Closed Bug 1520308 Opened 1 year ago Closed 1 year ago

mingw-clang builds do not have ASLR


(Firefox Build System :: General: Unsupported Platforms, enhancement, P5)



(firefox-esr60 fixed, firefox66 fixed)

Tracking Status
firefox-esr60 --- fixed
firefox66 --- fixed


(Reporter: tjr, Assigned: tjr)


(Blocks 1 open bug)


(Whiteboard: [tor])


(2 files)

mingw requires ASLR to be specified manually.

There seems to be two potential issues with this:

  1. A problem I don't really know/understand that prevents it being enabled by default
  2. An issue with relocations being stripped (as described here):

We don't seem to be affected by (2) - I confirmed with Process Explorer that both the x86 and x64 opt builds[0] have ASLR on all modules and spot-checked several with winchecksec which checks for relocations.

I don't think we're affected by (1) either... the problem IIRC is with gcc/binutils and lld merely mirrors the default there.

[0] for reference

Is there a reason that this needs to go under hardening flags, as opposed to just some general location?

(In reply to David Major [:dmajor] from comment #2)

Is there a reason that this needs to go under hardening flags, as opposed to just some general location?

No; it just seemed the most appropriate place. (I figured the fewer things that go in the better; and wasn't sure of a better place in a

I'm on the fence so I'll leave it in the queue and see if anyone else has a strong opinion.

Attachment #9036712 - Flags: review?(core-build-config-reviews) → review+

Pushed by
Enable ASLR for mingw-clang builds. r=froydnj

Keywords: checkin-needed
Closed: 1 year ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla66

[ESR Uplift Approval Request]

If this is not a sec:{high,crit} bug, please state case for ESR consideration: Needed by Tor; brings central and esr60 in sync

User impact if declined: Tor will need to carry another patch

Fix Landed on Version: 66.0a1 / 20190119095933

Risk to taking this patch: Low

Why is the change risky/not risky? (and alternatives if risky): mingw-clang build change only

((Note that this can wait until 60.6 just like Bug 1520310))

Attachment #9038261 - Flags: approval-mozilla-esr60?
Comment on attachment 9038261 [details] [diff] [review]
Bug 1520308 - Enable ASLR for mingw-clang builds. r=froydnj (esr60)

aslr for mingwclang, approved for 60.5esr build2.
Attachment #9038261 - Flags: approval-mozilla-esr60? → approval-mozilla-esr60+
Priority: -- → P5
You need to log in before you can comment on or make changes to this bug.