C-Based Toolchain Hardening
C-Based Toolchain Hardening is a technical guide to creating executables which are reliable and secure. This article will examine C, C++ and Objective C for Microsoft and GCC toolchains, and the steps you should take to ensure your executable obtains a defensive postures and integrates with the available platform security. Effectively configuring the toolchain means a project will enjoy a number of benefits during development, including enhanced warnings and static analysis, and self-debugging code.
There are four areas to be examined when hardening the toolchain: configuration, preprocessor, compiler, and linker. Nearly all areas are overlooked or neglected when setting up a project. The neglect appears to be pandemic, and it applies to nearly all projects including Auto-configured projects, Makefile-based, Eclipse-based, Visual Studio-based, or Xcode-based.
The article will also detail steps which quality assurance personnel can perform to ensure third party code meets organizational standards. Many organizations have Security Testing and Evaluation (ST&E) programs or operate in the US Federal arena where supply chain audits are necessary. If you audit a program with a lot of gaps, it could indicate the company providing the binaries does not have a mature engineering process or has gaps in its internal QA processes. For those without fully developed acceptance and testing criteria, then this article will also provide minimum standards.
Proper use of auditing tools such as checksec and readelf on Linux and BinScope on Windows means source code will be rarely needed for an audit. Lack of source code clears a number of legal hurdles in the acceptance testing process since NDAs or other agreements may not be required. For those who are not aware, the US's DMCA (PUBLIC LAW 105–304) has proper exceptions for reverse engineering and security testing and evaluation. The RE exemption is in Section 1205 (f) REVERSE ENGINEERING; and the ST&E exemption is in Section 1205 (i) SECURITY TESTING.