diff options
| author | Jelle van der Waa <jelle@vdwaa.nl> | 2017-07-05 19:32:18 +0200 |
|---|---|---|
| committer | Kyle Keen <keenerd@gmail.com> | 2017-07-07 14:35:09 -0400 |
| commit | f73bf160de19e43d1c22a3db0f32b234b872963f (patch) | |
| tree | 503ddc8ed51d7c0b56d680c9e37a9d3ac64235a5 | |
| parent | 1a44d4e747e8a9cec372b7df6c6620ef02a6481f (diff) | |
| download | namcap-f73bf160de19e43d1c22a3db0f32b234b872963f.tar.gz namcap-f73bf160de19e43d1c22a3db0f32b234b872963f.zip | |
implement FS#27485, warn on unstripped files
Signed-off-by: Kyle Keen <keenerd@gmail.com>
| -rw-r--r-- | Namcap/rules/elffiles.py | 35 | ||||
| -rw-r--r-- | namcap-tags | 1 |
2 files changed, 36 insertions, 0 deletions
diff --git a/Namcap/rules/elffiles.py b/Namcap/rules/elffiles.py index 1c54f24..e2dd7f5 100644 --- a/Namcap/rules/elffiles.py +++ b/Namcap/rules/elffiles.py @@ -22,6 +22,7 @@ import os from elftools.elf.elffile import ELFFile from elftools.elf.dynamic import DynamicSection +from elftools.elf.sections import SymbolTableSection from Namcap.util import is_elf, clean_filename from Namcap.ruleclass import * @@ -159,4 +160,38 @@ class ELFGnuRelroRule(TarballRule): self.warnings = [("elffile-without-relro %s", i) for i in missing_relro] +class ELFUnstrippedRule(TarballRule): + """ + Checks for unstripped ELF files. Uses pyelftools to check if + .symtab exists. + + Introduced by FS#27485. + """ + + name = "elfunstripped" + description = "Check for unstripped ELF files." + + def analyze(self, pkginfo, tar): + unstripped_binaries = [] + + for entry in tar: + if not entry.isfile(): + continue + fp = tar.extractfile(entry) + if not is_elf(fp): + continue + elffile = ELFFile(fp) + for section in elffile.iter_sections(): + if not isinstance(section, SymbolTableSection): + continue + + if section['sh_entsize'] == 0: + continue + + if section.name == '.symtab': + unstripped_binaries.append(entry.name) + if unstripped_binaries: + self.warnings = [("elffile-unstripped %s", i) + for i in unstripped_binaries] + # vim: set ts=4 sw=4 noet: diff --git a/namcap-tags b/namcap-tags index 3de6c75..f967724 100644 --- a/namcap-tags +++ b/namcap-tags @@ -20,6 +20,7 @@ elffile-in-questionable-dirs %s :: ELF files outside of a valid path ('%s'). elffile-with-textrel %s :: ELF file ('%s') has text relocations. elffile-with-execstack %s :: ELF file ('%s') has executable stack. elffile-without-relro %s :: ELF file ('%s') lacks RELRO, check LDFLAGS. +elffile-unstripped %s :: ELF file ('%s') is unstripped. empty-directory %s :: Directory (%s) is empty error-running-rule %s :: Error running rule '%s' external-hooks-name %s :: .INSTALL file runs a command (%s) provided by hooks. |