| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2022-03-28 | contrib: use LIEF 0.12.0 for symbol and security checks | fanquake | |
| 2022-01-26 | contrib: support arm64 darwin in security checks | fanquake | |
| 2022-01-04 | scripts: add CONTROL_FLOW to ELF security checks | fanquake | |
| 2022-01-04 | script rename control flow check to MACHO specific | fanquake | |
| 2022-01-03 | scripts: make security checks architecture independent | fanquake | |
| This paves the way for using and checking for architecture dependent flags like -fcf-protection on x86_64 Linux and -mbranch-protection on 64 bit ARM. | |||
| 2021-12-30 | scripted-diff: Bump copyright headers | Hennadii Stepanov | |
| -BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT- Commits of previous years: * 2020: fa0074e2d82928016a43ca408717154a1c70a4db * 2019: aaaaad6ac95b402fe18d019d67897ced6b316ee0 | |||
| 2021-12-18 | scripts: match on exe type over str in security-check.py | fanquake | |
| 2021-11-17 | scripts: test for PE control flow instrumentation | fanquake | |
| 2021-10-16 | lint: enable mypy checking for missing imports | josibake | |
| Achieve this by adding some ignore, and making data/ importable. Co-authored-by: João Barbosa <joao.paulo.barbosa@gmail.com> | |||
| 2021-10-12 | scripts: only parse the binary once in security-check.py | fanquake | |
| 2021-10-12 | scripts: use LIEF for ELF checks in security-check.py | fanquake | |
| 2021-05-09 | scripts: test for MACHO control flow instrumentation | fanquake | |
| 2021-05-04 | contrib: consolidate PIE and NX security checks | fanquake | |
| 2021-05-04 | contrib: add PE PIE check to security checks | fanquake | |
| 2021-05-04 | contrib: use LIEF for PE security checks | fanquake | |
| 2021-05-04 | contrib: use LIEF for macOS security checks | fanquake | |
| 2021-05-04 | contrib: use f strings in security-check.py | fanquake | |
| 2020-11-22 | contrib: Changes to checks for PowerPC64 | Luke Dashjr | |
| Changes from #14066. | |||
| 2020-11-22 | contrib: Parse ELF directly for symbol and security checks | Wladimir J. van der Laan | |
| Instead of the ever-messier text parsing of the output of the readelf tool (which is clearly meant for human consumption not to be machine parseable), parse the ELF binaries directly. Add a small dependency-less ELF parser specific to the checks. This is slightly more secure, too, because it removes potential ambiguity due to misparsing and changes in the output format of `elfread`. It also allows for stricter and more specific ELF format checks in the future. This removes the build-time dependency for `readelf`. It passes the test-security-check for me locally, though I haven't checked on all platforms. | |||
| 2020-11-09 | swapped "is" for "==" in literal comparison | Tyler Chambers | |
| update lint-python.sh to include check F632 | |||
| 2020-07-28 | devtools: Add security check for separate_code | Wladimir J. van der Laan | |
| Check that sections are appropriately separated in virtual memory, based on their (expected) permissions. This checks for missing -Wl,-z,separate-code and potentially other problems. Co-authored-by: fanquake <fanquake@gmail.com> | |||
| 2020-05-14 | scripts: add additional type annotations to security-check.py | fanquake | |
| 2020-05-14 | scripts: add run_command to security-check.py | fanquake | |
| Deduplicate all the subprocess code as mentioned in 18713. | |||
| 2020-05-14 | scripts: remove NONFATAL from security-check.py | fanquake | |
| 2020-05-14 | scripts: no-longer check for 32 bit windows in security-check.py | fanquake | |
| 2020-04-23 | scripts: add PE .reloc section check to security-check.py | fanquake | |
| 2020-04-21 | scripts: add MACHO Canary check to security-check.py | fanquake | |
