[arch-projects] [namcap][PATCH] implement FS#27485, warn on unstripped files

Wed, 30 Oct 2013 03:56:47 -0700 

---
 Namcap/rules/elffiles.py | 37 +++++++++++++++++++++++++++++++++++++
 namcap-tags              |  1 +
 2 files changed, 38 insertions(+)

diff --git a/Namcap/rules/elffiles.py b/Namcap/rules/elffiles.py
index f8f16ac..20d117f 100644
--- a/Namcap/rules/elffiles.py
+++ b/Namcap/rules/elffiles.py
@@ -23,6 +23,7 @@ import tempfile
 import subprocess
 
 from elftools.elf.elffile import ELFFile
+from elftools.elf.sections import SymbolTableSection
 
 from Namcap.util import is_elf, clean_filename
 from Namcap.ruleclass import *
@@ -143,4 +144,40 @@ class ELFExecStackRule(TarballRule):
                        self.warnings = [("elffile-with-execstack %s", i)
                                        for i in exec_stacks]
 
+class ELFUnstrippedRule(TarballRule):
+       """
+       Checks for unstripped ELF files. Uses pyelftools to check if
+       .symtab exists.
+       """
+
+       name = "elfunstripped"
+       description = "Check for unstripped ELF files."
+
+       def analyze(self, pkginfo, tar):
+               unstripped_binaries = []
+
+               for entry in tar:
+                       tmpname = _test_elf_and_extract(tar, entry)
+                       if not tmpname:
+                               continue
+
+                       try:
+                               fp = open(tmpname, 'rb')
+                               elffile = ELFFile(fp)
+                               for section in elffile.iter_sections():
+                                       if not isinstance(section, 
SymbolTableSection):
+                                               continue
+
+                                       if section['sh_entsize'] == 0:
+                                               print ('symbol table empty')
+                                               continue
+
+                                       if section.name == b'.symtab':
+                                               
unstripped_binaries.append(entry.name)
+                       finally:
+                               os.unlink(tmpname)
+               if unstripped_binaries:
+                       self.warnings = [("elffile-unstripped %s", i)
+                                       for i in unstripped_binaries]
+
 # vim: set ts=4 sw=4 noet:
diff --git a/namcap-tags b/namcap-tags
index 818c7a5..1b681a6 100644
--- a/namcap-tags
+++ b/namcap-tags
@@ -20,6 +20,7 @@ elffile-in-any-package %s :: ELF file ('%s') found in an 
'any' package.
 elffile-not-in-allowed-dirs %s :: ELF file ('%s') outside of a valid path.
 elffile-with-textrel %s :: ELF file ('%s') has text relocations.
 elffile-with-execstack %s :: ELF file ('%s') has executable stack.
+elffile-unstripped %s :: ELF file ('%s') is unstripped.
 empty-directory %s :: Directory (%s) is empty
 error-running-rule %s :: Error running rule '%s'
 extra-var-begins-without-underscore %s :: Non standard variable '%s' doesn't 
start with an underscore
-- 
1.8.4.2

Reply via email to