diff options
author | Matthew Booth <mbooth@redhat.com> | 2009-08-05 14:55:54 +0100 |
---|---|---|
committer | Matthew Booth <mbooth@redhat.com> | 2009-08-05 15:01:53 +0100 |
commit | 7e9cb884492aec243337ffc8e4432a9ff2690956 (patch) | |
tree | fc83fb5153b451652dc198575c6c48cae47f9842 /regressions/test-noexec-stack.pl | |
parent | a86f512716d0e9054d4c409ef77b0115e8e1d56a (diff) | |
download | libguestfs-7e9cb884492aec243337ffc8e4432a9ff2690956.tar.gz libguestfs-7e9cb884492aec243337ffc8e4432a9ff2690956.tar.xz libguestfs-7e9cb884492aec243337ffc8e4432a9ff2690956.zip |
Add a test for an executable stack in resultant binaries
Diffstat (limited to 'regressions/test-noexec-stack.pl')
-rwxr-xr-x | regressions/test-noexec-stack.pl | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/regressions/test-noexec-stack.pl b/regressions/test-noexec-stack.pl new file mode 100755 index 00000000..1a31fa74 --- /dev/null +++ b/regressions/test-noexec-stack.pl @@ -0,0 +1,64 @@ +#!/usr/bin/perl + +use strict; +use warnings; + +die("NOEXEC_CHECK not set") unless(exists($ENV{NOEXEC_CHECK})); + +my @files = split(/ /, $ENV{NOEXEC_CHECK}); + +FILES: foreach my $file (@files) { + my $output; + my @cmd = ('readelf', '-l', $file); + open($output, '-|', @cmd) + or die("$0: failed to run: '".join(' ', @cmd)."': $!\n"); + + my $offset; + my $line = 1; + + # Find the offset of the Flags field + while(<$output>) { + next unless(/^\s*Type\b/); + + my @lines; + push(@lines, $_); + + # Look for a Flg field on this line (32 bit) + $offset = index($_, 'Flg '); + + if(-1 == $offset) { + # 64 bit is split over 2 lines. Look for a Flags field on the next + # line + $_ = <$output>; + $offset = index($_, 'Flags '); + $line = 2; + push(@lines, $_); + } + + die("Unrecognised header: ".join("\n", @lines)) if(-1 == $offset); + last; + } + + # Find the GNU_STACK entry + while(<$output>) { + next unless(/^\s*GNU_STACK\b/); + + # Skip over input lines according to the header + for(my $i = 1; $i < $line; $i++) { + $_ = <$output>; + } + + my $flags = substr($_, $offset, 3); + + $flags =~ /^[ R][ W]([ E])$/ or die("Unrecognised flags: $flags"); + + if('E' eq $1) { + print "***** $file has an executable stack *****\n"; + exit(1); + } + + next FILES; + } + + die("Didn't find GNU_STACK entry"); +} |