forked from pool/rpmlint
Ludwig Nussel
a78a8fd6fa
* Check outdated or misspelled FSF addresses in text files. OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=20
74 lines
3.1 KiB
Diff
74 lines
3.1 KiB
Diff
From 6eedb2e510533cb196f37803b78ca64c0d0a77d4 Mon Sep 17 00:00:00 2001
|
|
From: scop <scop@9bc8b190-ac0f-0410-8968-dc7d1f502856>
|
|
Date: Sun, 15 May 2011 09:05:04 +0000
|
|
Subject: [PATCH] Check for position independent executables (based on patch by Ludwig Nussel).
|
|
|
|
git-svn-id: http://rpmlint.zarb.org/svn/trunk@1865 9bc8b190-ac0f-0410-8968-dc7d1f502856
|
|
---
|
|
BinariesCheck.py | 10 ++++++++++
|
|
config | 4 ++++
|
|
2 files changed, 14 insertions(+), 0 deletions(-)
|
|
|
|
Index: rpmlint-1.2/BinariesCheck.py
|
|
===================================================================
|
|
--- rpmlint-1.2.orig/BinariesCheck.py
|
|
+++ rpmlint-1.2/BinariesCheck.py
|
|
@@ -198,6 +198,8 @@ so_regex = re.compile('/lib(64)?/[^/]+\.
|
|
validso_regex = re.compile('(\.so\.\d+(\.\d+)*|\d\.so)$')
|
|
sparc_regex = re.compile('SPARC32PLUS|SPARC V9|UltraSPARC')
|
|
system_lib_paths = Config.getOption('SystemLibPaths', DEFAULT_SYSTEM_LIB_PATHS)
|
|
+pie_exec_re = Config.getOption('PieExecutables')
|
|
+if pie_exec_re: pie_exec_re = re.compile(pie_exec_re)
|
|
usr_lib_regex = re.compile('^/usr/lib(64)?/')
|
|
bin_regex = re.compile('^(/usr(/X11R6)?)?/s?bin/')
|
|
soversion_regex = re.compile('.*?([0-9][.0-9]*)\\.so|.*\\.so\\.([0-9][.0-9]*).*')
|
|
@@ -386,6 +388,11 @@ class BinariesCheck(AbstractCheck.Abstra
|
|
if not is_exec and not is_shobj:
|
|
continue
|
|
|
|
+ if is_shobj and not is_exec and '.so' not in fname and \
|
|
+ bin_regex.search(fname):
|
|
+ # pkgfile.magic does not contain "executable" for PIEs
|
|
+ is_exec = True
|
|
+
|
|
if is_exec:
|
|
|
|
if bin_regex.search(fname):
|
|
@@ -394,6 +401,10 @@ class BinariesCheck(AbstractCheck.Abstra
|
|
if ocaml_mixed_regex.search(bin_info.tail):
|
|
printWarning(pkg, 'ocaml-mixed-executable', fname)
|
|
|
|
+ if not is_shobj and pie_exec_re and pie_exec_re.search(fname):
|
|
+ printError(pkg, 'non-position-independent-executable',
|
|
+ fname)
|
|
+
|
|
if bin_info.readelf_error:
|
|
continue
|
|
|
|
@@ -612,6 +623,10 @@ http://bugs.debian.org/cgi-bin/bugreport
|
|
project settings. So there's normally no need to manually strip binaries.
|
|
Left over unstripped binaries could therefore indicate a bug in the automatic
|
|
stripping process.''',
|
|
+
|
|
+'non-position-independent-executable',
|
|
+'''This executable must be position independent. Check that it is built with
|
|
+-fPIE/-fpie in compiler flags and -pie in linker flags.''',
|
|
)
|
|
|
|
# BinariesCheck.py ends here
|
|
Index: rpmlint-1.2/config
|
|
===================================================================
|
|
--- rpmlint-1.2.orig/config
|
|
+++ rpmlint-1.2/config
|
|
@@ -130,6 +130,10 @@ from Config import *
|
|
# Type: tuple of strings, default: see DEFAULT_SYSTEM_LIB_PATHS in BinariesCheck
|
|
#setOption("SystemLibPaths", ('/lib', '/lib64', '/usr/lib', '/usr/lib64'))
|
|
|
|
+# Executables that must be compiled as position independent.
|
|
+# Type: regex, default: None
|
|
+#setOption("PieExecutables", '^/bin/(ping6?|su)$')
|
|
+
|
|
# Whether to want default start/stop runlevels specified in init scripts.
|
|
# Type: boolean, default: True
|
|
#setOption("UseDefaultRunlevels", True)
|