NB/ Keep this value in sync with libannochck_version defined in
annocheck/libannocheck.h. */
-#define ANNOBIN_VERSION 1067
+#define ANNOBIN_VERSION 1068
/* The version of the annotation specification supported. */
#define SPEC_VERSION 3
{
int i;
+ /* The contents of static glibc libraries should be ignored. */
+ if (strchr (path, ':'))
+ {
+ static const char * known_glibc_libraries [] =
+ {
+ "libBrokenLocale.a",
+ "libc.a:",
+ "libc_nonshared.a:",
+ "libm-2.34.a:",
+ "libmvec.a:",
+ "libresolv.a:"
+ };
+
+ for (i = ARRAY_SIZE (known_glibc_libraries); i--;)
+ if (strstr (path, known_glibc_libraries[i]) != NULL)
+ return true;
+ }
+
/* If we are testing an uninstalled rpm then the paths will start with "."
so skip this. */
if (path[0] == '.')
path += len;
break;
}
- /* Do not abort this loop if res > 0/
+ /* Do not abort this loop if res > 0
We can have a file like /usr/lib64/libmcheck.a which will
not match /usr/lib64/gconv but which should match /usr/lib64. */
}
"libBrokenLocale-2.28.so",
"libBrokenLocale.so.1",
"libSegFault.so",
+ "libanl.so.1",
"libc.so.6",
"libc_malloc_debug.so.0",
+ "libdl.so.2",
"libg.a:dummy.o",
"libm.so.6",
"libmcheck.a",
"libnss_compat.so.2",
"libpcprofile.so",
"libpthread-2.28.so",
+ "libpthread.so.0",
"libresolv-2.28.so",
"libresolv.so.2",
"librt.so.1",
"libthread_db.so.1",
+ "libutil.so.1",
"locale",
"localedef",
"makedb",
"_nss_files_sethostent",
"_start",
"abort",
+ "atexit",
"blacklist_store_name",
"buffer_free",
"cabsf128",
if (disabled)
return false;
- if (! skip_test (TEST_RWX_SEG))
+ switch (seg->phdr->p_type)
{
- if ((seg->phdr->p_flags & (PF_X | PF_W | PF_R)) == (PF_X | PF_W | PF_R))
+ case PT_TLS:
+ if (! skip_test (TEST_RWX_SEG)
+ && seg->phdr->p_memsz > 0
+ && (seg->phdr->p_flags & PF_X))
{
- /* Object files should not have segments. */
- assert (! is_object_file ());
- fail (data, TEST_RWX_SEG, SOURCE_SEGMENT_HEADERS, "segment has Read, Write and eXecute flags set");
- einfo (VERBOSE2, "RWX segment number: %d", seg->number);
+ fail (data, TEST_RWX_SEG, SOURCE_SEGMENT_HEADERS, "TLS segment has eXecute flag set");
+ einfo (VERBOSE2, "TLS segment number: %d", seg->number);
}
- }
-
- switch (seg->phdr->p_type)
- {
+ break;
+
case PT_INTERP:
per_file.has_program_interpreter = true;
break;
fail (data, TEST_GNU_STACK, SOURCE_SEGMENT_HEADERS, "the GNU stack segment has execute permission");
else if ((seg->phdr->p_flags & PF_X) == 0)
pass (data, TEST_GNU_STACK, SOURCE_SEGMENT_HEADERS, "stack segment exists with the correct permissions");
+ /* FIXME: Check for multiple PT_GNU_STACK segments ? */
}
break;
return supports_property_notes (per_file.e_machine);
case PT_LOAD:
+ if (! skip_test (TEST_RWX_SEG))
+ {
+ if (seg->phdr->p_memsz > 0
+ && (seg->phdr->p_flags & (PF_X | PF_W | PF_R)) == (PF_X | PF_W | PF_R))
+ {
+ /* Object files should not have segments. */
+ assert (! is_object_file ());
+ fail (data, TEST_RWX_SEG, SOURCE_SEGMENT_HEADERS, "segment has Read, Write and eXecute flags set");
+ einfo (VERBOSE2, "RWX segment number: %d", seg->number);
+ }
+ }
+
/* If we are checking the entry point instruction then we need to load
the segment. We check segments rather than sections because executables
do not have to have sections. */
else if (is_special_glibc_binary (data->full_filename))
skip (data, i, SOURCE_FINAL_SCAN, "glibc binaries not compiled with LTO");
else
- maybe (data, i, SOURCE_FINAL_SCAN, "no indication that LTO was used");
+ info (data, i, SOURCE_FINAL_SCAN, "no indication that LTO was used");
break;
case TEST_PIE:
/* NB/ Keep this value in sync with ANNOBIN_VERSION defined in
annobin-global.h. */
-const unsigned int libannocheck_version = 1067;
+const unsigned int libannocheck_version = 1068;
typedef enum libannocheck_error
{
Example: FAIL: rwx-seg test because segment has Read, Write and eXecute flags set
- This test checks that the file does not have any segments that have
-all three of the READ, WRITE and EXECUTE permissions. Code segments
-should have read and execute permissions, but they should not be
-writable as otherwise an attacker can overwrite the code. Data segments
-should have read permission, and possibly write permission as well, but
-never execute permission as otherwise an attacker might be able to
-create their own code in a data area.
