Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All
Expand Minimize
Important This document may not represent best practices for current development, links to downloads and other resources may no longer be valid. Current recommended version can be found here.


Initializes the global security cookie.

void __security_init_cookie(void);

The global security cookie is used for buffer overrun protection in code compiled with /GS (Buffer Security Check) and in code that uses exception handling. Essentially, on entry to an overrun-protected function, the cookie is put on the stack, and on exit, the value on the stack is compared against the global cookie. Any difference between them indicates that a buffer overrun has occurred and results in immediate termination of the program.

Normally, __security_init_cookie is called by the CRT when it starts up. If you bypass CRT initialization (for example, by writing a DLL and specifying an entry-point with /ENTRY), then you must call __security_init_cookie yourself.

The call to __security_init_cookie must be made before any overrun-protected function is entered; otherwise a spurious buffer overrun will be detected. For more information, see C Run-Time Error R6035.

See the examples in C Run-Time Error R6035.


Required header



For more compatibility information, see Compatibility in the Introduction.

Not applicable. This function should only be called from native code, not managed.

Community Additions

© 2015 Microsoft