在 2025-03-04 01:14, Pete Batard via Mingw-w64-public 写道:
Considering that the current approach to fighting DLL side-loading vulnerabilities for MinGW generated executables is to manually run them through something like procmon, to see if they attempt to load DLLs from nonsystem dirs, and if so, manually apply delay-loading to the DLLs (that is when delay-loading works, because while I didn't have an issue with other DLLs --outside of binutils needing an annoying DECLSPEC_IMPORT redef-- I have been entirely unable to make it work with cfgmgr32 [1]), being able to use a simple flag that tells Windows: "Hey, this application is designed to *not* to ever need to load anything but system DLLs" would be a real godsend.However, applying that flag requires the GNU PE toolchain that can generate a 'Load Configuration' PE directory entry, and arbitrarily set some the attributes there. And from what I can see, while LLVM has recently introduced an option that adds such a section to set the relevant flag, I don't expect gcc to do so anytime soon, so I would very much like a workaround for it...Unsurprisingly, this topic is far too advanced for ChatGPT to produce anything useful. I am therefore asking the MinGW experts if they have a solution for this kind of additional PE entry generation.
I believe at the moment there's no support for load config directories in GNU LD. You will have to modify GNU LD source:
In 'binutils-gdb/bfd/peXXigen.c' there is code which sets up the TLS directory (keyword: `PE_TLS_TABLE`). You can also see that while the constant `PE_LOAD_CONFIG_TABLE` is defined, it's unused elsewhere. So an executable that is created by GNU LD doesn't have a load config directory.
Perhaps you can take that as a reference and implement it. Microsoft LINK and LLD-LINK look for the external variable `_load_config_used` and point the load config directory to it, same way with how they look for `_tls_used` and set up the TLS directory. The difference is that the load config directory is of a variable length, as recorded in its `Size` field.
Once that is done, you can add an option to GNU LD to override the `DependentLoadFlags` field. -- Best regards, LIU Hao
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ Mingw-w64-public mailing list Mingw-w64-public@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/mingw-w64-public
