rpms/annobin
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
334 Commits 20 Branches 0 Tags 10 MiB
ee93527317
Commit Graph

210 Commits

Author SHA1 Message Date
Nick Clifton
fff201eb4f Replace address checks with dladdr1. 2019-10-22 16:55:27 +01:00
Nick Clifton
046883693b Use libabigail like checking to ensure variable address consistency. 2019-10-21 16:51:56 +01:00
Nick Clifton
07e0a5ab8f Skip generation of global notes for hot/cold sections. 2019-10-16 16:35:21 +01:00
Nick Clifton
59663eb6dc Generate FAIL results if -Wall or -Wformat-security are missing. 2019-10-10 14:40:50 +01:00
Nick Clifton
c240981e82 - If notes cannot be found in the executable look for them in the debuginfo file, if available. 
- Generate a FAIL if notes are missing from the executable/debuginfo file.
- Record and report the setting of the AArcht64 specific -mbranch-protection option.
 2019-10-04 07:59:55 +01:00
Nick Clifton
af41c06a9f Improve detection of GO binaries. 
Add gcc version information to annobin notes.
Do not complain about missing FORTIFY_SOURCE and GLIBCXX_ASSERTIONS in LTO compilations.
 2019-09-23 13:39:55 +01:00
Nick Clifton
b6d4688b8a Allow compiler used to run tests to be specified on the command line. 
Resolves: #1723401
 2019-08-19 10:45:35 +01:00
Nick Clifton
4a6b895755 Fix a memory allocation error in the annobin plugin. 
Resolves: #1737306
 2019-08-06 15:42:50 +01:00
Nick Clifton
03aecabbfb Another attempt at fixing the detection and reporting of missing -D_FORTIFY_SOURCE options. 2019-06-24 14:22:11 +01:00
Nick Clifton
94317b5194 Report a missing -D_FORTIFY_SOUCRE option if -D_GLIBCXX_ASSERTIONS was detected. Do not report problems with -fstack-protection if the binary was not built by gcc or clang. 
Resolves: #1703788
Resolves: #1703499
Resolves: #1703500
 2019-04-30 15:48:33 +01:00
Nick Clifton
64b0875430 Add tests of clang command line options recorded in the DW_AT_producer attribute. 2019-04-26 13:16:53 +01:00
Nick Clifton
eeb41d947f Fix test for an executable stack segment. 
Resolves: #1700924
 2019-04-24 12:27:15 +01:00
Nick Clifton
276edb1e4f Rebuild annobin with the latest rawhide gcc sources. 
Resolves: #1700923
 2019-04-18 12:15:30 +01:00
Nick Clifton
6e6ab3bb26 Annobin: Suppress more calls to free() which are triggering memory checker errors. 
Resolves: #1684148
 2019-02-28 15:51:40 +00:00
Nick Clifton
e7dabf64aa Add section flag matching ability to section size tool. 2019-02-01 15:23:41 +00:00
Nick Clifton
443440ae4a Annobin: Add support for .text.startup and .text.exit sections generated by gcc 9. 
Annocheck: Add a note displaying tool.
 2019-01-24 15:47:34 +00:00
Nick Clifton
16e73c5719 Annocheck: Skip checks for -D_FORTIFY_SOURCE and -D_GLIBCXX_ASSERTIONS if there is no compiler generated code in the binary. 2019-01-23 13:57:56 +00:00
Nick Clifton
c418230648 Annocheck: Only skip specific checks for specific symbols. Annobin: Record the setting of the -fomit-frame-pointer option. 
Resolves: #1666823
 2019-01-17 10:18:16 +00:00
Nick Clifton
08a082430f Add new sources 2019-01-02 14:24:59 +00:00
Nick Clifton
a4538d86c6 Annobin: Fix handling of multiple .text.unlikely sections. 2018-12-11 09:59:46 +00:00
Nick Clifton
60a01e9fa2 Annocheck: Skip gaps in PPC64 executables covered by start_bcax_ symbols. 2018-11-30 16:02:59 +00:00
Nick Clifton
dbdec1ad35 Annocheck: Disable ENDBR test for shared libraries. (#1652925) 2018-11-26 15:05:19 +00:00
Nick Clifton
1a9432d76e Annocheck: Add test for ENDBR instruction at entry address of x86/x86_64 executables. (#1652925) 2018-11-26 14:17:58 +00:00
Nick Clifton
d3a48b47e3 Fix building with gcc version 4. 2018-11-19 12:06:27 +00:00
Nick Clifton
eef6b3c65b Skip -Wl,-z,now and -Wl,-z,relro checks for non-gcc produced binaries. 2018-11-13 13:20:17 +00:00
Nick Clifton
819496e5f7 Ensure GNU Property notes are 8-byte aligned in x86_64 binaries. 
