Hi,
On 27.05.2012 15:19, Paul Gevers wrote:
> Can somebody point me at relevant information about hardening of non-c
> based compilers (in Debian). I have read
> http://wiki.debian.org/Hardening but as far as I can see it assumes C.
> Something specifically about FPC/Lazarus would be even better of course.
since nobody else seems to answer, I'll share my no-knowledge: Pascal
binaries are not using the libc and and are not using the ABI calling
conventions all C programs do use.
Therefore, Pascal binaries can't make use of gcc stack protectors, as
Pascal programs might simply be using another stack layout. Other
problems like format string vulnerabilities are specific to C anyway.
Hence you can't just enable hardening flags and you're done. This is
something which needs implemented in your pascal compiler if necessary.
There are, however, libraries in Pascal which are interfacing with C
libraries (including libc I think). It needs to be carefully checked if
hardened stacks (e.g. stack canaries) are compatible with that.
--
with kind regards,
Arno Töll
IRC: daemonkeeper on Freenode/OFTC
GnuPG Key-ID: 0x9D80F36D
signature.asc
Description: OpenPGP digital signature
