Closed Speciesx closed 2 years ago
I'll see what I can do.
That would be nice, indeed.
@jbkempf , I believe this was implemented long time ago:
Get-PESecurity -File .\vlc.exe
ARCH : AMD64
DotNET : False
ASLR : True
DEP : True
Authenticode : True
StrongNaming : N/A
SafeSEH : N/A
ControlFlowGuard : False
HighentropyVA : True
Thanks for your work on VLC!
@jbkempf , I believe this was implemented long time ago:
I'm an idiot, I tested after commenting. Sorry...
Thanks for your work on VLC!
Thanks. I need to look at CFG, now.
@jbkempf , looks you are building for Windows with GCC/MinGW. While there is CFI for clang
, I am not aware of any gcc
alternative(s).
On the slightly relevant note, you might consider -fstack-protector-strong
and -fstack-clash-protection
.
@jbkempf , looks you are building for Windows with GCC/MinGW. While there is CFI for
clang
, I am not aware of anygcc
alternative(s). I will have a look at that. But how will this project detect it?On the slightly relevant note, you might consider
-fstack-protector-strong
and-fstack-clash-protection
.
https://github.com/videolan/vlc/blob/master/configure.ac#L1236 does it already.
Do you think we should do fstack-clash-protection
too ?
@jbkempf , if memory serves me well teams of Fedora / Ubuntu enable it for userland by default, so... I don't immediately see why not, at least for a Beta.
Also, reading through the GCC instrumentation options, there is -fcf-protection
which looks suspiciously similar to CFI
and /GUARD:CF
.
Further search returned an interesting discussion at HN which can be summarised as following:
-D_FORTIFY_SOURCE=2 glibc hardening
-Wp,-D_GLIBCXX_ASSERTIONS glibc++ hardening
-fstack-protector-strong stack smash protection
-fstack-clash-protection stack clash protection
-fPIE -pie better ASLR protection
-Wl,-z,noexecstack don't allow code on stack
-Wl,-z,relro ELF hardening
-Wl,-z,now ELF hardening
-fcf-protection=full ROP protection
@jbkempf , if memory serves me well teams of Fedora / Ubuntu enable it for userland by default, so... I don't immediately see why not, at least for a Beta.
Also, reading through the GCC instrumentation options, there is
-fcf-protection
which looks suspiciously similar toCFI
and/GUARD:CF
.Further search returned an interesting discussion at HN which can be summarised as following:
-D_FORTIFY_SOURCE=2 glibc hardening -Wp,-D_GLIBCXX_ASSERTIONS glibc++ hardening -fstack-protector-strong stack smash protection -fstack-clash-protection stack clash protection -fPIE -pie better ASLR protection -Wl,-z,noexecstack don't allow code on stack -Wl,-z,relro ELF hardening -Wl,-z,now ELF hardening -fcf-protection=full ROP protection
Most of those don't apply to Windows, tbh :D
It would be nice if ASLR High Entropy would be also tested.