Graham Sutherland / Polynomial

I wrote a thing for work! Microsoft are introducing a new type confusion bug class mitigation called CastGuard, as part of the MSVC++ compiler.

Right now it's still undocumented & unreleased. I stumbled across it by accident while looking at the Load Configuration directory in PE files, and ended up going down a deep rabbit hole of reverse engineering the entire feature and discovering all the hidden compiler flags and language keywords

https://labs.nettitude.com/blog/preventing-type-confusion-with-castguard/

#cpp #windowsinternals #security

Oct 18, 2023 at 9:22pmWeb
Show threadGraham Sutherland / PolynomialOct 18, 2023
I actually did this work back in Feb but I've been so damn busy that we didn't actually get it published until now. Also ADHD making me forget about poking the right people to push it to the blog.
Show threadAdam Shostack  Oct 18, 2023
@gsuberland That’s cool!
Show threadeevee 🦊Oct 18, 2023
@gsuberland early typo: "into my discovery CastGuard" :)
Show threadGraham Sutherland / PolynomialOct 18, 2023
@eevee cheers. Will poke marketing to fix :)
Show threadJoshOct 19, 2023

@gsuberland Very cool!

Please have somebody take a squint at the behavior of the blog page (I’m on iOS 17 for reference). It appears that after scrolling I seem to have an issue where a video clip of some sort gets focused/fullscreened out of nowhere on a periodic interval, which makes reading the post a rather frustrating experience.

Show threadGraham Sutherland / PolynomialOct 19, 2023
@jsh yeah, sorry, the mobile viewing experience is a bit iffy on labs right now. I've not run into the video issue on iOS or Android though so I'll poke marketing and get them to take a look.