mirrors/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2024-11-19 18:09:47 +01:00
Code Issues Projects Releases Wiki Activity

scripts: only parse the binary once in symbol-check.py

Browse Source
This commit is contained in:
fanquake 2021-07-02 14:37:06 +08:00
parent 309eac9019
commit 8242ae230e
No known key found for this signature in database
GPG Key ID: 2EEB9F5CC09526C1
1 changed files with 15 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
contrib/devtools/symbol-check.py
View File

@ -11,7 +11,7 @@ Example usage:
find ../path/to/binaries -type f -executable | xargs python3 contrib/devtools/symbol-check.py
'''
import sys
from typing import List, Optional
from typing import List
import lief
@ -144,9 +144,8 @@ def check_version(max_versions, version, arch) -> bool:
else:
return ver <= max_versions[lib][arch]
def check_imported_symbols(filename) -> bool:
def check_imported_symbols(binary) -> bool:
ok: bool = True
binary = lief.parse(filename)
for symbol in binary.imported_symbols:
if not symbol.imported:
@ -161,9 +160,8 @@ def check_imported_symbols(filename) -> bool:
ok = False
return ok
def check_exported_symbols(filename) -> bool:
def check_exported_symbols(binary) -> bool:
ok: bool = True
binary = lief.parse(filename)
for symbol in binary.dynamic_symbols:
if not symbol.exported:
@ -171,22 +169,20 @@ def check_exported_symbols(filename) -> bool:
name = symbol.name
if binary.header.machine_type == LIEF_ELF_ARCH_RISCV or name in IGNORE_EXPORTS:
continue
print(f'{filename}: export of symbol {name} not allowed!')
print(f'{binary.name}: export of symbol {name} not allowed!')
ok = False
return ok
def check_ELF_libraries(filename) -> bool:
def check_ELF_libraries(binary) -> bool:
ok: bool = True
binary = lief.parse(filename)
for library in binary.libraries:
if library not in ELF_ALLOWED_LIBRARIES:
print(f'{filename}: {library} is not in ALLOWED_LIBRARIES!')
ok = False
return ok
def check_MACHO_libraries(filename) -> bool:
def check_MACHO_libraries(binary) -> bool:
ok: bool = True
binary = lief.parse(filename)
for dylib in binary.libraries:
split = dylib.name.split('/')
if split[-1] not in MACHO_ALLOWED_LIBRARIES:
@ -194,29 +190,25 @@ def check_MACHO_libraries(filename) -> bool:
ok = False
return ok
def check_MACHO_min_os(filename) -> bool:
binary = lief.parse(filename)
def check_MACHO_min_os(binary) -> bool:
if binary.build_version.minos == [10,15,0]:
return True
return False
def check_MACHO_sdk(filename) -> bool:
binary = lief.parse(filename)
def check_MACHO_sdk(binary) -> bool:
if binary.build_version.sdk == [10, 15, 6]:
return True
return False
def check_PE_libraries(filename) -> bool:
def check_PE_libraries(binary) -> bool:
ok: bool = True
binary = lief.parse(filename)
for dylib in binary.libraries:
if dylib not in PE_ALLOWED_LIBRARIES:
print(f'{dylib} is not in ALLOWED_LIBRARIES!')
ok = False
return ok
def check_PE_subsystem_version(filename) -> bool:
binary = lief.parse(filename)
def check_PE_subsystem_version(binary) -> bool:
major: int = binary.optional_header.major_subsystem_version
minor: int = binary.optional_header.minor_subsystem_version
if major == 6 and minor == 1:
@ -240,30 +232,20 @@ CHECKS = {
]
}
def identify_executable(executable) -> Optional[str]:
with open(filename, 'rb') as f:
magic = f.read(4)
if magic.startswith(b'MZ'):
return 'PE'
elif magic.startswith(b'\x7fELF'):
return 'ELF'
elif magic.startswith(b'\xcf\xfa'):
return 'MACHO'
return None
if __name__ == '__main__':
retval: int = 0
for filename in sys.argv[1:]:
try:
etype = identify_executable(filename)
if etype is None:
print(f'{filename}: unknown format')
binary = lief.parse(filename)
etype = binary.format.name
if etype == lief.EXE_FORMATS.UNKNOWN:
print(f'{filename}: unknown executable format')
retval = 1
continue
failed: List[str] = []
for (name, func) in CHECKS[etype]:
if not func(filename):
if not func(binary):
failed.append(name)
if failed:
print(f'{filename}: failed {" ".join(failed)}')