From 634f6ec4eb9997d7bd0f8209fad49a4171d42384 Mon Sep 17 00:00:00 2001
From: "Wladimir J. van der Laan" <laanwj@protonmail.com>
Date: Fri, 20 Nov 2020 09:15:44 +0100
Subject: contrib: Parse ELF directly for symbol and security checks

Instead of the ever-messier text parsing of the output of the readelf
tool (which is clearly meant for human consumption not to be machine
parseable), parse the ELF binaries directly.

Add a small dependency-less ELF parser specific to the checks.

This is slightly more secure, too, because it removes potential
ambiguity due to misparsing and changes in the output format of `elfread`. It
also allows for stricter and more specific ELF format checks in the future.

This removes the build-time dependency for `readelf`.

It passes the test-security-check for me locally, though I haven't
checked on all platforms.
---
 configure.ac | 1 -
 1 file changed, 1 deletion(-)

(limited to 'configure.ac')

diff --git a/configure.ac b/configure.ac
index e1548e5c36..cc2801e97e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -104,7 +104,6 @@ AC_PATH_PROG([GIT], [git])
 AC_PATH_PROG(CCACHE,ccache)
 AC_PATH_PROG(XGETTEXT,xgettext)
 AC_PATH_PROG(HEXDUMP,hexdump)
-AC_PATH_TOOL(READELF, readelf)
 AC_PATH_TOOL(CPPFILT, c++filt)
 AC_PATH_TOOL(OBJCOPY, objcopy)
 AC_PATH_PROG(DOXYGEN, doxygen)
-- 
cgit v1.2.3