Questions tagged [compiler]
The compiler tag has no summary.
44 questions
1vote
2answers
216views
How can I compile and run Fortran/C programs on a shared remote server without exposing my code to other root users?
I have access to a big remote server via SSH and I'm a root user on that server. However, there are multiple other root users who also have access to this server. I want to run some Fortran/C programs ...
1vote
0answers
79views
How can I jump to an address after executing a donut shellcode?
I'm looking to execute a shellcode by packaging it inside an executable. I generate an executable (open the calculator) I output a shellcode from the executable with donut. donut.exe -i opencalc.exe ...
2votes
1answer
503views
Is there a secure way to embed a private key in compiled code that is released in compiled form to the general public?
It occurred to me that if I could compile a private key in source code, I could prove that log information came exclusively from the application for a given version. I could do this by releasing the ...
1vote
1answer
107views
Is switching my C/C++ compiler for security testing generally reliable?
If I am shipping a program to my customers which is compiled with GCC, but I want to test the security of the program using Clang, is this generally okay, or will I miss certain security bugs because ...
- 1,347
1vote
1answer
322views
Vulnerabilities in Build-time Libraries Could be a Security Threat
If a dependency that is used in development environment or at build time has a security vulnerability, could it cause a security threat for the application? I'm looking for an example to understand ...
- 121
1vote
1answer
500views
Can I get viruses from compiling C# code?
I have found a tool that requires me to compile it with Visual Studio. I am not sure if I can do it without the risk of malicious software being installed during the compiling process. Is that ...
- 11
1vote
0answers
134views
Compiler that adds machine info to binary
Wanted to ask if there is any compiler (any known programming language) that is actually encoding machine data into binary, so it is possible to detect the machine where the program has been compiled (...
2votes
1answer
354views
How do I compare the safety of a compiled program with optimization flag?
I would like to know how I can know which is the safest compilation line, that is: Having several compilation lines in, for example, GCC, how do I know which one is more secure? Hardening would be a ...
- 21
2votes
1answer
425views
Does recompiling a binary from source code make it more secure/obscure?
Using standard hardening options like PIC, Stack Protection ... does a mere recompilation make a program more secure against attacks? You have the source code of a program, compile it two times with ...
5votes
2answers
446views
Are reproducible builds practically possible on major app stores?
'Reproducible builds' ensure that a published app matches the published open source code. This answer gives some great information on it. But numerous sources1,2 indicate reproducible builds are very ...
- 1,330
3votes
0answers
207views
Compiler-induced information leaks/side-channels in cryptography implementations
In Cryptography Engineering Ferguson, Schneier and Kohno put a big emphasis on quality of code in order to prevent it from leaking information and from being vulnerable to memory corruption exploits. ...
- 454
1vote
1answer
211views
Build and execute code on a sandboxed environment?
Numerous websites allow us to build and execute C code from web browsers (repl.it, onlinegdb.com, ideone.com...). For my own application (education purposes) I would like to do the same on my web ...
- 367
1vote
1answer
318views
What evidence does a compiled file leave behind?
I was wondering when people compile malware and use the compiled files for engagements or nefarious purposes, what evidence do they leave behind in the compiled Windows executables? I have heard that ...
2votes
1answer
6kviews
Program compiled with mingw32 is reported as infected
I'm using a Linux system and cross-compiling to Win32. The most trivial Windows source code ("Hello world" by Petzold), when compiled using i686-w64-mingw32-gcc (gcc version 7.3-win32 20180312), ...
2votes
2answers
188views
Does removing features from a library increase or reduce security risks?
Software libraries targetting resource constrained environments like embedded systems use conditional compilation to allow consumers to shave space and thus increase performance by removing unused ...
- 113
