Package: src:gcc-mingw-w64
Version: 6.1.1-12+19.1
The Windows binaries generated by mingw are less secure to run on
Windows than they could have been, and less secure than the equivalent
binaries build by Microsoft Visual Studio. For example ASLR[1] and the
NX bit[2] usable for memory space protection[3]. These features are
enabled in the Microft Visual Studio compiler by default.
Please enable them in mingw by default too, to increase the security for
Windows binaries created on Debian.
To see the problem, compile a simple program and run 'pev -o' on it and
look for the 'DLL characteristics' line. If the value is 0x160 (64bit)
or 0x140 (32bit) these security features are enabled. To enable these
security features, each user of mingw can use the compiler flags
"-Wl,--dynamicbase -Wl,--nxcompat -Wl,--high-entropy-va", but practice
show that it is an uphill battle to fix all the source distributions.
Because of this, I suggest to change the default in mingw instead. I
noticed this when a Windows user showed up on #gnupg and complained
about the lack of security features enabled in the GPG binary provided
on Windows.
The issue can be demonstrated by using a very simple text program:
% cat x.c
int main(int argc, char *argv[])
{
return 0;
}
% x86_64-w64-mingw32-gcc-win32 x.c
% pev -o a.exe|grep DLL
DLL characteristics: 0 (0000000000000000)
% x86_64-w64-mingw32-gcc-win32 -Wl,--dynamicbase -Wl,--nxcompat
-Wl,--high-entropy-va x.c
% pev -o a.exe|grep DLL
DLL characteristics: 0x160 (0000000101100000)
%
[1] https://en.wikipedia.org/wiki/Address_space_layout_randomization
[2] https://en.wikipedia.org/wiki/NX_bit
[3] https://en.wikipedia.org/wiki/Executable_space_protection#Windows for DEP
--
Happy hacking
Petter Reinholdtsen
