treesheets icon indicating copy to clipboard operation
treesheets copied to clipboard

Published 20 hours ago verified publisher icon aardappel

Build Treesheets with /DYNAMICBASE and /GUARD:CF

Open savchenko opened this issue 4 years ago • 4 comments

As treesheets is being built with VS2017, would you consider compiling it with:

Interestingly, current build reports /HIGHENTROPYVA enabled, but ASLR is off:

Get-PESecurity -File .\TreeSheets.exe

ARCH             : AMD64
DotNET           : False
ASLR             : False
DEP              : True
Authenticode     : False
StrongNaming     : N/A
SafeSEH          : N/A
ControlFlowGuard : False
HighentropyVA    : True

savchenko avatar May 18 '20 00:05 savchenko

/HIGHENTROPYVA was not intentional, this was inherited from the scripting language (https://github.com/aardappel/lobster) that is built into TreeSheets, that used that flag to achieve pointer compression. But since that feature won't be used in TreeSheets, this flag should definitely be off. So /DYNAMICBASE can be on.

As for this control flow guard, I don't think so. I don't like the idea of additional runtime code slowing things down, and TreeSheets has little to no function pointers (outside of vtables). TreeSheets also doesn't work with any code or data received over the internet.. I would say it is not exactly a security problem.

aardappel avatar May 18 '20 01:05 aardappel

Fair call. Looking forward towards the build with /DYNAMICBASE :)

savchenko avatar May 18 '20 02:05 savchenko

/DYNAMICBASE is now on, but I didn't find any explict reference to /HIGHENTROPYVA in the project: https://github.com/aardappel/treesheets/commit/21b5f1d689f833b2ee3a0ca2c3edbbaaed68b8e4

aardappel avatar May 18 '20 15:05 aardappel

Thank you. Maybe these days VisualStudio enables it for all x86_64 builds by default ; "must have" feature.

savchenko avatar May 18 '20 23:05 savchenko