Attachment #86077 for bug #131779

View | Details | Raw Unified | Return to bug 131779 | Differences between

and this patch




		qa_var="QA_TEXTRELS_${ARCH}"
		[[ -n ${!qa_var} ]] && QA_TEXTRELS=${!qa_var}
		[[ -n ${QA_STRICT_TEXTRELS} ]] && QA_TEXTRELS=""
		f=$(scanelf -qyRF '%t %p' "${D}" | grep -v ' usr/lib/debug/' | \
			gawk '
			BEGIN { split("'"${QA_TEXTRELS}"'", ignore); }
			{	for (idx in ignore)
					if ($NF ~ "^"ignore[idx]"$")
					next;
				print;
			}')
				[[ \${s} =~ \"^\${t}$\" ]] && continue 2
			done
			f=\"\${f}\${s}\n\"
		done"
		if [[ -n ${f} ]] ; then
			scanelf -qyRF '%T %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-textrel.log
			echo -ne '\a\n'

			echo " For more information, see http://hardened.gentoo.org/pic-fix-guide.xml"
			echo " Please include this file in your report:"
			echo " ${T}/scanelf-textrel.log"
			echo "${f}"
			echo -ne '\a\n'
			die_msg="${die_msg} textrels,"
			sleep 1
		fi

		# Also, executable stacks only matter on linux (and just glibc atm ...)
		f=""
		case ${CTARGET:-${CHOST}} in
			*-linux-gnu*)
			# Check for files with executable stacks, but only on arches which

					qa_var="QA_EXECSTACK_${ARCH}"
					[[ -n ${!qa_var} ]] && QA_EXECSTACK=${!qa_var}
					[[ -n ${QA_STRICT_EXECSTACK} ]] && QA_EXECSTACK=""
					f=$(scanelf -qyRF '%e %p' "${D}" | grep -v ' usr/lib/debug/' | \
						gawk '
						BEGIN { split("'"${QA_EXECSTACK}"'", ignore); }
						{	for (idx in ignore)
								if ($NF ~ "^"ignore[idx]"$")
									next;
							print;
						}')
						done
						f=\"\${f}\${s}\n\"
					done"
					;;
				*)	f="" ;;
			esac
			;;
		esac

			echo " For more information, see http://hardened.gentoo.org/gnu-stack.xml"
			echo " Please include this file in your report:"
			echo " ${T}/scanelf-execstack.log"
			echo "${f}"
			echo -ne '\a\n'
			die_msg="${die_msg} execstacks"
			sleep 1

Return to bug 131779

Lines 88-105 Link Here

(-)bin/misc-functions.sh (-26 / +19 lines)
88	qa_var="QA_TEXTRELS_${ARCH}"	88	qa_var="QA_TEXTRELS_${ARCH}"
89	[[ -n ${!qa_var} ]] && QA_TEXTRELS=${!qa_var}	89	[[ -n ${!qa_var} ]] && QA_TEXTRELS=${!qa_var}
90	[[ -n ${QA_STRICT_TEXTRELS} ]] && QA_TEXTRELS=""	90	[[ -n ${QA_STRICT_TEXTRELS} ]] && QA_TEXTRELS=""
91	QA_TEXTRELS=$(echo ${QA_TEXTRELS}) # strip newlines	91	f=$(scanelf -qyRF '%t %p' "${D}" \| grep -v ' usr/lib/debug/' \| \
92	f=""	92	gawk '
93	s=$(scanelf -qyRF '"#t%p"' "${D}" \| grep -v 'usr/lib/debug/')	93	BEGIN { split("'"${QA_TEXTRELS}"'", ignore); }
94	s=$(echo ${s}) # strip newlines	94	{ for (idx in ignore)
95	# eval needed to get ${QA_TEXTRELS} expanded so bash splits	95	if ($NF ~ "^"ignore[idx]"$")
96	# words taking account of spaces in quoted words.	96	next;
97	eval "for s in ${s}; do	97	print;
98	for t in ${QA_TEXTRELS}; do	98	}')
99	[[ \${s} =~ \"^\${t}$\" ]] && continue 2
100	done
101	f=\"\${f}\${s}\n\"
102	done"
103	if [[ -n ${f} ]] ; then	99	if [[ -n ${f} ]] ; then
104	scanelf -qyRF '%T %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-textrel.log	100	scanelf -qyRF '%T %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-textrel.log
105	echo -ne '\a\n'	101	echo -ne '\a\n'
Lines 111-124 Link Here
111	echo " For more information, see http://hardened.gentoo.org/pic-fix-guide.xml"	107	echo " For more information, see http://hardened.gentoo.org/pic-fix-guide.xml"
112	echo " Please include this file in your report:"	108	echo " Please include this file in your report:"
113	echo " ${T}/scanelf-textrel.log"	109	echo " ${T}/scanelf-textrel.log"
114	printf "${f}"	110	echo "${f}"
115	echo -ne '\a\n'	111	echo -ne '\a\n'
116	die_msg="${die_msg} textrels,"	112	die_msg="${die_msg} textrels,"
117	sleep 1	113	sleep 1
118	fi	114	fi
119		115
120	# Also, executable stacks only matter on linux (and just glibc atm ...)	116	# Also, executable stacks only matter on linux (and just glibc atm ...)
121	f=""
122	case ${CTARGET:-${CHOST}} in	117	case ${CTARGET:-${CHOST}} in
123	-linux-gnu)	118	-linux-gnu)
124	# Check for files with executable stacks, but only on arches which	119	# Check for files with executable stacks, but only on arches which
Lines 135-152 Link Here
135	qa_var="QA_EXECSTACK_${ARCH}"	130	qa_var="QA_EXECSTACK_${ARCH}"
136	[[ -n ${!qa_var} ]] && QA_EXECSTACK=${!qa_var}	131	[[ -n ${!qa_var} ]] && QA_EXECSTACK=${!qa_var}
137	[[ -n ${QA_STRICT_EXECSTACK} ]] && QA_EXECSTACK=""	132	[[ -n ${QA_STRICT_EXECSTACK} ]] && QA_EXECSTACK=""
138	QA_EXECSTACK=$(echo ${QA_EXECSTACK}) # strip newlines	133	f=$(scanelf -qyRF '%e %p' "${D}" \| grep -v ' usr/lib/debug/' \| \
139	s=$(scanelf -qyRF '"#e%p"' "${D}" \| grep -v 'usr/lib/debug/')	134	gawk '
140	s=$(echo ${s}) # strip newlines	135	BEGIN { split("'"${QA_EXECSTACK}"'", ignore); }
141	# eval needed to get ${QA_TEXTRELS} expanded so bash splits	136	{ for (idx in ignore)
142	# words taking account of spaces in quoted words.	137	if ($NF ~ "^"ignore[idx]"$")
143	eval "for s in ${s}; do	138	next;
144	for e in ${QA_EXECSTACK}; do	139	print;
145	[[ \${s} =~ \"^\${e}$\" ]] && continue 2	140	}')
146	done
147	f=\"\${f}\${s}\n\"
148	done"
149	;;	141	;;
		142	*) f="" ;;
150	esac	143	esac
151	;;	144	;;
152	esac	145	esac
Lines 161-167 Link Here
161	echo " For more information, see http://hardened.gentoo.org/gnu-stack.xml"	154	echo " For more information, see http://hardened.gentoo.org/gnu-stack.xml"
162	echo " Please include this file in your report:"	155	echo " Please include this file in your report:"
163	echo " ${T}/scanelf-execstack.log"	156	echo " ${T}/scanelf-execstack.log"
164	printf "${f}"	157	echo "${f}"
165	echo -ne '\a\n'	158	echo -ne '\a\n'
166	die_msg="${die_msg} execstacks"	159	die_msg="${die_msg} execstacks"
167	sleep 1	160	sleep 1