Resolves: #1645817
 2018-11-05 17:08:28 +00:00
Nick Clifton
9eeba2575d Skip PPC64 linker stubs created in the middle of text sections (again). (#1630640) 2018-10-18 15:29:57 +01:00
Nick Clifton
b6fefda299 Suppress free of invalid pointer. (#1638371) 2018-10-18 13:19:51 +01:00
Nick Clifton
a7bd5f0b0f Skip PPC64 linker stubs created in the middle of text sections. (#1630640) 2018-10-18 12:03:24 +01:00
Nick Clifton
0b540ceed9 Add new sources 2018-10-18 10:40:33 +01:00
Nick Clifton
31fd1dfa5c Also skip virtual thinks created by G++. (#1630619) 2018-10-11 16:11:08 +01:00
Nick Clifton
a4ffb9c75e Use uppercase for all fail/mayb/pass results. (#1637706) 2018-10-10 18:14:55 +01:00
Nick Clifton
28d895fe9d Generate notes for unlikely sections. (#1630620) 2018-10-10 16:50:29 +01:00
Nick Clifton
863cedb167 Fix edge case computing section names for end symbols. (#1637039) 2018-10-08 17:13:56 +01:00
Nick Clifton
66bc6309ff Skip dynamic checks for binaries without a dynamic segment. (#1636606) 2018-10-08 10:42:53 +01:00
Nick Clifton
1750e06470 - Delay generating attach_to_group directives until the end of the compilation. (#1636265) 
- Fix bug introduced in previous delta which would trigger a seg-fault when scanning for gaps.
- Annobin:   Fix section name selection for startup sections.
- Annocheck: Improve gap skipping heuristics.   (#1630574)
 2018-10-05 12:22:45 +01:00
Nick Clifton
f0f59cd27a Update sources. 2018-10-03 09:42:30 +01:00
Nick Clifton
fa19a50b6c Skip compiler option checks for non-GNU producers. (#1633749) 
Fix function section support (again).   (#1630574)
Ignore ppc64le notes where start = end + 2.  (#1632259)
 2018-10-01 10:01:11 +01:00
Nick Clifton
50a4793ba2 Make annocheck ignore symbols suffixed with ".end". 2018-09-25 10:17:37 +01:00
Nick Clifton
740bbaa891 Tweak tests. 2018-09-21 21:34:13 +01:00
Nick Clifton
2cdf84f0b4 Generate notes and groups for .text.hot and .text.unlikely sections. 
When -ffunction-sections is active, put notes for startup sections into .text.startup.foo rather than .text.foo.
Similarly put exit section notes into .text.exit.foo.  (#1630574)
Change annocheck's maybe result for GNU Property note being missing into a PASS if it is not needed and a FAIL if it is needed.
 2018-09-21 18:43:52 +01:00
Nick Clifton
97b046a1ec Make the --skip-* options skip all messages about the specified test. 2018-09-19 15:43:54 +01:00
Nick Clifton
98aa3b8d59 Improve error message when an ET_EXEC binary is detected. 2018-09-18 11:41:21 +01:00
Nick Clifton
00645328fd Skip failures for PIC vs PIE. (#1629698) 2018-09-17 14:47:45 +01:00
Nick Clifton
62a035e246 Ensure 4 byte alignment of note sub-sections. 
Resolves: #1629671
 2018-09-17 11:40:50 +01:00
Nick Clifton
38c6f9ee42 Add timing tool to report on speed of the checks. 
Add check for conflicting use of the -fshort-enum option.
Add check of the GNU Property notes.
Skip check for -O2 if compiled with -Og.  (#1624162)
 2018-09-12 14:27:41 +01:00
Nick Clifton
3218a502f3 Add test for ET_EXEC binaries. 
Document --report-unknown option.
 2018-09-03 16:45:27 +01:00
Nick Clifton
a241ed8b29 - Fix bug in hardened tool which would skip gcc compiled files if the notes were too small. 
- Fix bugs in section-size tool.
- Fix bug in buillt-by tool.
 2018-08-30 11:59:48 +01:00
Nick Clifton
ccb481d55d Generate notes for comdat sections. 2018-08-29 11:09:02 +01:00
Nick Clifton
59960d354a Add more names to the gap skip list. 2018-08-23 14:07:31 +01:00
Nick Clifton
665e3d6465 Skip gaps at the end of functions. (#1619267) 2018-08-22 11:50:15 +01:00
Nick Clifton
1fa3a94195 Fix thinko in ppc64 gap detection code. 
