annobin

Author	SHA1	Message	Date
Nick Clifton	0bd26e8615	Complain about DT_RPATH for Fedora binaries.	2021-10-20 17:49:04 +01:00
Nick Clifton	3f7c00bf57	Better reporting of problems in object files. Resolves: #2013708	2021-10-18 16:17:25 +01:00
Nick Clifton	0c5b1fec47	Fix configuring annocheck without gcc-plugin. - Annocheck: Better reporting of debuginfod problems. - Tests: Fix bugs in debuginfod test.	2021-10-14 20:04:48 +01:00
Nick Clifton	8477e1751d	Annocheck: Add tests based upon recent bug fixes.	2021-10-13 11:55:02 +01:00
Nick Clifton	f1b2a85f11	Annocheck: Fix memory corruptions when using --debug-path and when a corrupt note is found. Resolves: #2011438	2021-10-08 16:25:13 +01:00
Nick Clifton	f25c7c2336	Annocheck: Fix MAYB results for mixed GO/C files. Annocheck: Move some messages from VERBOSE to VERBOSE2. Annocheck: Scan zero-length tool notes.	2021-10-08 14:15:39 +01:00
Nick Clifton	efe8b5622b	Annocheck: Fix covscan detected flaws. plugins: Add more required build options.	2021-10-06 10:59:43 +01:00
Nick Clifton	c27947f871	Annocheck: Fix cf-prot test to fail if the CET notes are missing. Annocheck: Skip gaps in the .plt section. Plugins: Add -g option when building LLVM and Clang.	2021-10-05 14:28:09 +01:00
Nick Clifton	37b5de8c9b	Annocheck: Add more cases of glibc startup functions.	2021-10-04 15:26:35 +01:00
Nick Clifton	5f79645f58	- Annocheck: Fix covscan detected problems. - Annocheck: Add --profile=el8. - gcc-plugin: Conditionalize generation of branch protection note.	2021-10-01 13:11:12 +01:00
Nick Clifton	da3ba09492	Annocheck: Ignore gaps containing NOP instructions.	2021-09-29 13:12:12 +01:00
Nick Clifton	c62bd663ec	GCC Plugin: Fix detection of running inside the LTO compiler. (#2004917 )	2021-09-16 15:06:57 +01:00
Nick Clifton	ee93527317	Annocheck: Do not insist on the DT_AARCH64_PAC_PLT flag being present in AArch64 binaries.	2021-09-15 15:00:18 +01:00
Nick Clifton	0aa5d1ce55	Annocheck: With gaps at the start/end of the .text section, check for special symbols before displaying a MAYB result.	2021-09-15 12:09:38 +01:00
Nick Clifton	a99d618d38	Annocheck: Do not set CFLAGS/LDFLAGS when building. Take from environment instead.	2021-09-15 10:43:42 +01:00
Nick Clifton	92cb681581	Annocheck: Fix exit code when tests PASS.	2021-09-10 11:08:17 +01:00
Nick Clifton	fe496281b3	- Documentation: Add node for each hardening test. - Documentation: Install online. - Annocheck: Annote FAIL and MAYB results with URL to documentation - Annocheck: Add --no-urls and --provide-urls options - Annocheck: Add --help-<tool> option.	2021-09-09 14:18:24 +01:00
Nick Clifton	9d82370d42	- Annocheck: Fix fuzzing detected failures. - Annocheck: Added --profile option. - Docs: Documented --profile option and rpminspect.yaml.	2021-09-03 17:55:06 +01:00
Nick Clifton	ba44d58e22	Annocheck: Skip GO/CET checks. Fix fuzzing detected failures.	2021-08-31 15:18:09 +01:00
Nick Clifton	29d70de971	LLVM Plugin: Automatically choose the correct tests to run, based upon the version of Clang installed. (#1997444 ) spec file: Add the installation of the annobon sources into /usr/src/annobin.	2021-08-25 13:38:58 +01:00
Nick Clifton	1d5918a750	Annocheck: Fix memory corruption. (#1996963 ) spec file: Add the creation of a gcc-plugin version info file in /usr/lib/rpm/redhat.	2021-08-24 17:16:30 +01:00
