Changeset View
Changeset View
Standalone View
Standalone View
contrib/devtools/security-check.py
#!/usr/bin/env python | #!/usr/bin/env python3 | ||||
# Copyright (c) 2015-2016 The Bitcoin Core developers | # Copyright (c) 2015-2017 The Bitcoin Core developers | ||||
# Distributed under the MIT software license, see the accompanying | # Distributed under the MIT software license, see the accompanying | ||||
# file COPYING or http://www.opensource.org/licenses/mit-license.php. | # file COPYING or http://www.opensource.org/licenses/mit-license.php. | ||||
''' | ''' | ||||
Perform basic ELF security checks on a series of executables. | Perform basic ELF security checks on a series of executables. | ||||
Exit status will be 0 if successful, and the program will be silent. | Exit status will be 0 if successful, and the program will be silent. | ||||
Otherwise the exit status will be 1 and it will log which executables failed which checks. | Otherwise the exit status will be 1 and it will log which executables failed which checks. | ||||
Needs `readelf` (for ELF) and `objdump` (for PE). | Needs `readelf` (for ELF) and `objdump` (for PE). | ||||
''' | ''' | ||||
from __future__ import division, print_function, unicode_literals | |||||
import subprocess | import subprocess | ||||
import sys | import sys | ||||
import os | import os | ||||
READELF_CMD = os.getenv('READELF', '/usr/bin/readelf') | READELF_CMD = os.getenv('READELF', '/usr/bin/readelf') | ||||
OBJDUMP_CMD = os.getenv('OBJDUMP', '/usr/bin/objdump') | OBJDUMP_CMD = os.getenv('OBJDUMP', '/usr/bin/objdump') | ||||
# checks which are non-fatal for now but only generate a warning | # checks which are non-fatal for now but only generate a warning | ||||
NONFATAL = {'HIGH_ENTROPY_VA'} | NONFATAL = {'HIGH_ENTROPY_VA'} | ||||
▲ Show 20 Lines • Show All 216 Lines • Show Last 20 Lines |