Resolves: #1619267
 2018-08-21 08:58:31 +01:00
Nick Clifton
4482b57ec2 Skip gaps at the end of the .text section in ppc64 binaries. 2018-08-20 14:26:52 +01:00
Nick Clifton
c396cc5131 Skip checks in stack_chk_local_fail.c 
Treat gaps as FAIL results rather than MAYBE.
 2018-08-15 09:51:54 +01:00
Nick Clifton
34de7bcad3 Skip checks in __stack_chk_local_fail. 2018-08-08 13:43:37 +01:00
Nick Clifton
57a69d60c2 Reduce version check to gcc major version number only. 
Skip compiler option checks if binary not built with gcc.
Relates: #1603089
 2018-08-08 09:30:17 +01:00
Nick Clifton
a8c8418bed Fix bug in annobin plugin. Add --section-size=NAME option to annocheck. 2018-08-07 15:21:37 +01:00
Nick Clifton
504e1b0577 Correct name of man page for run-on-binaries-in script. 
Resolves: #1611155
 2018-08-02 09:51:33 +01:00
Nick Clifton
f7e6bb686b Allow $ORIGN to be at the start of entries in DT_RPATH and DT_RUNPATH. 2018-07-25 11:25:11 +01:00
Nick Clifton
848d99efa7 Add support for big endian targets. 2018-07-23 17:40:07 +01:00
Nick Clifton
38eb35a4e9 Count passes and failures on a per-component basis and report gaps. 2018-07-23 16:23:55 +01:00
Nick Clifton
9dbf46e911 Use our own copy of the targetm.asm_out.function_section() function. (#159861 comment#17) 2018-07-20 12:57:43 +01:00
Nick Clifton
baf40aa7ca Generate grouped note section name all the time. (#159861 comment#16) 2018-07-20 10:50:18 +01:00
Nick Clifton
d3e4501372 Fix section conflict problem. 
Resolves: #1603071
 2018-07-19 12:25:41 +01:00
Nick Clifton
c4f43f0cbb Fix for building with gcc version 4. 
Fix symbol placement in functions with local assembler.
 2018-07-18 15:24:48 +01:00
Nick Clifton
cc6b631f3a Fix assertions in rnage checking code. Add detection of -U options. 2018-07-17 18:06:21 +01:00
Nick Clifton
c760726387 Handle function sections properly. Handle .text.startup and .text.unlikely sections. Improve gap detection and reporting. 
Resolves: #1601055
 2018-07-17 16:04:01 +01:00
Nick Clifton
5a7b2e9a48 Fix construction of absolute versions of --dwarf-dir and --debug-rpm options. 2018-07-12 10:08:04 +01:00
Nick Clifton
4efcfc999f Fix buffer overrun when very long symbol names are encountered. 2018-07-11 09:27:49 +01:00
Nick Clifton
be50c56ece Do not force the generation of function notes when -ffunction-sections is active. 
Relates: #1598961
 2018-07-10 10:12:15 +01:00
Nick Clifton
a231425bc2 Skip the .annobin_ prfix when reporting symbols. 
Resolves: #1599315
 2018-07-09 17:23:41 +01:00
Nick Clifton
0342042e79 Use the assembler (c++ mangled) version of function names when switching sections. 
Resolves: #1598579
 2018-07-09 12:42:06 +01:00
Nick Clifton
efaf793911 Do not call function_section. 
Resolves: #1598961
 2018-07-09 12:22:24 +01:00
Nick Clifton
326c603396 Ignore cross-section gaps. 
Resolves: #1598551
 2018-07-06 12:23:12 +01:00
Nick Clifton
ce5f9d54ee Do not skip empty range notes in object files. 2018-07-05 10:53:33 +01:00
Nick Clifton
a1b8a53f98 Create the start symbol at the start of the function and the end symbol at the end. 
Resolves: #1596823
 2018-07-02 14:20:53 +01:00
Nick Clifton
7fa87a24cf Fix --debug-rpm when used inside a directory. 2018-07-02 11:58:23 +01:00
Nick Clifton
f4130c1b24 Use a prefix for all annobin generated symbols, and make them hidden. 
Only generate weak symbol definitions for linkonce sections.
 2018-06-28 13:20:24 +01:00
Nick Clifton
ae10117310 Skip some checks for relocatable object files, and dynamic objects. 
Stop bogus complaints about stackrealignment not being enabled.
 2018-06-27 14:55:35 +01:00
Nick Clifton
a55d84f6eb Add -debug-rpm= option to annocheck. 
Only use a 2 byte offset for the initial symbol on PowerPC.