Nick Clifton	7a0769e513	Annocheck: Add linker generated function for ppc64le exceptions. (#1981410 ) LLVM Plugin: Allow checks to be selected from the command line. Annocheck: Examine DW_AT_producer for -flto.	2021-08-18 11:28:24 +01:00
Nick Clifton	5d4d27dda9	Annocheck: Conditionalize detection of AArch64's PAC+BTI protection. Annocheck: Add linker generated function for s390x exceptions. (#1981410)	2021-08-17 15:03:42 +01:00
Nick Clifton	6d69597433	Annocheck: Generate MAYB results for gaps in notes covering the .text section. (#1991943 ) Annocheck: Close DWARF file descriptors once the debug info is no longer needed. (#1981410) LLVM Plugin: Update to build with Clang v13. (Thanks to: Tom Stellard <tstellar@redhat.com>)	2021-08-17 12:10:03 +01:00
Nick Clifton	c76d8664da	Annocheck: Fix memory corruption. (#1988715 )	2021-08-16 12:41:17 +01:00
Nick Clifton	75a23fb883	Annocheck: Skip certain tests for kernel modules.	2021-08-11 17:23:33 +01:00
Nick Clifton	71f8485e39	Annocheck: Detect a missing CET note. (#1991931 ) Annocheck: Do not report future fails for AArch64 notes. Annocheck: Warn about multiple --debug-file, --debug-rpm and --debug-dir options.	2021-08-10 15:14:48 +01:00
Nick Clifton	4af05b1261	Annocheck: Process files in command line order. (#1988714 )	2021-08-09 11:14:43 +01:00
Nick Clifton	0394c1d928	Annocheck: Reverse AArch64 PAC+BTI check, ie fail if they are enabled. Resolves: #1984995	2021-07-23 13:36:44 +01:00
Nick Clifton	8adc17e68b	Annocheck: Add another test exceptions.	2021-07-13 17:15:00 +01:00
Nick Clifton	5bbd4f5f31	Annocheck: Add some more test exceptions.	2021-07-13 15:39:21 +01:00
Nick Clifton	a978ea49fa	Tests: Skip glibc-notes test if the assembler does not support --generate-missing-build-notes. Resolves: #1978573	2021-07-05 12:49:37 +01:00
Nick Clifton	dfddf61cdd	Annocheck: Fix spelling mistake in -,stack-realign failure message. (#1977349 )	2021-06-29 16:06:16 +01:00
Nick Clifton	76947e83c2	gcc-plugin: Do not record global versions of stack protection settings in LTO mode, if not set. (#1958954 )	2021-06-22 16:05:21 +01:00
Nick Clifton	14c8067c11	annocheck: Remove limit on number of input files.	2021-06-21 16:16:26 +01:00
Nick Clifton	f1a1007e43	clang/llvm plugins: Build with correct security options.	2021-06-15 14:48:49 +01:00
Nick Clifton	96f1a8a19f	Annocheck: Better detection of GO compiler version.	2021-06-15 12:10:19 +01:00
Nick Clifton	55304ea386	Annocheck: Better support for symbolic links. In verbose mode, report the reason for skipping specific tests. Resolves: #1969584	2021-06-09 16:49:05 +01:00
Nick Clifton	1c617b1ec0	annocheck: Improve detection of shared libraries. Resolves: #1958954	2021-05-25 14:54:34 +01:00
Nick Clifton	81adad3f31	annocheck: Accept 0 as a valid number for gcc minor versions and release numbers. gcc-plugin: Add support for ARM and RISCV targets.	2021-05-13 12:41:45 +01:00
Nick Clifton	394bd0083f	timing: do not initialise the clock if the timing tool is disabled.	2021-05-04 15:15:25 +01:00
Nick Clifton	689a7f6f54	gcc-plugin: Replace ICE messsages with verbose messages.	2021-04-30 09:50:06 +01:00
Nick Clifton	e5cf20e0a3	Fix the testsuite so that it can be run in parallel.	2021-04-22 14:15:51 +01:00
Nick Clifton	9e62aa8ed8	Annocheck: WARN if the annobin plugin was built for a newer version of the compiler than the one on which it was run. Related: #1950657	2021-04-21 12:56:16 +01:00
Nick Clifton	1622358fc1	Annocheck: Improve detection of missing GNU-stack support.	2021-04-20 12:35:20 +01:00
