Private debug directories are present in built EXEs

Issue #20 new
created an issue

The built xUnit++.*.exe files contain private debug directories that result in build machine information disclosure. Truncated output from "dumpbin.exe /HEADERS xUnit++.console.x64.exe":

  Debug Directories

        Time Type       Size      RVA  Pointer
    -------- ------ -------- -------- --------
    510F4114 cv           6C 0003CB60    3B760    Format: RSDS, {AF5A8245-7882-4244-AB5B-1AC4E402BC56}, 1, ZZZZZ\xUnit++.console.x64.pdb
    510F4114 (   C)       10 0003CBCC    3B7CC

Instead of the "ZZZZZ" above (which I added to obscure the information), you can actually see the full path from the machine that built the binaries.

This behavior can be avoided in by passing the linker argument "/PDBALTPATH:%_PDB%":

Comments (0)

  1. Log in to comment