diff options
Diffstat (limited to 'contrib/devtools')
-rwxr-xr-x | contrib/devtools/copyright_header.py | 4 | ||||
-rwxr-xr-x | contrib/devtools/gen-manpages.sh | 2 | ||||
-rwxr-xr-x | contrib/devtools/security-check.py | 50 | ||||
-rwxr-xr-x | contrib/devtools/symbol-check.py | 8 | ||||
-rwxr-xr-x | contrib/devtools/test-security-check.py | 2 | ||||
-rwxr-xr-x | contrib/devtools/test-symbol-check.py | 2 |
6 files changed, 49 insertions, 19 deletions
diff --git a/contrib/devtools/copyright_header.py b/contrib/devtools/copyright_header.py index d6914bf655..38f3df77c9 100755 --- a/contrib/devtools/copyright_header.py +++ b/contrib/devtools/copyright_header.py @@ -1,5 +1,5 @@ #!/usr/bin/env python3 -# Copyright (c) 2016-2020 The Bitcoin Core developers +# Copyright (c) 2016-2021 The Bitcoin Core developers # Distributed under the MIT software license, see the accompanying # file COPYING or http://www.opensource.org/licenses/mit-license.php. @@ -371,7 +371,7 @@ def create_updated_copyright_line(line, last_git_change_year): space_split = after_copyright.split(' ') year_range = space_split[0] start_year, end_year = parse_year_range(year_range) - if end_year == last_git_change_year: + if end_year >= last_git_change_year: return line return (before_copyright + copyright_splitter + year_range_to_str(start_year, last_git_change_year) + ' ' + diff --git a/contrib/devtools/gen-manpages.sh b/contrib/devtools/gen-manpages.sh index 753a5a2494..8da6ff1204 100755 --- a/contrib/devtools/gen-manpages.sh +++ b/contrib/devtools/gen-manpages.sh @@ -1,5 +1,5 @@ #!/usr/bin/env bash -# Copyright (c) 2016-2020 The Bitcoin Core developers +# Copyright (c) 2016-2021 The Bitcoin Core developers # Distributed under the MIT software license, see the accompanying # file COPYING or http://www.opensource.org/licenses/mit-license.php. diff --git a/contrib/devtools/security-check.py b/contrib/devtools/security-check.py index 677557b8fa..137fe377da 100755 --- a/contrib/devtools/security-check.py +++ b/contrib/devtools/security-check.py @@ -1,5 +1,5 @@ #!/usr/bin/env python3 -# Copyright (c) 2015-2020 The Bitcoin Core developers +# Copyright (c) 2015-2021 The Bitcoin Core developers # Distributed under the MIT software license, see the accompanying # file COPYING or http://www.opensource.org/licenses/mit-license.php. ''' @@ -12,6 +12,10 @@ from typing import List import lief #type:ignore +# temporary constant, to be replaced with lief.ELF.ARCH.RISCV +# https://github.com/lief-project/LIEF/pull/562 +LIEF_ELF_ARCH_RISCV = lief.ELF.ARCH(243) + def check_ELF_RELRO(binary) -> bool: ''' Check for read-only relocations. @@ -178,24 +182,24 @@ def check_control_flow(binary) -> bool: return True return False - -CHECKS = { -'ELF': [ +BASE_ELF = [ ('PIE', check_PIE), ('NX', check_NX), ('RELRO', check_ELF_RELRO), ('Canary', check_ELF_Canary), ('separate_code', check_ELF_separate_code), -], -'PE': [ +] + +BASE_PE = [ ('PIE', check_PIE), ('DYNAMIC_BASE', check_PE_DYNAMIC_BASE), ('HIGH_ENTROPY_VA', check_PE_HIGH_ENTROPY_VA), ('NX', check_NX), ('RELOC_SECTION', check_PE_RELOC_SECTION), ('CONTROL_FLOW', check_PE_control_flow), -], -'MACHO': [ +] + +BASE_MACHO = [ ('PIE', check_PIE), ('NOUNDEFS', check_MACHO_NOUNDEFS), ('NX', check_NX), @@ -203,6 +207,21 @@ CHECKS = { ('Canary', check_MACHO_Canary), ('CONTROL_FLOW', check_control_flow), ] + +CHECKS = { + lief.EXE_FORMATS.ELF: { + lief.ARCHITECTURES.X86: BASE_ELF, + lief.ARCHITECTURES.ARM: BASE_ELF, + lief.ARCHITECTURES.ARM64: BASE_ELF, + lief.ARCHITECTURES.PPC: BASE_ELF, + LIEF_ELF_ARCH_RISCV: BASE_ELF, + }, + lief.EXE_FORMATS.PE: { + lief.ARCHITECTURES.X86: BASE_PE, + }, + lief.EXE_FORMATS.MACHO: { + lief.ARCHITECTURES.X86: BASE_MACHO, + } } if __name__ == '__main__': @@ -210,14 +229,25 @@ if __name__ == '__main__': for filename in sys.argv[1:]: try: binary = lief.parse(filename) - etype = binary.format.name + etype = binary.format + arch = binary.abstract.header.architecture + binary.concrete + if etype == lief.EXE_FORMATS.UNKNOWN: print(f'{filename}: unknown executable format') retval = 1 continue + if arch == lief.ARCHITECTURES.NONE: + if binary.header.machine_type == LIEF_ELF_ARCH_RISCV: + arch = LIEF_ELF_ARCH_RISCV + else: + print(f'{filename}: unknown architecture') + retval = 1 + continue + failed: List[str] = [] - for (name, func) in CHECKS[etype]: + for (name, func) in CHECKS[etype][arch]: if not func(binary): failed.append(name) if failed: diff --git a/contrib/devtools/symbol-check.py b/contrib/devtools/symbol-check.py index ec3b7691e9..4b695b3530 100755 --- a/contrib/devtools/symbol-check.py +++ b/contrib/devtools/symbol-check.py @@ -254,18 +254,18 @@ def check_ELF_interpreter(binary) -> bool: return binary.concrete.interpreter == expected_interpreter CHECKS = { -'ELF': [ +lief.EXE_FORMATS.ELF: [ ('IMPORTED_SYMBOLS', check_imported_symbols), ('EXPORTED_SYMBOLS', check_exported_symbols), ('LIBRARY_DEPENDENCIES', check_ELF_libraries), ('INTERPRETER_NAME', check_ELF_interpreter), ], -'MACHO': [ +lief.EXE_FORMATS.MACHO: [ ('DYNAMIC_LIBRARIES', check_MACHO_libraries), ('MIN_OS', check_MACHO_min_os), ('SDK', check_MACHO_sdk), ], -'PE' : [ +lief.EXE_FORMATS.PE: [ ('DYNAMIC_LIBRARIES', check_PE_libraries), ('SUBSYSTEM_VERSION', check_PE_subsystem_version), ] @@ -276,7 +276,7 @@ if __name__ == '__main__': for filename in sys.argv[1:]: try: binary = lief.parse(filename) - etype = binary.format.name + etype = binary.format if etype == lief.EXE_FORMATS.UNKNOWN: print(f'{filename}: unknown executable format') retval = 1 diff --git a/contrib/devtools/test-security-check.py b/contrib/devtools/test-security-check.py index 01df863ac0..4a862531a1 100755 --- a/contrib/devtools/test-security-check.py +++ b/contrib/devtools/test-security-check.py @@ -1,5 +1,5 @@ #!/usr/bin/env python3 -# Copyright (c) 2015-2020 The Bitcoin Core developers +# Copyright (c) 2015-2021 The Bitcoin Core developers # Distributed under the MIT software license, see the accompanying # file COPYING or http://www.opensource.org/licenses/mit-license.php. ''' diff --git a/contrib/devtools/test-symbol-check.py b/contrib/devtools/test-symbol-check.py index d699e85026..e1a2ebc491 100755 --- a/contrib/devtools/test-symbol-check.py +++ b/contrib/devtools/test-symbol-check.py @@ -1,5 +1,5 @@ #!/usr/bin/env python3 -# Copyright (c) 2020 The Bitcoin Core developers +# Copyright (c) 2020-2021 The Bitcoin Core developers # Distributed under the MIT software license, see the accompanying # file COPYING or http://www.opensource.org/licenses/mit-license.php. ''' |