Merge remote branch 'origin/maint-0.2.2'

3 files changed, 32 insertions, 0 deletions

diff --git a/changes/bug2358 b/changes/bug2358
new file mode 100644
index 0000000000..5e44bb9f82
--- /dev/null
+++ b/changes/bug2358
@@ -0,0 +1,5 @@
+  o Minor features
+    - Enable Address Space Layout Randomization (ASLR) and Data Execution
+      Prevention (DEP) by default on Windows to make it harder for
+      attackers to exploit vulnerabilities.  Patch from John Brooks.
+ 
diff --git a/configure.in b/configure.in
index eddab6707b..2669511430 100644
--- a/configure.in
+++ b/configure.in
@@ -1051,6 +1051,20 @@ AC_SUBST(BINDIR)
 LOCALSTATEDIR=`eval echo $localstatedir`
 AC_SUBST(LOCALSTATEDIR)
 
+if test "$bwin32" = true; then
+  # Test if the linker supports the --nxcompat and --dynamicbase options
+  # for Windows
+  save_LDFLAGS="$LDFLAGS"
+  LDFLAGS="-Wl,--nxcompat -Wl,--dynamicbase"
+  AC_MSG_CHECKING([whether the linker supports DllCharacteristics])
+  AC_LINK_IFELSE([AC_LANG_PROGRAM([])],
+    [AC_MSG_RESULT([yes])]
+    [save_LDFLAGS="$save_LDFLAGS $LDFLAGS"],
+    [AC_MSG_RESULT([no])]
+  )
+  LDFLAGS="$save_LDFLAGS"
+fi
+
 # Set CFLAGS _after_ all the above checks, since our warnings are stricter
 # than autoconf's macros like.
 if test "$GCC" = yes; then
diff --git a/src/or/main.c b/src/or/main.c
index aa97609442..3a77f622ee 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -2419,6 +2419,19 @@ tor_main(int argc, char *argv[])
   }
 #endif
 
+#ifdef MS_WINDOWS
+  /* Call SetProcessDEPPolicy to permanently enable DEP.
+     The function will not resolve on earlier versions of Windows,
+     and failure is not dangerous. */
+  HMODULE hMod = GetModuleHandleA("Kernel32.dll");
+  if (hMod) {
+    typedef BOOL (WINAPI *PSETDEP)(DWORD);
+    PSETDEP setdeppolicy = (PSETDEP)GetProcAddress(hMod,
+                           "SetProcessDEPPolicy");
+    if (setdeppolicy) setdeppolicy(1); /* PROCESS_DEP_ENABLE */
+  }
+#endif
+
   update_approx_time(time(NULL));
   tor_threads_init();
   init_logging();