GitLab

To mitigate the potential impact of vulnerabilities, the Tor executable for Windows should be built with support for Address Space Layout Randomization. See http://www.ziki.com/fr/gcouprie+37899/post/enable-dep-and-aslr-with-mingw+10897502 for a potentially dated explanation of how this could be done for MinGW.

Additionally, Tor should permanently enable DEP by calling SetProcessDEPPolicy at startup. By default, non-server versions of Windows only apply DEP to processes that opt-in with this call, and it prevents the possibility of malicious code causing the process to opt out.