Nick Clifton	1d6e1bf892	Add new sources	2021-04-09 14:58:04 +01:00
Nick Clifton	4a7311622e	gcc-plugin: Use a fixed filename when running in LTO mode.	2021-03-09 13:38:59 +00:00
Nick Clifton	60c8169066	Annocheck: Fix detection of special function names. Resolves: #1934189	2021-03-03 10:10:12 +00:00
Nick Clifton	1720e01afe	Annocheck: FAIL the deliberate use of -fno-stack-protector, but add some exceptions for glibc. Resolves: #1923439	2021-02-26 10:09:08 +00:00
Nick Clifton	891fad1c0c	Annocheck: Add colour to some messages. Skip the deliberate use of -fno-stack-protector. Resolves: #1923439	2021-02-25 11:22:54 +00:00
Nick Clifton	a35ca900df	Annocheck: Fix some problems with tests for missing notes.	2021-02-22 13:02:23 +00:00
Nick Clifton	2cfdfdf4f4	Add some GO tests to annocheck.	2021-02-05 11:21:57 +00:00
Nick Clifton	3a4181e531	Add a future fail for the presence of RPATH in the dynamic tags.	2021-01-20 11:15:10 +00:00
Nick Clifton	df15f450f0	Add the ability to disable the warning message about -D_FORTIFY_SOURCE being missing.	2021-01-18 18:09:39 +00:00
Nick Clifton	1874eab6f1	Workaround for elflint problems with PPC compiled files. Resolves: #1880634	2021-01-14 10:37:21 +00:00
Nick Clifton	8b182011da	Fix bogus AArch64 test failures.	2021-01-13 10:30:18 +00:00
Nick Clifton	d119c7a74a	Improved testing by annocheck. Add fixed format message mode.	2021-01-12 17:19:21 +00:00
Nick Clifton	3bac683d82	Add support for -D_FORTIFY_SOURCE=3.	2021-01-04 16:18:52 +00:00
Nick Clifton	4a3a6f104e	annocheck: When a binary is produced both by GAS and GCC, select GAS as the real producer. (#1906171 )	2020-12-11 14:53:32 +00:00
Nick Clifton	409120aa01	annocheck: Improve test for LTO compiled binaries that do not have -Wall annotations. (#1906171 )	2020-12-10 11:48:06 +00:00
Nick Clifton	d7a90f1991	annocheck: Mark a missining -D_FORTIFY_SOURCE as a FAIL.	2020-12-09 17:15:19 +00:00
Nick Clifton	46640ca3dc	9.49: annocheck: Fix the note analyzer's handling of empty PowerPC64 notes.	2020-12-08 12:58:44 +00:00
Nick Clifton	62931e922e	9.48: gcc plugin: Tweak generation of end symbols for PPC64 when LTO is active. (#1898075 )	2020-12-02 12:12:12 +00:00
Nick Clifton	24fe187a8d	9.47: gcc plugin: Add support for GCC 11's cl_vars array.	2020-12-01 13:39:47 +00:00
Nick Clifton	ea02dafc1f	Annocheck: Support enabling/disable future fail tests.	2020-11-24 10:39:50 +00:00
Nick Clifton	b333964fd5	GCC plugin: Always record global notes for the .text.startup, .text.exit, .text.hot and .text.cold sections.	2020-11-23 12:12:25 +00:00
Nick Clifton	62e7074ffd	Clang plugin: Add -lLLVM to the build command line.	2020-11-17 16:30:19 +00:00
Nick Clifton	5b0e474e77	Annocheck: Improve reporting of missing -D_FORTIFY_SOURCE option. (#1898075 )	2020-11-16 14:26:06 +00:00
Nick Clifton	3cff478cb4	Annocheck: Improve reporting of missing LTO option.	2020-11-16 11:40:56 +00:00
Nick Clifton	33cfa7d0eb	annocheck: Add handling of gimple compiled files	2020-11-10 16:41:31 +00:00
Nick Clifton	c0eabbb63f	Add --without-gcc-plugin option.	2020-11-09 13:55:03 +00:00
Nick Clifton	e6e8317766	Annocheck: Fix bug parsing DW_AT_producer.	2020-11-06 12:30:46 +00:00
Nick Clifton	34a622f99e	Add reporting of GNU Property notes for PowerPC. Add test of objcopy's note merging abilities.	2020-11-04 14:17:42 +00:00
