#1270 enable DEP and ASLR

[Martin Held]

Hi,
I have noticed that the 7-zip windows components do not have DEP (Executable Space Protection) and ASLR (Address space layout randomization) enabled.

https://en.wikipedia.org/wiki/Address_space_layout_randomization
https://en.wikipedia.org/wiki/Executable_space_protection

from my perspective, this would make sense and does not make much effort.

best
Martin

[shiyao]

Is there any progress or any plan on this bug?

Thanks,
Shiyao

[Igor Pavlov]

It's not BUG.
It's feature or missing of feature.

1) 7-Zip doesn't use ASLR. Files are smaller so.

2) Data Execution Prevention (DEP) probably works for x64 binaries already by default.
But DEP for x86 (32-bt) binaries is more complicated case.
As I undestand, we must set flag

IMAGE_DLLCHARACTERISTICS_NX_COMPAT 

in pe file header.
And DEP will be enabled for x86 (32-bit) code too. At leaset it work so in Windows 10.
But IMAGE_DLLCHARACTERISTICS_NX_COMPAT still doesn't work in some old systems, like xp x64.

[shiyao]

Thanks Igor for the detailed information!

So 7-zip doesn't have plan for ASLR currently, right? Is there any other reason except smaller files? ASLR is a security feature, and it should not make much effort. I guess setting flag DYNAMICBASE can do this.

Thanks,
Shiyao

[Igor Pavlov]

ASLR is new feature.
I use old comilers and linkers without ASLR support.
I can compile with /FIXED:NO and patch for ASLR flag with another tool.
But ASLR is just some additional level of protection. There is no big gain from it.

DEP is good thing.
But it's uncleared for me why there is 32-bit and 64-bit code difference.

[trojkilla]

DEP is not enabled by default for all programs in Windows < 10
You would need to compile with /NXCOMPAT if you aren't already.

[mirh]

Landave blog mentioned 18.05 shipped with ASLR