- Compile flags:
- /GS: Stack protection from buffer overrun.
- /SDL: Subset of W3&W4 security warnings as errors.
- Use warning 4.
- /WX: Treat Warnings As Errors.
- Linker flags:
- /DYNAMICBASE: Randomize module base address to ensure that our code is at different location each time it is loaded.
- /NXCOMPAT: Data Execution Prevention to ensure that data is difficult to execute.
- /SAFESEH: Secure Exception Handling. Project->Properties->Linker->Advanced->Image has Safe Exception Handlers.
- Using VS Code Analysis to find vulnerability.
- Including Banned.h in projects to find unsafe methods which are listed in Banned.h.
- Using BannedAPIextension to flag banned api use in editor. (only available for VS2010)
- Enable /SEHOP in registry setting:
-
- Click Start, click Run, type regedit, and
then press ENTER. - Locate the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\DisableExceptionChainValidation
Note If you cannot find the DisableExceptionChainValidation registry entry under the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\subkey, follow these steps to create it:
- Right-click kernel, point to New, and then click DWORD Value.
- Type DisableExceptionChainValidation, and then press ENTER.
- Double-click DisableExceptionChainValidation.
- Change the value of the DisableExceptionChainValidation registry entry to 0 to enable it, and then click OK.
Note A value of 1 disables the registry entry. A value of 0 enables it.
- Click Start, click Run, type regedit, and
-
相关文章
- Microsoft Visual Studio 2012正式版官方下载
- 使用InstallUtil安装及卸载Windows服务的具体操作 Visual Studio 2012版本
- 如何在Visual Studio 2012中发布Web应用程序时自动混淆Javascript
- Visual Studio 2012 使用免费的Team Foundation Service
- Visual Studio 2012 常用快捷键
- 在打开项目对话框中添加Visual Studio 2012置入快捷方式
- Visual Studio 2012不发布项目
- visual studio 2012进行C语言开发[图文]
- Recommended add-ons/plugins for Microsoft Visual Studio [closed]
- 为什么“成功”安装了Visual Studio 2012的vsix模板(在扩展和更新中显示)未出现在项目模板中