Nick Clifton	a707c7d43e	Record the -flto setting and produce a soft warning if it is absent. Suppress warnings about _D_GLIBCXX_ASSERTIONS if the source code is known to be something other than C++.	2020-10-21 15:18:44 +01:00
Nick Clifton	d94f0f89ce	gcc-plugin: Allow the use of the SHF_LINK_ORDER section flag to discard unused notes. (Experimental).	2020-10-02 13:29:31 +01:00
Nick Clifton	ad2a3b8d06	Enable the Clang and LLVM plugins by default. (Experimental).	2020-09-28 11:41:09 +01:00
Nick Clifton	5a05a4d64e	gcc-plugin: Fix test for empty PowerPC sections. Resolves: #1880634	2020-09-21 13:13:34 +01:00
Nick Clifton	087486d90e	annocheck: Add tests for the AArch64 BTI and PAC security features. Resolves: #1862478	2020-09-16 07:47:41 +01:00
Nick Clifton	353a681587	gcc plugin: Use a 4 byte offset for PowerPC start symbols, so that they do not break disassemblies.	2020-09-10 13:42:30 +01:00
Nick Clifton	397174a269	gcc plugin: Correct the detection of 32-bit x86 builds. Resolves: #1876197	2020-09-10 11:06:24 +01:00
Nick Clifton	d9c1db450f	gcc plugin: Detect any attempt to access the global_options array.	2020-08-17 10:51:27 +01:00
Nick Clifton	057676c5e3	gcc plugin: Do not complain about missing pre-processor options when examining a preprocessed input file. Resolves: #1862718	2020-08-11 16:24:55 +01:00
Nick Clifton	16d8c4b5fe	Use more robust checks for AArch64 options	2020-07-30 17:01:07 +01:00
Nick Clifton	1c15fe568b	Fix bug testing CLANG compiler assembler sources	2020-07-30 08:40:49 +01:00
Nick Clifton	43a0359804	Bring in better fix for AArch64 pointer size bug	2020-07-29 16:37:50 +01:00
Nick Clifton	3ab9323c0b	Temporary suppression of aarch64 pointer size check	2020-07-26 09:31:57 +01:00
Nick Clifton	6fd2366132	Annocheck: Do not skip tests of the short-enums notes.	2020-07-01 16:59:51 +01:00
Nick Clifton	9f46ccb4ce	Add (optional) llvm plugin.	2020-06-15 17:33:58 +01:00
Nick Clifton	225ffdc722	Annobin: Fall back on using the flags if the option cannot be found in cl_options. Resolves: #1817659	2020-04-22 13:01:20 +01:00
Nick Clifton	459acd6cb6	Annocheck: Detect Fortran compiled programs. (#1824393 )	2020-04-16 16:29:42 +01:00
Nick Clifton	ec93f17ffa	Annobin: If option name mismatch occurs, seach for the real option. Resolves: #1817452	2020-04-01 14:21:23 +01:00
Nick Clifton	dcdc0af39b	Annocheck: Fix a division by zero error when parsing GO binaries. Resolves: #1818863	2020-03-30 17:13:30 +01:00
Nick Clifton	dcc513660a	Annobin: Fix access to the -flto and -fsanitize flags.	2020-03-27 09:53:24 +00:00
Nick Clifton	82024ae45f	Add some debugging	2020-03-27 08:58:02 +00:00
Nick Clifton	25d4740c92	Use offsets stored in gcc's cl_option structure to access the global_options array, thus removing the need to check for changes in the size of this structure.	2020-03-26 15:46:44 +00:00
Nick Clifton	fd8169aaee	Rename gcc plugin directory to gcc-plugin. Stop annocheck from complaining about missing options when the binary has been built in a mixed environment.	2020-03-12 16:29:39 +00:00
Nick Clifton	09d5b50939	Improve builtby tool. Stop annocheck complaining about missing notes when the binary is not compiled by either gcc or clang. Skip the check of the ENTRY instruction for binaries not compiled by gcc or clang.	2020-03-04 14:22:53 +00:00
Nick Clifton	cb98e5f903	Fix infinite loop hangup in annocheck. Disable debuginfod support by default. Improve parsing of .comment section.	2020-02-28 10:43:39 +00:00