 2018-06-25 16:38:03 +01:00
Nick Clifton
ec37d82581 Use --dwarf-path when looking for build-id based debuginfo files. 2018-06-22 15:35:18 +01:00
Nick Clifton
4a3f774835 Fix premature closing of dwarf handle. 2018-06-22 11:15:40 +01:00
Nick Clifton
25bca4e64e Fix scoping bug computing the name of a separate debug info file. 2018-06-22 10:46:17 +01:00
Nick Clifton
9a6d845b6e Fix file descriptor leak. 2018-06-19 15:42:03 +01:00
Nick Clifton
b8b6c8608e Add command line options to annocheck to disable individual tests. 2018-06-19 14:49:31 +01:00
Nick Clifton
9657bbe901 Remove C99-isms from annocheck sources. 2018-06-08 11:36:47 +01:00
Nick Clifton
4656334c92 Add the annocheck program as a sub-package. 2018-06-06 17:25:49 +01:00
Nick Clifton
a47a7d3349 Do not use the SHF_GNU_BUILD_NOTE section flag. 2018-06-01 15:08:25 +01:00
Nick Clifton
db2c4ce56d Remove .sh extension from shell scripts. 2018-05-31 16:10:11 +01:00
Nick Clifton
78f88fba1a Update to 5.9 annobin sources which includes code to record the -mstackrealign option for i686 binaries. 2018-05-30 12:08:39 +01:00
Nick Clifton
29f42b47f2 Hide the annobin start of file symbol. 2018-05-14 17:28:20 +01:00
Nick Clifton
7a683bbe67 Fix script bug in hardended.sh. (Thanks to: Stefan S?rensen <stefan.sorensen@spectralink.com>) 2018-05-08 13:29:58 +01:00
Nick Clifton
9d8fe91a43 Skip the isa_flags check in the ABI test because the crt[in].o files are compiled with different flags from the test files. 2018-04-30 10:30:15 +01:00
Nick Clifton
4f0a7c212f Add manual pages for the annobin and the scripts. 2018-04-20 16:52:49 +01:00
Nick Clifton
f2865c5c79 Do not record a stack protection setting of -1. 
Resolves: #1563141
 2018-04-03 16:16:48 +01:00
Nick Clifton
3323867c5b Do not complain about a dwarf_version value of -1. 
Relates: #1557511
 2018-03-20 11:33:13 +00:00
Nick Clifton
0af9bb23ba Bias file start symbols by 2 in order to avoid them confused with function symbols. (#1554332) 
Version jump is to sync the version number with the annobin plugins internal version number.
 2018-03-15 17:10:38 +00:00
Nick Clifton
c42ae85f5e Add --ignore-gaps option to check-abi.sh script. 
Use this option in the abi-test check.
Tweak hardening test to skip pic and stack protection checks.
 2018-03-12 12:55:40 +00:00
Nick Clifton
a9bdd53186 Handle functions with specific assembler names. 
Resolves: #1552018
 2018-03-06 11:22:26 +00:00
Nick Clifton
8a3889e374 Change type and size of symbols to STT_NOTYPE/0 so that they do not confuse GDB. (#1539664) 
Add run-on-binaries-in.sh script to allow the other scripts to be run over a repository.
 2018-02-09 09:00:08 +00:00
Nick Clifton
cfbd038110 Rebase on 3.3 release, which adds support for recording -mcet and -fcf-protection. 2018-01-30 16:33:00 +00:00
Nick Clifton
6b89f3290c Rebase on 3.2 release, which now contains documentation! 2018-01-26 12:33:58 +00:00
Nick Clifton
26ba227b0b Rebase on 3.1 annobin sources: 
v3 annobin notes - include ranges so that gaps can be detected.
  Add recoding of -fstack-clash-protection and -D_GLIBCXX_ASSERTIONS.
 2018-01-04 10:05:29 +00:00
Nick Clifton
c393d68a90 Touch the auto-generated files in order to stop them from being regenerated. 2017-09-26 13:59:20 +01:00
Nick Clifton
31b6780b2a Stop the plugin complaining about compiler datestamp mismatches. 2017-09-26 12:33:04 +01:00
Nick Clifton
4b489fec02 Tweak tests so that they will run on older machines. 2017-09-21 14:31:48 +01:00
Nick Clifton
32a0f859f3 SWitch back to xz compression for the source tarball. 2017-09-21 14:02:09 +01:00
Nick Clifton
e7ed17846e Rebased to annobin-2.3 sources. 
Add annobin-tests subpackage containing some preliminary tests.
Remove link-time test for unsuported targets.
 2017-09-21 13:39:01 +01:00
Nick Clifton
35fd563cf4 Initial Commit (#1451407) 2017-07-27 14:58:31 +01:00
Fedora Release Engineering
3e340fa40a Initial setup of the repo 2017-07-26 12:22:23 +00:00