Native code does not enable Data Execution Prevention (DEP) and Native code is compiled without Relocation Read-Only (RELRO) Dexguard

Question

I am integrating appsweep on my Application. While building the application and put it in Appsweep for testing I found the below issues,

Native code does not enable Data Execution Prevention (DEP)

  lib/arm64-v8a/libd.so
  lib/x86_64/libd.so
  lib/x86/libd.so
  lib/armeabi-v7a/libd.so
  lib/arm64-v8a/liba.so

Also

Native code is compiled without Relocation Read-Only (RELRO)

  lib/arm64-v8a/liba.so
  lib/x86/libd.so
  lib/armeabi-v7a/libd.so
  lib/x86_64/libd.so
  lib/arm64-v8a/libd.so

Answer 1

Those findings indicate that the liba.so and libd.so native libraries have been compiled with non-default compiler flags, since the Android SDK usually compiles native libraries with the necessary flags for DEP (-Wl,-z,noexecstack) and RELRO (-Wl,-z,now). Why that is the case is hard to tell without knowing how those libraries are being compiled in your project.

It's also difficult to tell whether using DexGuard has had any influence on this, but for that specific question I would advise you to contact the DexGuard support directly.