized stack
  variable use (https://cwe.mitre.org/data/definitions/457.html) with
  nearly no overhead (e.g. any duplicate assignments will already be
  squashed during dead store elimination, etc).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dpkg/+bug/1972043/+subscriptions