Lines 94-107
Link Here
|
94 |
qa_var="QA_TEXTRELS_${ARCH}" |
94 |
qa_var="QA_TEXTRELS_${ARCH}" |
95 |
[[ -n ${!qa_var} ]] && QA_TEXTRELS=${!qa_var} |
95 |
[[ -n ${!qa_var} ]] && QA_TEXTRELS=${!qa_var} |
96 |
[[ -n ${QA_STRICT_TEXTRELS} ]] && QA_TEXTRELS="" |
96 |
[[ -n ${QA_STRICT_TEXTRELS} ]] && QA_TEXTRELS="" |
97 |
f=() |
97 |
QA_TEXTRELS=$(echo ${QA_TEXTRELS}) # strip newlines |
98 |
for s in $(scanelf -qyRF '%t %p' "${D}" | grep -v ' usr/lib/debug/'); do |
98 |
f="" |
99 |
[[ ${s} == "TEXTREL" ]] && continue |
99 |
s=$(scanelf -qyRF '"#t%p"' "${D}" | grep -v 'usr/lib/debug/') |
|
|
100 |
s=$(echo ${s}) # strip newlines |
101 |
# eval needed to get ${QA_TEXTRELS} expanded so bash splits |
102 |
# words taking account of spaces in quoted words. |
103 |
eval "for s in ${s}; do |
100 |
for t in ${QA_TEXTRELS}; do |
104 |
for t in ${QA_TEXTRELS}; do |
101 |
[[ ${t} == ${s} ]] && continue 2 |
105 |
[[ \${s} =~ \"^\${t}$\" ]] && continue 2 |
102 |
done |
106 |
done |
103 |
f=( ${f} ${s} ) |
107 |
f=\"\${f}\${s}\n\" |
104 |
done |
108 |
done" |
105 |
if [[ -n ${f} ]] ; then |
109 |
if [[ -n ${f} ]] ; then |
106 |
scanelf -qyRF '%T %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-textrel.log |
110 |
scanelf -qyRF '%T %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-textrel.log |
107 |
vecho -ne '\a\n' |
111 |
vecho -ne '\a\n' |
Lines 113-125
Link Here
|
113 |
vecho " For more information, see http://hardened.gentoo.org/pic-fix-guide.xml" |
117 |
vecho " For more information, see http://hardened.gentoo.org/pic-fix-guide.xml" |
114 |
vecho " Please include this file in your report:" |
118 |
vecho " Please include this file in your report:" |
115 |
vecho " ${T}/scanelf-textrel.log" |
119 |
vecho " ${T}/scanelf-textrel.log" |
116 |
vecho "${f[@]}" |
120 |
vprintf "${f}" |
117 |
vecho -ne '\a\n' |
121 |
vecho -ne '\a\n' |
118 |
die_msg="${die_msg} textrels," |
122 |
die_msg="${die_msg} textrels," |
119 |
sleep 1 |
123 |
sleep 1 |
120 |
fi |
124 |
fi |
121 |
|
125 |
|
122 |
# Also, executable stacks only matter on linux (and just glibc atm ...) |
126 |
# Also, executable stacks only matter on linux (and just glibc atm ...) |
|
|
127 |
f="" |
123 |
case ${CTARGET:-${CHOST}} in |
128 |
case ${CTARGET:-${CHOST}} in |
124 |
*-linux-gnu*) |
129 |
*-linux-gnu*) |
125 |
# Check for files with executable stacks, but only on arches which |
130 |
# Check for files with executable stacks, but only on arches which |
Lines 136-151
Link Here
|
136 |
qa_var="QA_EXECSTACK_${ARCH}" |
141 |
qa_var="QA_EXECSTACK_${ARCH}" |
137 |
[[ -n ${!qa_var} ]] && QA_EXECSTACK=${!qa_var} |
142 |
[[ -n ${!qa_var} ]] && QA_EXECSTACK=${!qa_var} |
138 |
[[ -n ${QA_STRICT_EXECSTACK} ]] && QA_EXECSTACK="" |
143 |
[[ -n ${QA_STRICT_EXECSTACK} ]] && QA_EXECSTACK="" |
139 |
f=$(scanelf -qyRF '%e %p' "${D}" | grep -v ' usr/lib/debug/' | \ |
144 |
QA_EXECSTACK=$(echo ${QA_EXECSTACK}) # strip newlines |
140 |
gawk ' |
145 |
s=$(scanelf -qyRF '"#e%p"' "${D}" | grep -v 'usr/lib/debug/') |
141 |
BEGIN { split("'"${QA_EXECSTACK}"'", ignore); } |
146 |
s=$(echo ${s}) # strip newlines |
142 |
{ for (idx in ignore) |
147 |
# eval needed to get ${QA_EXECSTACK} expanded so bash splits |
143 |
if ($NF ~ "^"ignore[idx]"$") |
148 |
# words taking account of spaces in quoted words. |
144 |
next; |
149 |
eval "for s in ${s}; do |
145 |
print; |
150 |
for e in ${QA_EXECSTACK}; do |
146 |
}') |
151 |
[[ \${s} =~ \"^\${e}$\" ]] && continue 2 |
|
|
152 |
done |
153 |
f=\"\${f}\${s}\n\" |
154 |
done" |
147 |
;; |
155 |
;; |
148 |
*) f="" ;; |
|
|
149 |
esac |
156 |
esac |
150 |
;; |
157 |
;; |
151 |
esac |
158 |
esac |
Lines 160-166
Link Here
|
160 |
vecho " For more information, see http://hardened.gentoo.org/gnu-stack.xml" |
167 |
vecho " For more information, see http://hardened.gentoo.org/gnu-stack.xml" |
161 |
vecho " Please include this file in your report:" |
168 |
vecho " Please include this file in your report:" |
162 |
vecho " ${T}/scanelf-execstack.log" |
169 |
vecho " ${T}/scanelf-execstack.log" |
163 |
vecho "${f}" |
170 |
vprintf "${f}" |
164 |
vecho -ne '\a\n' |
171 |
vecho -ne '\a\n' |
165 |
die_msg="${die_msg} execstacks" |
172 |
die_msg="${die_msg} execstacks" |
166 |
sleep 1 |
173 |
sleep 1 |