Irene Díez
Researcher de DT
Expertise: Operating systems, program analysis

How does a linker work? (III) – Types of symbols

After learning what information contains the symbol table in the previous post, we can now talk more about the attributes that a symbol can have and what role do they have in the resolution of symbols from the linker point

How does a linker work? (II) – The symbol table

In previous posts we talked about that the linkers are the ones in charge of combining different files of translatable object code in an executable. For this they had two fundamental tasks, the resolution of symbols and the transfer; in

How does a linker work? (I)

In the process of converting the code from a high level language to an executable that understands our system, the linkers have a role that often goes unnoticed, but that is important to know. When we want to convert a

Create an unreadable binary with these techniques

Whether for malicious purposes, such as the case of malware authors, for corporate purposes, or for other reasons, obfuscation techniques are used to protect a program by making compiled binary static analysis more costly. Obfuscation therefore consists of transforming a

How does a compiler work?

In the series Hardening  binaries posts you have seen that many defenses are implanted in the compilers themselves, but how are they implemented? Taking the case of GCC, the GNU compiler collection, let’s explain the general GCC infrastructure and roughly how

Hardening binaries (VI) – Format Strings

Although vulnerabilities caused by improper use of format strings may not seem like a theme of the last century, a small search in the CVE database shows us that these errors are still happening. The danger of format string is given

Hardening binaries (VI) – RELRO

In this post we are going to talk about two options that can happen to the linker to make certain sections of our executable more secure: -Wl, -z, relro, -z, now. When a program calls a function not defined in

Hardening binaries (V) – UBSan

The indefinite behavior in C / C ++ is caused when there are no restrictions on the program behavior; which means, when the standard does not specify what the implementation should do, it is free to do what it seems,

Hardening binaries (IV) – VTV

In the previous post of this series we discussed how Google had included Asan in GCC to detect memory corruption errors. Virtual-Table Verification (VTV) is another option of GCC (> 4.9) developed by Google to try to prevent attacks that

Hardening binaries (III) – ASan

In previous posts we’ve talked about GCC options that make our executable safer , in this posts we present compilation options that generate reports, warning of errors in the code. AddressSanitizer (Asan) is an option for Clang (> = 3.1) and GCC (> =


Our sandbox for packers