Miranda NG Official Community Forum

Forum for English speaking Miranda NG users => Bug reports => Topic started by: wisentgenus on 09 09 2017, 19:09:01

Title: ASLR (Address Space Layout randomization) is disabled in MirandaNG executables
Post by: wisentgenus on 09 09 2017, 19:09:01

ASLR (Address Space Layout randomization)  is disabled in MirandaNG executables.
This is potentially serious security flow which opens a door for numerous attacks, especially when Miranda is on inet 24/7.

Developers - please add this compilation option to all projects:

/DYNAMICBASE (Use address space layout randomization)

https://msdn.microsoft.com/en-us/library/bb384887.aspx

Title: Re: ASLR (Address Space Layout randomization) is disabled in MirandaNG executables
Post by: BigMike on 10 09 2017, 09:57:03

I want to add, that I've no problems with Miranda x64 stable and ASLR forced as enabled by Microsofts EMET on Windows 10 1703

Title: Re:ASLR (Address Space Layout randomization) is disabled in MirandaNG executables
Post by: ghazan on 11 09 2017, 08:17:47

Quote from: wisentgenus on 09 09 2017, 19:09:01

ASLR (Address Space Layout randomization)  is disabled in MirandaNG executables.

yes, by design. you can easily find any article about dll rebasing and find how it saves a lot of memory and loading time, especially for a program with 200 dlls