contrib: Parse ELF directly for symbol and security checks

Instead of the ever-messier text parsing of the output of the readelf tool (which is clearly meant for human consumption not to be machine parseable), parse the ELF binaries directly. Add a small dependency-less ELF parser specific to the checks. This is slightly more secure, too, because it removes potential ambiguity due to misparsing and changes in the output format of `elfread`. It also allows for stricter and more specific ELF format checks in the future. This removes the build-time dependency for `readelf`. It passes the test-security-check for me locally, though I haven't checked on all platforms.
author: Wladimir J. van der Laan <laanwj@protonmail.com> 2020-11-20 09:15:44 +0100
committer: Wladimir J. van der Laan <laanwj@protonmail.com> 2020-11-22 11:11:32 +0100
commit: 634f6ec4eb9997d7bd0f8209fad49a4171d42384 (patch)
tree: 0c9e1de57c164790c4b6cc8397c6c8ce0117b983 /Makefile.am
parent: fdd068507d2694137d72638d87ea961e6f16a753 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/Makefile.am b/Makefile.am
index c8af4228f3..76dc0dd10a 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -52,7 +52,8 @@ DIST_SHARE = \
   $(top_srcdir)/share/rpcauth
 
 BIN_CHECKS=$(top_srcdir)/contrib/devtools/symbol-check.py \
-           $(top_srcdir)/contrib/devtools/security-check.py
+           $(top_srcdir)/contrib/devtools/security-check.py \
+           $(top_srcdir)/contrib/devtools/pixie.py
 
 WINDOWS_PACKAGING = $(top_srcdir)/share/pixmaps/bitcoin.ico \
   $(top_srcdir)/share/pixmaps/nsis-header.bmp \
author	Wladimir J. van der Laan <laanwj@protonmail.com>	2020-11-20 09:15:44 +0100
committer	Wladimir J. van der Laan <laanwj@protonmail.com>	2020-11-22 11:11:32 +0100
commit	634f6ec4eb9997d7bd0f8209fad49a4171d42384 (patch)
tree	0c9e1de57c164790c4b6cc8397c6c8ce0117b983 /Makefile.am
parent	fdd068507d2694137d72638d87ea961e6f16a753 (diff)