Nick Clifton	5d051cb7a7	Fix clang plugin to use hidden symbols.	2020-02-27 12:42:53 +00:00
Nick Clifton	f7f58a9fb9	Add ability to build clang plugin (disabled by default).	2020-02-25 15:50:15 +00:00
Nick Clifton	e8f56c0bdb	Annocheck: Fix error printing out the version number.	2020-02-17 17:21:55 +00:00
Nick Clifton	1fa49e66f8	Annobin: Add checks of the exact location of the examined switches.	2020-02-14 13:48:28 +00:00
Nick Clifton	eb569a62e1	Annobin: Note when stack clash notes are generated. Annocheck: Handle multiple builder IDs in the .comment section.	2020-02-11 15:30:09 +00:00
Nick Clifton	2b9645b749	Add configure option to suppress building annocheck.	2020-01-31 13:32:01 +00:00
Nick Clifton	dba13c4fd1	oops - forgot to add the new sources	2020-01-31 12:10:52 +00:00
Nick Clifton	3317ae10db	Add support for debuginfod (disabled by default)	2020-01-30 16:48:12 +00:00
Nick Clifton	980573dc2e	Add experimental clang plugin and rebuild with gcc-10.	2020-01-20 12:38:03 +00:00
Nick Clifton	8997d89f3d	Have annocheck ignore notes with an end address of 0.	2019-12-06 14:43:08 +00:00
Nick Clifton	9c95399d00	Add new sources	2019-11-18 21:31:07 +00:00
Nick Clifton	27da4aee96	Improve checking of gcc versions.	2019-11-18 17:37:38 +00:00
Nick Clifton	9f8f0cdd01	Annocheck: Do not skip positive results.	2019-11-15 15:59:54 +00:00
Nick Clifton	d97bf868e7	Generate a WARN result for code compiled with instrumentation enabled. Relates: #1753918	2019-11-01 13:58:20 +00:00
Nick Clifton	fff201eb4f	Replace address checks with dladdr1.	2019-10-22 16:55:27 +01:00
Nick Clifton	046883693b	Use libabigail like checking to ensure variable address consistency.	2019-10-21 16:51:56 +01:00
Nick Clifton	07e0a5ab8f	Skip generation of global notes for hot/cold sections.	2019-10-16 16:35:21 +01:00
Nick Clifton	59663eb6dc	Generate FAIL results if -Wall or -Wformat-security are missing.	2019-10-10 14:40:50 +01:00
Nick Clifton	c240981e82	- If notes cannot be found in the executable look for them in the debuginfo file, if available. - Generate a FAIL if notes are missing from the executable/debuginfo file. - Record and report the setting of the AArcht64 specific -mbranch-protection option.	2019-10-04 07:59:55 +01:00
Nick Clifton	af41c06a9f	Improve detection of GO binaries. Add gcc version information to annobin notes. Do not complain about missing FORTIFY_SOURCE and GLIBCXX_ASSERTIONS in LTO compilations.	2019-09-23 13:39:55 +01:00
Nick Clifton	b6d4688b8a	Allow compiler used to run tests to be specified on the command line. Resolves: #1723401	2019-08-19 10:45:35 +01:00
Nick Clifton	4a6b895755	Fix a memory allocation error in the annobin plugin. Resolves: #1737306	2019-08-06 15:42:50 +01:00
Nick Clifton	03aecabbfb	Another attempt at fixing the detection and reporting of missing -D_FORTIFY_SOURCE options.	2019-06-24 14:22:11 +01:00
Nick Clifton	94317b5194	Report a missing -D_FORTIFY_SOUCRE option if -D_GLIBCXX_ASSERTIONS was detected. Do not report problems with -fstack-protection if the binary was not built by gcc or clang. Resolves: #1703788 Resolves: #1703499 Resolves: #1703500	2019-04-30 15:48:33 +01:00
Nick Clifton	64b0875430	Add tests of clang command line options recorded in the DW_AT_producer attribute.	2019-04-26 13:16:53 +01:00
Nick Clifton	eeb41d947f	Fix test for an executable stack segment. Resolves: #1700924	2019-04-24 12:27:15 +01:00
Nick Clifton	276edb1e4f	Rebuild annobin with the latest rawhide gcc sources. Resolves: #1700923	2019-04-18 12:15:30 +01:00
