mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-22 11:14:18 +01:00
- Speedup significantly by not using subshells for data already fetched.
Ran against /usr/local/sbin/pkg: Before: 25.12 real 12.41 user 33.14 sys After: 0.53 real 0.49 user 0.13 sys - Exit with 1 if any missing or unresolved symbol is detected. - Add option '-U' to skip looking up unresolved symbols. - Don't consider provided weak objects as unresolved (nm V). Sponsored by: EMC / Isilon Storage Division
This commit is contained in:
parent
972b622794
commit
3844bbe29e
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=281791
@ -1,6 +1,15 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
# $FreeBSD$
|
# $FreeBSD$
|
||||||
|
|
||||||
|
ret=0
|
||||||
|
CHECK_UNRESOLVED=1
|
||||||
|
while getopts "U" flag; do
|
||||||
|
case "${flag}" in
|
||||||
|
U) CHECK_UNRESOLVED=0 ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
shift $((OPTIND-1))
|
||||||
|
|
||||||
mime=$(file -L --mime-type $1)
|
mime=$(file -L --mime-type $1)
|
||||||
case $mime in
|
case $mime in
|
||||||
*application/x-executable);;
|
*application/x-executable);;
|
||||||
@ -8,30 +17,74 @@ case $mime in
|
|||||||
*) echo "Not an elf file" >&2 ; exit 1;;
|
*) echo "Not an elf file" >&2 ; exit 1;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
|
# Gather all symbols from the target
|
||||||
|
unresolved_symbols=$(nm -D -u --format=posix "$1" | awk '$2 == "U" {print $1}' | tr '\n' ' ')
|
||||||
|
ldd_libs=$(ldd $1 | awk '{print $1 ":" $3}')
|
||||||
|
|
||||||
|
libkey() {
|
||||||
|
libkey="lib_symbols_$1"
|
||||||
|
patterns=[.+,-]
|
||||||
|
replacement=_
|
||||||
|
while :; do
|
||||||
|
case " ${libkey} " in
|
||||||
|
*${patterns}*)
|
||||||
|
libkey="${libkey%%${patterns}*}${replacement}${libkey#*${patterns}}"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
# Check for useful libs
|
# Check for useful libs
|
||||||
list_libs=""
|
list_libs=
|
||||||
|
resolved_symbols=
|
||||||
for lib in $(readelf -d $1 | awk '$2 ~ /\(?NEEDED\)?/ { sub(/\[/,"",$NF); sub(/\]/,"",$NF); print $NF }'); do
|
for lib in $(readelf -d $1 | awk '$2 ~ /\(?NEEDED\)?/ { sub(/\[/,"",$NF); sub(/\]/,"",$NF); print $NF }'); do
|
||||||
echo -n "checking if $lib is needed: "
|
echo -n "checking if $lib is needed: "
|
||||||
libpath=$(ldd $1 | awk -v lib=$lib '$1 == lib { print $3 }')
|
for libpair in ${ldd_libs}; do
|
||||||
list_libs="$list_libs $libpath"
|
case "${libpair}" in
|
||||||
foundone=0
|
${lib}:*) libpath="${libpair#*:}" && break ;;
|
||||||
for fct in $(nm -D $libpath | awk '$2 == "R" || $2 == "D" || $2 == "T" || $2 == "W" || $2 == "B" { print $3 }'); do
|
esac
|
||||||
nm -D $1 | awk -v s=$fct '$1 == "U" && $2 == s { found=1 ; exit } END { if (found != 1) { exit 1 } }' && foundone=1 && break
|
|
||||||
done
|
done
|
||||||
if [ $foundone -eq 1 ]; then
|
list_libs="$list_libs $lib"
|
||||||
echo -n "yes... "
|
foundone=
|
||||||
nm -D $1 | awk -v s=$fct '$1 == "U" && $2 == s { print $2 ; exit }'
|
lib_symbols="$(nm -D --defined-only --format=posix "${libpath}" | awk '$2 ~ /R|D|T|W|B|V/ {print $1}' | tr '\n' ' ')"
|
||||||
|
if [ ${CHECK_UNRESOLVED} -eq 1 ]; then
|
||||||
|
# Save the global symbols for this lib
|
||||||
|
libkey "${lib}"
|
||||||
|
setvar "${libkey}" "${lib_symbols}"
|
||||||
|
fi
|
||||||
|
for fct in ${lib_symbols}; do
|
||||||
|
case " ${unresolved_symbols} " in
|
||||||
|
*\ ${fct}\ *) foundone="${fct}" && break ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
if [ -n "${foundone}" ]; then
|
||||||
|
echo "yes... ${foundone}"
|
||||||
else
|
else
|
||||||
echo "no"
|
echo "no"
|
||||||
|
ret=1
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
|
||||||
for sym in $(nm -D $1 | awk '$1 == "U" { print $2 }'); do
|
if [ ${CHECK_UNRESOLVED} -eq 1 ]; then
|
||||||
found=0
|
for sym in ${unresolved_symbols}; do
|
||||||
for l in ${list_libs} ; do
|
found=0
|
||||||
nm -D $l | awk -v s=$sym '($2 == "R" || $2 == "D" || $2 == "T" || $2 == "W" || $2 == "B") && $3 == s { found=1 ; exit } END { if (found != 1) { exit 1 } }' && found=1 && break
|
for lib in ${list_libs}; do
|
||||||
|
libkey "${lib}"
|
||||||
|
eval "lib_symbols=\"\${${libkey}}\""
|
||||||
|
# lib_symbols now contains symbols for the lib.
|
||||||
|
case " ${lib_symbols} " in
|
||||||
|
*\ ${sym}\ *) found=1 && break ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
if [ $found -eq 0 ]; then
|
||||||
|
echo "Unresolved symbol $sym"
|
||||||
|
ret=1
|
||||||
|
fi
|
||||||
done
|
done
|
||||||
if [ $found -eq 0 ]; then
|
fi
|
||||||
echo "Unresolved symbol $sym"
|
|
||||||
fi
|
exit ${ret}
|
||||||
done
|
|
||||||
|
Loading…
Reference in New Issue
Block a user