Irene Díez
Posted in Articles
In the series Hardening binaries posts you have seen that many defenses are implanted in the compilers themselves, but how are they implemented? Taking the case of GCC, the GNU compiler collection, let’s explain the general GCC infrastructure and roughly how…
Although vulnerabilities caused by improper use of format strings may not seem like a theme of the last century, a small search in the CVE database shows us that these errors are still happening. The danger of format string is given…
Irene Díez
Posted in Articles
The indefinite behavior in C / C ++ is caused when there are no restrictions on the program behavior; which means, when the standard does not specify what the implementation should do, it is free to do what it seems,…
Irene Díez
Posted in Articles
In the previous post of this series we discussed how Google had included Asan in GCC to detect memory corruption errors. Virtual-Table Verification (VTV) is another option of GCC (> 4.9) developed by Google to try to prevent attacks that…
In previous posts we’ve talked about GCC options that make our executable safer , in this posts we present compilation options that generate reports, warning of errors in the code. AddressSanitizer (Asan) is an option for Clang (> = 3.1) and GCC (> =…
Irene Díez
Posted in Articles
Following the classic compilation options of GCC to try to have more robust binary, in this post we will discuss the options and -fPIE -fpie that allows to compile executable as “Position Independent Executables” and makes their sections to be loaded in random…
Our sandbox for packers
