797697 – Enable DEP and ASLR for the Windows build

Bug 797697 - Enable DEP and ASLR for the Windows build

Summary: Enable DEP and ASLR for the Windows build

Status:	RESOLVED FIXED

Alias:	None

Product:	Packaging
Classification:	Unclassified
Component:	Windows (show other bugs)
Version:	3.x
Hardware:	PC Windows

Importance:	Normal normal
Target Milestone:	---
Assignee:	windows
QA Contact:	windows

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2020-04-22 06:51 EDT by Andrew Savchenko
Modified:	2020-04-30 11:33 EDT (History)
CC List:	5 users (show)

See Also:

Attachments
GnuCash Windows process details (21.60 KB, image/png) 2020-04-22 06:51 EDT, Andrew Savchenko	no flags	Details
v3.902 (22.42 KB, image/png) 2020-04-30 08:06 EDT, Andrew Savchenko	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Description Andrew Savchenko 2020-04-22 06:51:56 EDT

Created attachment 373657 [details]
GnuCash Windows process details

Looking at how GnuCash is built for Debian:

> $ hardening-check /usr/bin/gnucash:
>  Position Independent Executable: yes
>  Stack protected: yes
>  Fortify Source functions: unknown, no protectable libc functions used
>  Read-only relocations: yes
>  Immediate binding: yes

However, inspecting the Windows version, it appears that both DEP and ASLR are disabled. Would it be possible to compile Windows version with something like:

> -Wl,--nxcompat,--dynamicbase,--export-all-symbols

Please see the screenshot attached. Thank you!

Comment 1 John Ralls 2020-04-22 14:40:30 EDT

OK. The actual syntax turned out to be " -Wl,--nxcompat -Wl,--dynamicbase"

Exporting symbols from an exe makes no sense so I left that one off.

> dumpbin /headers gnucash.exe
Microsoft (R) COFF/PE Dumper Version 14.22.27905.0
Copyright (C) Microsoft Corporation.  All rights reserved.


Dump of file gnucash.exe
...
FILE HEADER VALUES
             14C machine (x86)
              11 number of sections
        5EA08B33 time date stamp Wed Apr 22 11:21:39 2020
           82400 file pointer to symbol table
             A4B number of symbols
              E0 size of optional header
             106 characteristics
                   Executable
                   Line numbers stripped
                   32 bit word machine
...
             140 DLL characteristics
                   Dynamic base
                   NX compatible

Comment 2 Andrew Savchenko 2020-04-22 19:46:36 EDT

(In reply to John Ralls from comment #1)
> OK. The actual syntax turned out to be " -Wl,--nxcompat -Wl,--dynamicbase"
> 
> Exporting symbols from an exe makes no sense so I left that one off.

I you (have) manage(d) to build the GnuCash with these flags, would you be able to share the resulting *.exe? Happy to beta-test.

Comment 3 John Ralls 2020-04-22 19:56:49 EDT

I pushed a commit so it will be in tomorrow's Windows nightly and barring the extremely unlikely event that someone detects breakage before the weekend in the upcoming 3.901 beta release.

Comment 4 Andrew Savchenko 2020-04-30 08:06:32 EDT

Created attachment 373659 [details]
v3.902

I have checked the v3.902 (2020-04-27) and can confirm that DEP and ASLR are enabled. Image address is non-standard which strongly suggests that ASLR is operational. Thanks so much for making it (a)live :)

I have also noticed that Windows build is 32b. Is there a plan to compile x86_64? Amongst other things, would strengthen ASLR further: https://security.stackexchange.com/a/24831

Comment 5 John Ralls 2020-04-30 11:33:47 EDT

Since Microsoft Windows still supports 32-bit machines, so do we. We have no intention of providing multiple builds.

Note You need to log in before you can comment on or make changes to this bug.