Executable relocation directory
ID PE101 Level ERROR Category Security
Description
The executable has a relocation directory which is placed to the executable section. This can make it easier for an attacker to exploit memory corruption vulnerabilities.
This directory should be placed to read-only memory.
Mitigation
- Make sure you are not merging sections with different memory access attributes.
- Do not explicitly change memory attributes. If doing so, do not mark a section with the relocation directory executable.
If using Visual C++:
- Look for the
/SECTIONoption in the linker command line or the corresponding#pragma sectiondeclarations in the code.
Arguments
This rule has the following output arguments:
-
section- Affected section name
Loading...
Unable to load this documentation page.