| 2020-04-04 | scripts: add MACHO lazy bindings check to security-check.py | fanquake | |
| 2020-03-26 | scripts: add MACHO NX check to security-check.py | fanquake | |
| 2020-01-15 | scripted-diff: Bump copyright of files changed in 2020 | MarcoFalke | |
| -BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT- | |||
| 2020-01-02 | scripts: add MACHO NOUNDEFS check to security-check.py | fanquake | |
| 2020-01-02 | scripts: add MACHO PIE check to security-check.py | fanquake | |
| 2018-11-30 | Fix broken Gmane URLs | Craig Younkins | |
| 2018-08-08 | Merge #13780: 0.17: Pre-branch maintenance | Wladimir J. van der Laan | |
| 3fc20632a3ad30809356a58d2cf0ea4a4ad4cec3 qt: Set BLOCK_CHAIN_SIZE = 220 (DrahtBot) 2b6a2f4a28792f2fe9dc1be843b1ff1ecae35e8a Regenerate manpages (DrahtBot) eb7daf4d600eeb631427c018a984a77a34aca66e Update copyright headers to 2018 (DrahtBot) Pull request description: Some trivial maintenance to avoid having to do it again after the 0.17 branch off. (The scripts to do this are in `./contrib/`) Tree-SHA512: 16b2af45e0351b1c691c5311d48025dc6828079e98c2aa2e600dc5910ee8aa01858ca6c356538150dc46fe14c8819ed8ec8e4ec9a0f682b9950dd41bc50518fa | |||
| 2018-07-27 | Update copyright headers to 2018 | DrahtBot | |
| 2018-07-26 | contrib: Fix test-security-check fail in Ubuntu 18.04 | Chun Kuan Lee | |
| 2018-07-12 | Tools: fix BIND_NOW check in security-check.py | Conrado Gouvea | |
| Previously, the BIND_NOW check would work only if it was the first value in FLAGS. | |||
| 2018-05-11 | Enable W191 and W291 flake8 checks. | John Bampton | |
| Remove trailing whitespace from Python files. Convert tabs to spaces. | |||
| 2018-03-28 | [contrib] fixup security-check.py Python3 support | John Newbery | |
| 2018-03-26 | Change all python files to use Python3 | John Newbery | |
| 2018-01-03 | Increment MIT Licence copyright header year on files modified in 2017 | Akira Takizawa | |
| 2017-08-28 | Use sys.exit(...) instead of exit(...): exit(...) should not be used in programs | practicalswift | |
| 2016-09-26 | Merge #8249: Enable (and check for) 64-bit ASLR on Windows | Wladimir J. van der Laan | |
| 62c2915 build: supply `-Wl,--high-entropy-va` (Wladimir J. van der Laan) 9a75d29 devtools: Check for high-entropy ASLR in 64-bit PE executables (Wladimir J. van der Laan) | |||
| 2016-09-26 | devtools: Check for high-entropy ASLR in 64-bit PE executables | Wladimir J. van der Laan | |
| check_PE_PIE only checked for DYNAMIC_BASE, this is not enough for (secure) ASLR on 64-bit. | |||
| 2016-09-11 | [copyright] add MIT License copyright header to remaining Python files | isle2983 | |
| 2016-06-28 | Favour python over python2 as per PR #7723 | Matthew King | |
| 2016-06-26 | Use portable #! in python scripts (/usr/bin/env) | Matthew King | |
| 2016-03-29 | build: python 3 compatibility | Wladimir J. van der Laan | |
| Ubuntu 16.04 "xenial xerus" does not come with Python 2.x by default. It is possible to install a python-2.7 package, but this has its own problem: no `python` or `python2` symlink (see #7717). This fixes the following scripts to work with python 3: - `make check` (bctest,py, bitcoin-util-test.py) - `make translate` (extract_strings_qt.py) - `make symbols-check` (symbol-check.py) - `make security-check` (security-check.py) Explicitly call the python commands using $(PYTHON) instead of relying on the interpreter line at the top of the scripts. | |||
| 2016-01-26 | release: fix parsing of BIND_NOW with older readelf | Cory Fields | |
| 2016-01-08 | Fixing typos on security-check.py and torcontrol.cpp | calebogden | |
 |
index : slackcoder/bitcoin | |
| Bitcoin Code integration/staging tree | Mirror |
| aboutsummaryrefslogtreecommitdiff |