Merge branch 'maint-0.2.9' into maint-0.3.0

changes/ticket21953

@@ -0,0 +1,6 @@
+  o Minor features:
+    - Enable a couple of pieces of Windows hardening: one
+      (HeapEnableTerminationOnCorruption) that has been on-by-default since
+      Windows 8, and unavailable before Windows 7, and one
+      (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't
+      affect us, but shouldn't do any harm. Closes ticket 21953.

src/or/main.c

@@ -3575,6 +3575,11 @@ tor_main(int argc, char *argv[])
   int result = 0;
 
 #ifdef _WIN32
+#ifndef HeapEnableTerminationOnCorruption
+#define HeapEnableTerminationOnCorruption 1
+#endif
+  /* On heap corruption, just give up; don't try to play along. */
+  HeapSetInformation(NULL, HeapEnableTerminationOnCorruption, NULL, 0);
   /* Call SetProcessDEPPolicy to permanently enable DEP.
      The function will not resolve on earlier versions of Windows,
      and failure is not dangerous. */
@@ -3583,7 +3588,10 @@ tor_main(int argc, char *argv[])
     typedef BOOL (WINAPI *PSETDEP)(DWORD);
     PSETDEP setdeppolicy = (PSETDEP)GetProcAddress(hMod,
                            "SetProcessDEPPolicy");
-    if (setdeppolicy) setdeppolicy(1); /* PROCESS_DEP_ENABLE */
+    if (setdeppolicy) {
+      /* PROCESS_DEP_ENABLE | PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION */
+      setdeppolicy(3);
+    }
   }
 #endif