|
|
|
@ -53,7 +53,6 @@ IGNORE_EXPORTS = {
|
|
|
|
'environ', '_environ', '__environ',
|
|
|
|
'environ', '_environ', '__environ',
|
|
|
|
}
|
|
|
|
}
|
|
|
|
CPPFILT_CMD = os.getenv('CPPFILT', '/usr/bin/c++filt')
|
|
|
|
CPPFILT_CMD = os.getenv('CPPFILT', '/usr/bin/c++filt')
|
|
|
|
OBJDUMP_CMD = os.getenv('OBJDUMP', '/usr/bin/objdump')
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Allowed NEEDED libraries
|
|
|
|
# Allowed NEEDED libraries
|
|
|
|
ELF_ALLOWED_LIBRARIES = {
|
|
|
|
ELF_ALLOWED_LIBRARIES = {
|
|
|
|
@ -213,23 +212,12 @@ def check_MACHO_libraries(filename) -> bool:
|
|
|
|
ok = False
|
|
|
|
ok = False
|
|
|
|
return ok
|
|
|
|
return ok
|
|
|
|
|
|
|
|
|
|
|
|
def pe_read_libraries(filename) -> List[str]:
|
|
|
|
|
|
|
|
p = subprocess.Popen([OBJDUMP_CMD, '-x', filename], stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE, universal_newlines=True)
|
|
|
|
|
|
|
|
(stdout, stderr) = p.communicate()
|
|
|
|
|
|
|
|
if p.returncode:
|
|
|
|
|
|
|
|
raise IOError('Error opening file')
|
|
|
|
|
|
|
|
libraries = []
|
|
|
|
|
|
|
|
for line in stdout.splitlines():
|
|
|
|
|
|
|
|
if 'DLL Name:' in line:
|
|
|
|
|
|
|
|
tokens = line.split(': ')
|
|
|
|
|
|
|
|
libraries.append(tokens[1])
|
|
|
|
|
|
|
|
return libraries
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def check_PE_libraries(filename) -> bool:
|
|
|
|
def check_PE_libraries(filename) -> bool:
|
|
|
|
ok: bool = True
|
|
|
|
ok: bool = True
|
|
|
|
for dylib in pe_read_libraries(filename):
|
|
|
|
binary = lief.parse(filename)
|
|
|
|
|
|
|
|
for dylib in binary.libraries:
|
|
|
|
if dylib not in PE_ALLOWED_LIBRARIES:
|
|
|
|
if dylib not in PE_ALLOWED_LIBRARIES:
|
|
|
|
print('{} is not in ALLOWED_LIBRARIES!'.format(dylib))
|
|
|
|
print(f'{dylib} is not in ALLOWED_LIBRARIES!')
|
|
|
|
ok = False
|
|
|
|
ok = False
|
|
|
|
return ok
|
|
|
|
return ok
|
|
|
|
|
|
|
|
|
|
|
|
|
fanquake
4 years ago