We are using etl2pcapng.exe (currently the latest released version - 1.5.0) in a .NET Core project which we run daily code analysis on via an Azure build pipeline. One of the pipeline jobs involves running BinSkim on our files as part of security validation. The issue I am trying to fix with this PR is that we have been getting the following error in the BinSkim job:
\etl2pcapng.exe: error BA2008: 'etl2pcapng.exe' does not enable the control flow guard (CFG) mitigation. To resolve this issue, pass /guard:cf on both the compiler and linker command lines. Binaries also require the /DYNAMICBASE linker option in order to enable CFG.
/DYNAMICBASE is enabled by default, unlike /guard:cf, so I had to explicitly enable CFG. We were hoping that, if this PR goes through, you could produce a new official build with the CFG build flag enabled in order to resolve the error above.
We are using etl2pcapng.exe (currently the latest released version - 1.5.0) in a .NET Core project which we run daily code analysis on via an Azure build pipeline. One of the pipeline jobs involves running BinSkim on our files as part of security validation. The issue I am trying to fix with this PR is that we have been getting the following error in the BinSkim job: