hi all, i've been wondering if we build everything we ship on Windows with the recommended compiler flags to mitigate security issues:
https://docs.microsoft.com/en-us/cpp/security/security-best-practices-for-cpp there's a tool named BinScope which can check the DLLs and executables: https://www.microsoft.com/en-us/download/details.aspx?id=44995 on current master, this mainly complained about missing PDB files, which it requires to do anything, so i've tweaked some externals to generate all needed PDBs, at least in an --enable-dbgutil build; presumably a lot will be missing in a release build currently. there were a handful of real issues where mitigations were not enabled, patches for which are in gerrit for libreoffice-6-0. the remaining complaints from BinScope seem minor and not worth fixing: * jpeg-turbo (which is linked statically into 3 things) BinScope complains about missing symbols in the NASM objects, no idea what can be done about that, NASM can only generate "Borland" debuginfo for Windows .obj files... * ICU data library this doesn't contain any code which makes BinScope generally unhappy * unowinreg forgot what it complained about here * MSVC runtime DLLs, funnily * some even more ignorable stuff the BinScope tool is a command line tool that could conceivably be integrated into the build as a CustomTarget so that we don't regress in this area by checking against a whitelist, if anybody wants to volunteer for that. the main thing that's still missing is that we don't use "Control Flow Guard", which is apparently new in MSVC 2015 and which BinScope doesn't check for. https://docs.microsoft.com/en-us/cpp/build/reference/guard-enable-control-flow-guard _______________________________________________ LibreOffice mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/libreoffice
