netcraft
/
litecoin
mirror of https://github.com/litecoin-project/litecoin
6
0
Fork 0
Code Issues Projects Releases Wiki Activity

scripts: add MACHO NX check to security-check.py

Browse Source
pull/764/head
fanquake 5 years ago
parent 1a4e9f32ef
commit edaca2dd12
No known key found for this signature in database
GPG Key ID: 2EEB9F5CC09526C1
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File

10
contrib/devtools/security-check.py
Unescape View File

@ -197,6 +197,15 @@ def check_MACHO_NOUNDEFS(executable) -> bool:
return True
return False
def check_MACHO_NX(executable) -> bool:
'''
Check for no stack execution
'''
flags = get_MACHO_executable_flags(executable)
if 'ALLOW_STACK_EXECUTION' in flags:
return False
return True
CHECKS = {
'ELF': [
('PIE', check_ELF_PIE),
@ -212,6 +221,7 @@ CHECKS = {
'MACHO': [
('PIE', check_MACHO_PIE),
('NOUNDEFS', check_MACHO_NOUNDEFS),
('NX', check_MACHO_NX)
]
}

2
contrib/devtools/test-security-check.py
Unescape View File

@ -60,6 +60,8 @@ class TestSecurityChecks(unittest.TestCase):
cc = 'clang'
write_testcode(source)
self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-no_pie','-Wl,-flat_namespace', '-Wl,-allow_stack_execute']),
(1, executable+': failed PIE NOUNDEFS NX'))
self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-no_pie','-Wl,-flat_namespace']),
(1, executable+': failed PIE NOUNDEFS'))
self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-no_pie']),

Write Preview
Loading…
Cancel
Save