GCC – S3lab http://s3lab.deusto.es S3lab Security Blog Wed, 06 May 2020 12:51:35 +0000 en-US hourly 1 https://wordpress.org/?v=5.1.5 How does a compiler work? http://s3lab.deusto.es/how-compiler-work/ Sat, 13 May 2017 18:28:39 +0000 http://s3lab.deusto.es/?p=9078 In the series Hardening  binaries posts you have seen that many defenses are implanted in the compilers themselves, but how are they implemented? Taking the case of GCC, the GNU compiler collection, let’s explain the general GCC infrastructure and roughly how

Read more ›

The post How does a compiler work? appeared first on S3lab.

]]> In the series Hardening  binaries posts you have seen that many defenses are implanted in the compilers themselves, but how are they implemented? Taking the case of GCC, the GNU compiler collection, let’s explain the general GCC infrastructure and roughly how a compiler works.

The post How does a compiler work? appeared first on S3lab.

]]> Hardening binaries (VI) – Format Strings http://s3lab.deusto.es/hardening-binaries-7/ Mon, 20 Mar 2017 14:05:25 +0000 http://s3lab.deusto.es/?p=8969 Although vulnerabilities caused by improper use of format strings may not seem like a theme of the last century, a small search in the CVE database shows us that these errors are still happening. The danger of format string is given

Read more ›

The post Hardening binaries (VI) – Format Strings appeared first on S3lab.

]]> Although vulnerabilities caused by improper use of format strings may not seem like a theme of the last century, a small search in the CVE database shows us that these errors are still happening. The danger of format string is given when an input is not correctly verified

The post Hardening binaries (VI) – Format Strings appeared first on S3lab.

]]> Hardening binaries (V) – UBSan http://s3lab.deusto.es/hardening-binaries-5/ Sat, 10 Dec 2016 12:26:02 +0000 http://s3lab.deusto.es/?p=8701 The indefinite behavior in C / C ++ is caused when there are no restrictions on the program behavior; which means, when the standard does not specify what the implementation should do, it is free to do what it seems,

Read more ›

The post Hardening binaries (V) – UBSan appeared first on S3lab.

]]> The indefinite behavior in C / C ++ is caused when there are no restrictions on the program behavior; which means, when the standard does not specify what the implementation should do, it is free to do what it seems, “When the compiler encounters [a certain indefinite construct] it is legal for it to cause demons to fly from one place to another. Your nose”.

The post Hardening binaries (V) – UBSan appeared first on S3lab.

]]> Hardening binaries (IV) – VTV http://s3lab.deusto.es/hardening-binaries-4/ Sat, 29 Oct 2016 09:22:51 +0000 http://s3lab.deusto.es/?p=8591 In the previous post of this series we discussed how Google had included Asan in GCC to detect memory corruption errors. Virtual-Table Verification (VTV) is another option of GCC (> 4.9) developed by Google to try to prevent attacks that

Read more ›

The post Hardening binaries (IV) – VTV appeared first on S3lab.

]]> In the previous post of this series we discussed how Google had included Asan in GCC to detect memory corruption errors. Virtual-Table Verification (VTV) is another option of GCC (> 4.9) developed by Google to try to prevent attacks that attempt to corrupt the vtable pointers. In C ++ polymorphism oriented paradigm is implemented through virtual tables objects, or vtables.

The post Hardening binaries (IV) – VTV appeared first on S3lab.

]]> Hardening binaries (III) – ASan http://s3lab.deusto.es/hardening-binaries-3/ Sat, 17 Sep 2016 14:11:58 +0000 http://s3lab.deusto.es/?p=8445 In previous posts we’ve talked about GCC options that make our executable safer , in this posts we present compilation options that generate reports, warning of errors in the code. AddressSanitizer (Asan) is an option for Clang (> = 3.1) and GCC (> =

Read more ›

The post Hardening binaries (III) – ASan appeared first on S3lab.

]]> In previous posts we’ve talked about GCC options that make our executable safer , in this posts we present compilation options that generate reports, warning of errors in the code. AddressSanitizer (Asan) is an option for Clang (> = 3.1) and GCC (> = 4.8) which detects memory corruption errors. Asan has been developed by Google and was presented at the conference in 2012. Asan Usenix ATC consists of two modules:

The post Hardening binaries (III) – ASan appeared first on S3lab.

]]> Hardening binaries (II) – PIE http://s3lab.deusto.es/hardening-binaries-2/ Tue, 28 Jun 2016 09:57:45 +0000 http://s3lab.deusto.es/?p=8305 Following the classic compilation options of GCC to try to have more robust binary, in this post we will discuss the options and -fPIE -fpie that allows to compile executable as “Position Independent Executables” and makes their sections to be loaded in random

Read more ›

The post Hardening binaries (II) – PIE appeared first on S3lab.

]]> Following the classic compilation options of GCC to try to have more robust binary, in this post we will discuss the options and -fPIE -fpie that allows to compile executable as “Position Independent Executables” and makes their sections to be loaded in random positions.

The post Hardening binaries (II) – PIE appeared first on S3lab.

]]>