Enable Control Flow Guard for Windows Build #67
Conversation
There was a problem hiding this comment.
Hello!
Firstly, thank you for your contribution to the project and for your efforts to enhance the security of our binaries through the inclusion of the Control Flow Guard feature by adding /guard:cf to our linker flags. Your attention to security is highly appreciated.
Upon reviewing the changes, we've identified a small oversight in the modification to the CMAKE_EXE_LINKER_FLAGS. Specifically, the path specified for the /def argument seems to include CMAKE_EXE_LINKER_FLAGS, which might be a typographical error. The correct usage should directly reference the path to the .mscv file using CMAKE_CURRENT_SOURCE_DIR as in the line above.
Furthermore, since we're not building executables, is adding additional CMAKE_EXE_LINKER_FLAGS even necessary?
Could you please update the PR in either case? Once amended, we'll be eager to merge your contributions to enhance the project's security posture.
Thank you again for your contribution and for helping improve the SDK. If you have any questions or need further clarification, please don't hesitate to reach out.
CHANGES:
Added /cf parameter to Windows build (change in CMakelists.txt) to enable Control Flow Guard in Yubico.Nativeshims project.
There is no known vulnerability in the Yubico SDK that drives this change; it is simply a best practice for code that interacts with unsafe functions to adopt all available platform security measures for native code. This change may enable high security environments to proactively protect against unknown future vulnerabilities found in code that interacts with memory unsafe functions.
Control Flow Guard Information:
Control Flow Guard (CFG) is a robust security feature designed to counter memory corruption vulnerabilities by imposing strict limitations on code execution within an application. It significantly reduces the risk of exploits, particularly those exploiting vulnerabilities like buffer overflows. CFG builds upon previous mitigation technologies such as /GS, DEP, and ASLR, enhancing overall platform security. Its key features include preventing memory corruption and ransomware attacks, limiting server capabilities to reduce attack surface, and increasing the difficulty of exploiting arbitrary code vulnerabilities like buffer overflows.
More info:
https://learn.microsoft.com/en-us/windows/win32/secbp/control-flow-guard