46a58e80ca
I moved and closed the Java rule description because they do not plan to implement it, but it is nice to preserve the description for posterity.
18 lines
811 B
Plaintext
18 lines
811 B
Plaintext
|
|
Using garbage values will cause the program to behave
|
|
nondeterministically at runtime.
|
|
The program may produce a different output or crash depending on the run.
|
|
|
|
In some situations, loading a variable may expose a sensitive data,
|
|
such as a password that was previously stored in the same location,
|
|
leading to a vulnerability that uses such a defect
|
|
as a gadget for extracting information from the instance
|
|
of the program.
|
|
|
|
Finally, in {cpp}, outside of a few exceptions related to the uses of `unsigned char` or `std::byte`,
|
|
loading data from an uninitialized variable causes undefined behavior.
|
|
This means that the compiler is not bound by the language standard anymore,
|
|
and the program has no meaning assigned to it.
|
|
As a consequence,
|
|
the impact of such a defect is not limited to the use of garbage values.
|