diff options
| author | Wladimir J. van der Laan <laanwj@protonmail.com> | 2020-11-20 09:15:44 +0100 |
|---|---|---|
| committer | Wladimir J. van der Laan <laanwj@protonmail.com> | 2020-11-22 11:11:32 +0100 |
| commit | 634f6ec4eb9997d7bd0f8209fad49a4171d42384 (patch) | |
| tree | 0c9e1de57c164790c4b6cc8397c6c8ce0117b983 /Makefile.am | |
| parent | fdd068507d2694137d72638d87ea961e6f16a753 (diff) | |
| download | bitcoin-634f6ec4eb9997d7bd0f8209fad49a4171d42384.tar.xz | |
contrib: Parse ELF directly for symbol and security checks
Instead of the ever-messier text parsing of the output of the readelf
tool (which is clearly meant for human consumption not to be machine
parseable), parse the ELF binaries directly.
Add a small dependency-less ELF parser specific to the checks.
This is slightly more secure, too, because it removes potential
ambiguity due to misparsing and changes in the output format of `elfread`. It
also allows for stricter and more specific ELF format checks in the future.
This removes the build-time dependency for `readelf`.
It passes the test-security-check for me locally, though I haven't
checked on all platforms.
Diffstat (limited to 'Makefile.am')
| -rw-r--r-- | Makefile.am | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/Makefile.am b/Makefile.am index c8af4228f3..76dc0dd10a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -52,7 +52,8 @@ DIST_SHARE = \ $(top_srcdir)/share/rpcauth BIN_CHECKS=$(top_srcdir)/contrib/devtools/symbol-check.py \ - $(top_srcdir)/contrib/devtools/security-check.py + $(top_srcdir)/contrib/devtools/security-check.py \ + $(top_srcdir)/contrib/devtools/pixie.py WINDOWS_PACKAGING = $(top_srcdir)/share/pixmaps/bitcoin.ico \ $(top_srcdir)/share/pixmaps/nsis-header.bmp \ |