+ This test checks that the file does not have any segments that are
+ 1. have all three of the READ, WRITE and EXECUTE permissions.
+ 2. have a non-zero size
+ 3. are resident in memory when the program runs
+ 4. do not have an architecture/OS specific type
+
+ Code segments should have read and execute permissions, but they
+should not be writable as otherwise an attacker can overwrite the code.
+Data segments should have read permission, and possibly write permission
+as well, but never execute permission as otherwise an attacker might be
+able to create their own code in a data area.
The linker will normally never create a binary file with a segment
with all three permissions, but it is possible to force it to do so by
Node: Test property note\7f65542
Node: Test run path\7f68019
Node: Test rwx seg\7f70240
-Node: Test short enums\7f71512
-Node: Test stack clash\7f72529
-Node: Test stack prot\7f73990
-Node: Test stack realign\7f75322
-Node: Test textrel\7f76592
-Node: Test threads\7f77849
-Node: Test unicode\7f78664
-Node: Test warnings\7f80155
-Node: Test writable got\7f80990
-Node: Hardened Command Line Options\7f82276
-Node: Waiving Hardened Results\7f87716
-Node: Notes\7f89662
-Node: Size\7f90298
-Node: Timing\7f92667
-Node: Libannocheck\7f93306
-Node: libannocheck_init\7f95245
-Node: libannocheck_finish\7f96167
-Node: libannocheck_get_version\7f96715
-Node: libannocheck_get_error_message\7f97124
-Node: libannocheck_get_known_tests\7f97764
-Node: libannocheck_enable_all_tests\7f98930
-Node: libannocheck_disable_all_tests\7f99409
-Node: libannocheck_enable_test\7f99965
-Node: libannocheck_disable_test\7f100633
-Node: libannocheck_enable_profile\7f101302
-Node: libannocheck_get_known_profiles\7f101824
-Node: libannocheck_run_tests\7f102527
-Node: Configure Options\7f103372
-Node: Legacy Scripts\7f105714
-Node: Who Built Me\7f106489
-Node: ABI Checking\7f109249
-Node: Hardening Checks\7f111365
-Node: Checking Archives\7f115451
-Node: GNU FDL\7f117872
+Node: Test short enums\7f71649
+Node: Test stack clash\7f72666
+Node: Test stack prot\7f74127
+Node: Test stack realign\7f75459
+Node: Test textrel\7f76729
+Node: Test threads\7f77986
+Node: Test unicode\7f78801
+Node: Test warnings\7f80292
+Node: Test writable got\7f81127
+Node: Hardened Command Line Options\7f82413
+Node: Waiving Hardened Results\7f87853
+Node: Notes\7f89799
+Node: Size\7f90435
+Node: Timing\7f92804
+Node: Libannocheck\7f93443
+Node: libannocheck_init\7f95382
+Node: libannocheck_finish\7f96304
+Node: libannocheck_get_version\7f96852
+Node: libannocheck_get_error_message\7f97261
+Node: libannocheck_get_known_tests\7f97901
+Node: libannocheck_enable_all_tests\7f99067
+Node: libannocheck_disable_all_tests\7f99546
+Node: libannocheck_enable_test\7f100102
+Node: libannocheck_disable_test\7f100770
+Node: libannocheck_enable_profile\7f101439
+Node: libannocheck_get_known_profiles\7f101961
+Node: libannocheck_run_tests\7f102664
+Node: Configure Options\7f103509
+Node: Legacy Scripts\7f105851
+Node: Who Built Me\7f106626
+Node: ABI Checking\7f109386
+Node: Hardening Checks\7f111502
+Node: Checking Archives\7f115588
+Node: GNU FDL\7f118009
\1f
End Tag Table
Example: FAIL: rwx-seg test because segment has Read, Write and eXecute flags set
@end smallexample
-This test checks that the file does not have any segments that have
-all three of the @var{read}, @var{write} and @var{execute}
-permissions. Code segments should have read and execute permissions,
-but they should not be writable as otherwise an attacker can
-overwrite the code. Data segments should have read permission, and
-possibly write permission as well, but never execute permission
-as otherwise an attacker might be able to create their own code in a
-data area.
+This test checks that the file does not have any segments that are
+@enumerate
+@item
+have all three of the @var{read}, @var{write} and @var{execute}
+permissions.
+@item
+have a non-zero size
+@item
+are resident in memory when the program runs
+@item
+do not have an architecture/OS specific type
+@end enumerate
+
+Code segments should have read and execute permissions, but they
+should not be writable as otherwise an attacker can overwrite the
+code. Data segments should have read permission, and possibly write
+permission as well, but never execute permission as otherwise an
+attacker might be able to create their own code in a data area.
The linker will normally never create a binary file with a segment
with all three permissions, but it is possible to force it to do so by
git://sourceware.org / annobin.git / commitdiff