Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

use ASLR on Windows #16514

Open
thestinger opened this issue Aug 15, 2014 · 6 comments
Open

use ASLR on Windows #16514

thestinger opened this issue Aug 15, 2014 · 6 comments

Comments

@thestinger
Copy link
Contributor

@thestinger thestinger commented Aug 15, 2014

This should be as simple as passing --dynamicbase to the linker for both libraries and executables. However, the necessary relocations are never generated by MinGW or MinGW-w64 for executables so nothing is actually randomized without also passing --export-all-symbols. The -pie switch is also broken and results in a messed up entry point, but it may not actually be required.

@thestinger thestinger changed the title use full ASLR on Windows use ASLR on Windows Aug 16, 2014
@thestinger thestinger self-assigned this Aug 19, 2014
bors added a commit that referenced this issue Aug 19, 2014
@bors bors closed this in #16588 Aug 19, 2014
mrmonday added a commit to mrmonday/rust that referenced this issue Aug 25, 2014
@postessive
Copy link

@postessive postessive commented Aug 27, 2014

Hi,

I found this issue while looking for an old reference, but I thought you might be interested in a possible fix. We needed --dynamic-base for Tor's hardening options and after some back and forth settled on a working binutils patch which is here (works for 2.24 and is being submitted upstream shortly):

https://gitweb.torproject.org/user/erinn/tor-browser-bundle.git/commitdiff/631b64262ea66f9529a2ef552734a88d7171a594

This patch has not been reviewed at all, since no one at Tor feels sufficiently capable. Hopefully the binutils folks will have something to say, but as language developers you might too. (edit: fix link to patch)

@thestinger
Copy link
Contributor Author

@thestinger thestinger commented Aug 28, 2014

@postessive: We ended up working around it for the time being by doing a dllexport of main in order to force it to output a relocation section, since the executable counts as a library. I would really like to have this fixed properly though so I'll look into it some more when I have time.

@thestinger
Copy link
Contributor Author

@thestinger thestinger commented Oct 1, 2014

Needs to be disabled again due to #17684.

@klutzy
Copy link
Contributor

@klutzy klutzy commented Feb 14, 2015

Note that recent binutils may have support for high entropy ASLR. (The patch was accepted last year. See #16593) It would be good to check if mingw-w64 would contain the patch when we re-enable ASLR.

@steveklabnik
Copy link
Member

@steveklabnik steveklabnik commented Mar 4, 2016

Triage: not sure if anything has changed here, but I don't think so.

@steveklabnik
Copy link
Member

@steveklabnik steveklabnik commented Sep 30, 2017

Triage: same as in 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

5 participants
You can’t perform that action at this time.