Nick Clifton	6e6ab3bb26	Annobin: Suppress more calls to free() which are triggering memory checker errors. Resolves: #1684148	2019-02-28 15:51:40 +00:00
Nick Clifton	e7dabf64aa	Add section flag matching ability to section size tool.	2019-02-01 15:23:41 +00:00
Nick Clifton	443440ae4a	Annobin: Add support for .text.startup and .text.exit sections generated by gcc 9. Annocheck: Add a note displaying tool.	2019-01-24 15:47:34 +00:00
Nick Clifton	16e73c5719	Annocheck: Skip checks for -D_FORTIFY_SOURCE and -D_GLIBCXX_ASSERTIONS if there is no compiler generated code in the binary.	2019-01-23 13:57:56 +00:00
Nick Clifton	c418230648	Annocheck: Only skip specific checks for specific symbols. Annobin: Record the setting of the -fomit-frame-pointer option. Resolves: #1666823	2019-01-17 10:18:16 +00:00
Nick Clifton	08a082430f	Add new sources	2019-01-02 14:24:59 +00:00
Nick Clifton	a4538d86c6	Annobin: Fix handling of multiple .text.unlikely sections.	2018-12-11 09:59:46 +00:00
Nick Clifton	60a01e9fa2	Annocheck: Skip gaps in PPC64 executables covered by start_bcax_ symbols.	2018-11-30 16:02:59 +00:00
Nick Clifton	dbdec1ad35	Annocheck: Disable ENDBR test for shared libraries. (#1652925 )	2018-11-26 15:05:19 +00:00
Nick Clifton	1a9432d76e	Annocheck: Add test for ENDBR instruction at entry address of x86/x86_64 executables. (#1652925 )	2018-11-26 14:17:58 +00:00
Nick Clifton	d3a48b47e3	Fix building with gcc version 4.	2018-11-19 12:06:27 +00:00
Nick Clifton	eef6b3c65b	Skip -Wl,-z,now and -Wl,-z,relro checks for non-gcc produced binaries.	2018-11-13 13:20:17 +00:00
Nick Clifton	819496e5f7	Ensure GNU Property notes are 8-byte aligned in x86_64 binaries. Resolves: #1645817	2018-11-05 17:08:28 +00:00
Nick Clifton	9eeba2575d	Skip PPC64 linker stubs created in the middle of text sections (again). (#1630640 )	2018-10-18 15:29:57 +01:00
Nick Clifton	b6fefda299	Suppress free of invalid pointer. (#1638371 )	2018-10-18 13:19:51 +01:00
Nick Clifton	a7bd5f0b0f	Skip PPC64 linker stubs created in the middle of text sections. (#1630640 )	2018-10-18 12:03:24 +01:00
Nick Clifton	0b540ceed9	Add new sources	2018-10-18 10:40:33 +01:00
Nick Clifton	31fd1dfa5c	Also skip virtual thinks created by G++. (#1630619 )	2018-10-11 16:11:08 +01:00
Nick Clifton	a4ffb9c75e	Use uppercase for all fail/mayb/pass results. (#1637706 )	2018-10-10 18:14:55 +01:00
Nick Clifton	28d895fe9d	Generate notes for unlikely sections. (#1630620 )	2018-10-10 16:50:29 +01:00
Nick Clifton	863cedb167	Fix edge case computing section names for end symbols. (#1637039 )	2018-10-08 17:13:56 +01:00
Nick Clifton	66bc6309ff	Skip dynamic checks for binaries without a dynamic segment. (#1636606 )	2018-10-08 10:42:53 +01:00
Nick Clifton	1750e06470	- Delay generating attach_to_group directives until the end of the compilation. (#1636265 ) - Fix bug introduced in previous delta which would trigger a seg-fault when scanning for gaps. - Annobin: Fix section name selection for startup sections. - Annocheck: Improve gap skipping heuristics. (#1630574)	2018-10-05 12:22:45 +01:00
Nick Clifton	f0f59cd27a	Update sources.	2018-10-03 09:42:30 +01:00
Nick Clifton	fa19a50b6c	Skip compiler option checks for non-GNU producers. (#1633749 ) Fix function section support (again). (#1630574) Ignore ppc64le notes where start = end + 2. (#1632259)	2018-10-01 10:01:11 +01:00

1 2 3 4 5 ...

322 Commits