From edd947b645633d352ed5aed0a3e7f8740f0c5aae Mon Sep 17 00:00:00 2001
From: sfan5 <sfan5@live.de>
Date: Tue, 19 Dec 2023 22:02:04 +0100
Subject: [PATCH] Enable some runtime hardening on win32

---
 src/porting.cpp | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/porting.cpp b/src/porting.cpp
index 0d8d86c3e..0165af029 100644
--- a/src/porting.cpp
+++ b/src/porting.cpp
@@ -723,7 +723,13 @@ bool secure_rand_fill_buf(void *buf, size_t len)
 
 void osSpecificInit()
 {
-	// nothing here yet
+#ifdef _WIN32
+	// hardening options
+	HeapSetInformation(NULL, HeapEnableTerminationOnCorruption, NULL, 0);
+	SetSearchPathMode(BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE |
+		BASE_SEARCH_PATH_PERMANENT);
+	SetProcessDEPPolicy(PROCESS_DEP_ENABLE);
+#endif
 }
 
 #endif