Questions tagged [compiler]
The compiler tag has no summary.
44 questions
1
vote
2
answers
268
views
How can I compile and run Fortran/C programs on a shared remote server without exposing my code to other root users?
I have access to a big remote server via SSH and I'm a root user on that server. However, there are multiple other root users who also have access to this server. I want to run some Fortran/C programs ...
1
vote
0
answers
106
views
How can I jump to an address after executing a donut shellcode?
I'm looking to execute a shellcode by packaging it inside an executable.
I generate an executable (open the calculator)
I output a shellcode from the executable with donut.
donut.exe -i opencalc.exe ...
- 11
2
votes
1
answer
570
views
Is there a secure way to embed a private key in compiled code that is released in compiled form to the general public?
It occurred to me that if I could compile a private key in source code, I could prove that log information came exclusively from the application for a given version.
I could do this by releasing the ...
- 123
1
vote
1
answer
135
views
Is switching my C/C++ compiler for security testing generally reliable?
If I am shipping a program to my customers which is compiled with GCC, but I want to test the security of the program using Clang, is this generally okay, or will I miss certain security bugs because ...
- 1,362
1
vote
1
answer
352
views
Vulnerabilities in Build-time Libraries Could be a Security Threat
If a dependency that is used in development environment or at build time has a security vulnerability, could it cause a security threat for the application? I'm looking for an example to understand ...
- 121
1
vote
1
answer
538
views
Can I get viruses from compiling C# code?
I have found a tool that requires me to compile it with Visual Studio. I am not sure if I can do it without the risk of malicious software being installed during the compiling process. Is that ...
- 11
1
vote
0
answers
156
views
Compiler that adds machine info to binary
Wanted to ask if there is any compiler (any known programming language) that is actually encoding machine data into binary, so it is possible to detect the machine where the program has been compiled (...
- 119
2
votes
1
answer
396
views
How do I compare the safety of a compiled program with optimization flag?
I would like to know how I can know which is the safest compilation line, that is:
Having several compilation lines in, for example, GCC, how do I know which one is more secure? Hardening would be a ...
- 21
2
votes
1
answer
470
views
Does recompiling a binary from source code make it more secure/obscure?
Using standard hardening options like PIC, Stack Protection ...
does a mere recompilation make a program more secure against attacks?
You have the source code of a program, compile it two times with ...
- 21
5
votes
2
answers
520
views
Are reproducible builds practically possible on major app stores?
'Reproducible builds' ensure that a published app matches the published open source code. This answer gives some great information on it.
But numerous sources1,2 indicate reproducible builds are very ...
- 1,340
3
votes
0
answers
233
views
Compiler-induced information leaks/side-channels in cryptography implementations
In Cryptography Engineering Ferguson, Schneier and Kohno put a big emphasis on quality of code in order to prevent it from leaking information and from being vulnerable to memory corruption exploits.
...
- 454
1
vote
1
answer
227
views
Build and execute code on a sandboxed environment?
Numerous websites allow us to build and execute C code from web browsers (repl.it, onlinegdb.com, ideone.com...). For my own application (education purposes) I would like to do the same on my web ...
- 367
1
vote
1
answer
356
views
What evidence does a compiled file leave behind?
I was wondering when people compile malware and use the compiled files for engagements or nefarious purposes, what evidence do they leave behind in the compiled Windows executables? I have heard that ...
- 1,012
2
votes
1
answer
6k
views
Program compiled with mingw32 is reported as infected
I'm using a Linux system and cross-compiling to Win32. The most trivial Windows source code ("Hello world" by Petzold), when compiled using i686-w64-mingw32-gcc (gcc version 7.3-win32 20180312), ...
- 21
2
votes
2
answers
208
views
Does removing features from a library increase or reduce security risks?
Software libraries targetting resource constrained environments like embedded systems use conditional compilation to allow consumers to shave space and thus increase performance by removing unused ...
- 113