aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xcontrib/devtools/security-check.py9
1 files changed, 9 insertions, 0 deletions
diff --git a/contrib/devtools/security-check.py b/contrib/devtools/security-check.py
index 2c44d67d33..4f4c9565fa 100755
--- a/contrib/devtools/security-check.py
+++ b/contrib/devtools/security-check.py
@@ -134,6 +134,14 @@ def check_ELF_separate_code(executable):
return False
return True
+def check_PE_PIE(executable) -> bool:
+ '''
+ Check for position independent executable (PIE),
+ allowing for address space randomization.
+ '''
+ binary = lief.parse(executable)
+ return binary.is_pie
+
def check_PE_DYNAMIC_BASE(executable) -> bool:
'''PIE: DllCharacteristics bit 0x40 signifies dynamicbase (ASLR)'''
binary = lief.parse(executable)
@@ -201,6 +209,7 @@ CHECKS = {
('separate_code', check_ELF_separate_code),
],
'PE': [
+ ('PIE', check_PE_PIE),
('DYNAMIC_BASE', check_PE_DYNAMIC_BASE),
('HIGH_ENTROPY_VA', check_PE_HIGH_ENTROPY_VA),
('NX', check_PE_NX),