[tbb-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Aug 15 18:47:24 UTC 2018
#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-------------------------------------------------+-------------------------
Reporter: mikeperry | Owner: tbb-
| team
Type: enhancement | Status:
| needs_revision
Priority: Very High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-security, tbb-rbm, ff60-esr, | Actual Points:
boklm201807, TorBrowserTeam201808 |
Parent ID: #24631 | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by heaslr):
Replying to [comment:32 gk]:
> Replying to [comment:16 boklm]:
> > There is a patch for review in branch `bug_12968`, adding the `-Wl
,--high-entropy-va` flag in the Windows x86_64 build:
Windows has protections from cheaters like you who set that bit in
executables by linker or by notepad ;)
Replying to [comment:26 sukhbir]:
> I tried (today) with `-mcmodel=medium`, `-mcmodel=large` (both with
boklm's changes above and the GCC patch) and we have a similar if not the
same error.
Never try to change something which effect you don't know: we don't want
executables >2 GiB, even for data. Also for you ->
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=46125
> As to why it works for ffmpeg, it seems they are using the same flags so
I am not sure; I am going to compare the toolchain and see if there is a
difference there.
https://sourceware.org/bugzilla/show_bug.cgi?id=15444
You were asked many times to stop using debug-grade gcc's crap in
production code ;)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12968#comment:33>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list