Questions tagged [compiler]
39 questions
1
vote
1 answer
Extreme buffer size consequences
What are the consequences of allocating and then populating an extremely large buffer in C? Can a stack have a maximum size and if so what are the security mechanisms that enforce this.
![](../../users/profiles/139142.webp)
Us3rname
- 131
- 6
0
votes
1 answer
What's the point of storing an copy of args? (the /gs flag)
When you add the /gs argument to microsoft's compiler, it would place a copy of args below the buffer variable.
So, what's the point of keeping a copy of arg?
![](../../users/profiles/10331.webp)
daisy
- 1,735
- 3
- 25
- 39
0
votes
1 answer
Compiler Parameters to isolate a C++ program
Is there any set of compiler parameters that can be used to prevent a C++ program from having any access to most system functions, leaving it with access to read/write to stdin/stdout, but otherwise unable to harm the system.
This strikes me as…
![](../../users/profiles/78741.webp)
Stack Tracer
- 514
- 2
- 5
- 14
0
votes
1 answer
Building software safely for malware-free distribution
I wrote a program. I want to publish a compiled executable for downloading by the public.
How can I compile and distribute it without contact with my (presumably insecure and infected) operating system? How do software vendors ensure that their…
![](../../users/profiles/160372.webp)
7vujy0f0hy
- 103
- 2
0
votes
2 answers
What are the security trade-offs of using reproducible builds?
From reproducible-builds.org:
Reproducible builds are a set of software development practices that create a verifiable path from human readable source code to the binary code used by computers.
In general, it means that given the same source code,…
![](../../users/profiles/18241.webp)
Philipp Claßen
- 1,024
- 1
- 8
- 15
0
votes
1 answer
Lynis Indicates Compilers
On a droplet, when Lynis reports that compilers have been found, I've been unable to determine which compilers it means exactly. I'd like to remove these. How can I?
There is another thread, but the "how to find which compilers it's talking about"…
![](../../users/profiles/153213.webp)
JohnFF
- 144
- 6
0
votes
1 answer
Are Optimization Flags Harmful?
There seems to be a consensus, that
-D_FORTIFY_SOURCE=2 -O1
is a hardening measure that should be applied as compiler option. This was also a recommendation in the Dovecot Pentest Report.
What I'm confused about is, that _FORTIFY_SOURCE=2 needs an…
![](../../users/profiles/11927.webp)
user857990
- 903
- 1
- 9
- 21
-1
votes
1 answer
Compilation Error "fatal error: openssl rc4.h: No such file or directory"
I am trying to compile the following exploit http://pastebin.com/pxy4GiFQ to use it against one of my lab machines.
I am trying to compile it inside KALI machine and get the following error:
root@kali:~/Desktop# gcc -o OpenFuck abc.c…
![](../../users/profiles/27867.webp)
Ahmed Taher
- 701
- 6
- 13
- 23
-2
votes
1 answer
How to secure batch script with compiler (not compressor) in Windows?
Batch script, a.k.a. bat or cmd, is good - easy to learn, easy to code, easy to use, easy to distrubute. However it lets coders down when they need to achieve something complex in batch script. The more important thing is that it encounters a…
![](../../users/profiles/124379.webp)
ll55
- 103
- 2