Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15:Update
rpmlint
0001-Binariescheck-Check-for-chroot-chdir-on-AR...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-Binariescheck-Check-for-chroot-chdir-on-ARM-PPC.patch of Package rpmlint
From 5237c197f56698d55fd1d18f8127f6e947350d80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20Br=C3=BCns?= <stefan.bruens@rwth-aachen.de> Date: Wed, 11 Oct 2017 16:29:21 +0200 Subject: [PATCH] Binariescheck: Check for chroot/chdir on ARM, PPC The assembly on ARM looks almost the same as the x86 assembly, but with a branch mnemonic (bl) instead of an explicit call. On PPC, library function calls use jump tables, so the vicinity check does not work, but we can at least detect a sole chroot without chdir. --- BinariesCheck.py | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) diff --git a/BinariesCheck.py b/BinariesCheck.py index bd75558..8d224a8 100644 --- a/BinariesCheck.py +++ b/BinariesCheck.py @@ -54,8 +54,6 @@ class BinaryInfo(object): setuid_call_regex = create_regexp_call(r'set(?:res|e)?uid') setgroups_call_regex = create_regexp_call(r'(?:ini|se)tgroups') chroot_call_regex = create_regexp_call('chroot') - # 401eb8: e8 c3 f0 ff ff callq 400f80 <chdir@plt> - objdump_call_regex = re.compile(br'callq?\s(.*)') debuginfo_regex = re.compile(r'^\s+\[\s*\d+\]\s+\.debug_.*\s+') symtab_regex = re.compile(r'^\s+\[\s*\d+\]\s+\.symtab\s+') gethostbyname_call_regex = create_regexp_call(r'(gethostbyname|gethostbyname2|gethostbyaddr|gethostbyname_r|gethostbyname2_r|gethostbyaddr_r)') @@ -96,6 +94,16 @@ class BinaryInfo(object): self.mktemp = False is_debug = path.endswith('.debug') + # Currently this implementation works only on specific + # architectures due to reliance on arch specific assembly. + if pkg.arch in ['armv6hl', 'armv7hl', 'aarch64']: + # 10450: ebffffec bl 10408 <chroot@plt> + BinaryInfo.objdump_call_regex = re.compile(br'\sbl\s+(.*)') + elif (pkg.arch.endswith('86') or pkg.arch == 'x86_64'): + # 401eb8: e8 c3 f0 ff ff callq 400f80 <chdir@plt> + BinaryInfo.objdump_call_regex = re.compile(br'callq?\s(.*)') + else: + BinaryInfo.objdump_call_regex = None res = Pkg.getstatusoutput( ('readelf', '-W', '-S', '-l', '-d', '-s', path)) @@ -204,10 +212,13 @@ class BinaryInfo(object): # check if chroot is near chdir (since otherwise, chroot is called # without chdir) - # Currently this implementation works only on x86_64 due to reliance - # on x86_64 specific assembly. Skip it on other architectures - if ((pkg.arch.endswith('86') or pkg.arch == 'x86_64') and - self.chroot and self.chdir): + if not BinaryInfo.objdump_call_regex and self.chroot and self.chdir: + # On some architectures, e.g. PPC, it is to difficult to + # find the actual invocations of chroot/chdir, if both + # exist assume chroot is fine + self.chroot_near_chdir = True + + elif self.chroot and self.chdir: p = subprocess.Popen(('objdump', '-d', path), stdout=subprocess.PIPE, bufsize=-1, env=dict(os.environ, LC_ALL="C")) @@ -537,9 +548,8 @@ class BinariesCheck(AbstractCheck.AbstractCheck): printError(pkg, 'missing-call-to-setgroups-before-setuid', fname) - if ((pkg.arch.endswith('86') or pkg.arch == 'x86_64') and bin_info.chroot): - if not bin_info.chdir or not bin_info.chroot_near_chdir: - printError(pkg, 'missing-call-to-chdir-with-chroot', fname) + if bin_info.chroot and not bin_info.chroot_near_chdir: + printError(pkg, 'missing-call-to-chdir-with-chroot', fname) if bin_info.mktemp: printError(pkg, 'call-to-mktemp', fname) -- 2.14.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor