From 7c9e821c4e6cb186208ead9c8df616d1f393a49a Mon Sep 17 00:00:00 2001 From: fanquake Date: Tue, 31 Dec 2019 23:58:13 +0300 Subject: scripts: add MACHO NOUNDEFS check to security-check.py --- contrib/devtools/security-check.py | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'contrib/devtools/security-check.py') diff --git a/contrib/devtools/security-check.py b/contrib/devtools/security-check.py index 7a2b925850..9941c57479 100755 --- a/contrib/devtools/security-check.py +++ b/contrib/devtools/security-check.py @@ -188,6 +188,15 @@ def check_MACHO_PIE(executable) -> bool: return True return False +def check_MACHO_NOUNDEFS(executable) -> bool: + ''' + Check for no undefined references. + ''' + flags = get_MACHO_executable_flags(executable) + if 'NOUNDEFS' in flags: + return True + return False + CHECKS = { 'ELF': [ ('PIE', check_ELF_PIE), @@ -202,6 +211,7 @@ CHECKS = { ], 'MACHO': [ ('PIE', check_MACHO_PIE), + ('NOUNDEFS', check_MACHO_NOUNDEFS), ] } -- cgit v1.2.3