Enable ASLR and permanent DEP for Windows executables

Fix for #2358
This commit is contained in:
John Brooks 2011-01-06 22:08:27 -07:00 committed by Nick Mathewson
parent e94ee583d6
commit 895409011f
2 changed files with 27 additions and 0 deletions

View File

@ -848,6 +848,20 @@ AC_SUBST(BINDIR)
LOCALSTATEDIR=`eval echo $localstatedir`
AC_SUBST(LOCALSTATEDIR)
if test "$bwin32" = true; then
# Test if the linker supports the --nxcompat and --dynamicbase options
# for Windows
save_LDFLAGS="$LDFLAGS"
LDFLAGS="-Wl,--nxcompat -Wl,--dynamicbase"
AC_MSG_CHECKING([whether the linker supports DllCharacteristics])
AC_LINK_IFELSE([AC_LANG_PROGRAM([])],
[AC_MSG_RESULT([yes])]
[save_LDFLAGS="$save_LDFLAGS $LDFLAGS"],
[AC_MSG_RESULT([no])]
)
LDFLAGS="$save_LDFLAGS"
fi
# Set CFLAGS _after_ all the above checks, since our warnings are stricter
# than autoconf's macros like.
if test "$GCC" = yes; then

View File

@ -2194,6 +2194,19 @@ tor_main(int argc, char *argv[])
}
#endif
#ifdef MS_WINDOWS
/* Call SetProcessDEPPolicy to permanently enable DEP.
The function will not resolve on earlier versions of Windows,
and failure is not dangerous. */
HMODULE hMod = GetModuleHandleA("Kernel32.dll");
if (hMod) {
typedef BOOL (WINAPI *PSETDEP)(DWORD);
PSETDEP setdeppolicy = (PSETDEP)GetProcAddress(hMod,
"SetProcessDEPPolicy");
if (setdeppolicy) setdeppolicy(1); /* PROCESS_DEP_ENABLE */
}
#endif
update_approx_time(time(NULL));
tor_threads_init();
init_logging();