diff options
author | Carl Dong <contact@carldong.me> | 2021-09-30 20:18:28 -0400 |
---|---|---|
committer | Carl Dong <contact@carldong.me> | 2021-10-13 08:39:48 -0400 |
commit | 1527b7e8a1339705a48d4d1ed108230fc4953c18 (patch) | |
tree | 4e552eefddd56f2a0a6ef5c8725f2e99223dccb3 | |
parent | b96adcbfae90b3e041754f11624cac04c1999e8c (diff) |
symbol-check: Check requested ELF interpreter
It is important that binaries request a standard interpreter location
where most distros would place the linker-loader. Otherwise, the user
would be met with a very confusing message:
bash: <path>/<to>/bitcoind: No such file or directory
When really it's the interpreter that's not found.
-rwxr-xr-x | contrib/devtools/symbol-check.py | 34 |
1 files changed, 32 insertions, 2 deletions
diff --git a/contrib/devtools/symbol-check.py b/contrib/devtools/symbol-check.py index c8703c53ba..158b6fa0ff 100755 --- a/contrib/devtools/symbol-check.py +++ b/contrib/devtools/symbol-check.py @@ -11,7 +11,7 @@ Example usage: find ../path/to/binaries -type f -executable | xargs python3 contrib/devtools/symbol-check.py ''' import sys -from typing import List +from typing import List, Dict import lief @@ -63,6 +63,30 @@ IGNORE_EXPORTS = { 'environ', '_environ', '__environ', } +# Expected linker-loader names can be found here: +# https://sourceware.org/glibc/wiki/ABIList?action=recall&rev=16 +ELF_INTERPRETER_NAMES: Dict[lief.ELF.ARCH, Dict[lief.ENDIANNESS, str]] = { + lief.ELF.ARCH.i386: { + lief.ENDIANNESS.LITTLE: "/lib/ld-linux.so.2", + }, + lief.ELF.ARCH.x86_64: { + lief.ENDIANNESS.LITTLE: "/lib64/ld-linux-x86-64.so.2", + }, + lief.ELF.ARCH.ARM: { + lief.ENDIANNESS.LITTLE: "/lib/ld-linux-armhf.so.3", + }, + lief.ELF.ARCH.AARCH64: { + lief.ENDIANNESS.LITTLE: "/lib/ld-linux-aarch64.so.1", + }, + lief.ELF.ARCH.PPC64: { + lief.ENDIANNESS.BIG: "/lib64/ld64.so.1", + lief.ENDIANNESS.LITTLE: "/lib64/ld64.so.2", + }, + LIEF_ELF_ARCH_RISCV: { + lief.ENDIANNESS.LITTLE: "/lib/ld-linux-riscv64-lp64d.so.1", + }, +} + # Allowed NEEDED libraries ELF_ALLOWED_LIBRARIES = { # bitcoind and bitcoin-qt @@ -215,11 +239,17 @@ def check_PE_subsystem_version(binary) -> bool: return True return False +def check_ELF_interpreter(binary) -> bool: + expected_interpreter = ELF_INTERPRETER_NAMES[binary.header.machine_type][binary.abstract.header.endianness] + + return binary.concrete.interpreter == expected_interpreter + CHECKS = { 'ELF': [ ('IMPORTED_SYMBOLS', check_imported_symbols), ('EXPORTED_SYMBOLS', check_exported_symbols), - ('LIBRARY_DEPENDENCIES', check_ELF_libraries) + ('LIBRARY_DEPENDENCIES', check_ELF_libraries), + ('INTERPRETER_NAME', check_ELF_interpreter), ], 'MACHO': [ ('DYNAMIC_LIBRARIES', check_MACHO_libraries), |