Lines 94-107
Link Here
|
94 |
qa_var="QA_TEXTRELS_${ARCH}" |
94 |
qa_var="QA_TEXTRELS_${ARCH}" |
95 |
[[ -n ${!qa_var} ]] && QA_TEXTRELS=${!qa_var} |
95 |
[[ -n ${!qa_var} ]] && QA_TEXTRELS=${!qa_var} |
96 |
[[ -n ${QA_STRICT_TEXTRELS} ]] && QA_TEXTRELS="" |
96 |
[[ -n ${QA_STRICT_TEXTRELS} ]] && QA_TEXTRELS="" |
97 |
f=() |
97 |
QA_TEXTRELS=$(echo ${QA_TEXTRELS}) # strip newlines |
98 |
for s in $(scanelf -qyRF '%t %p' "${D}" | grep -v ' usr/lib/debug/'); do |
98 |
f="" |
99 |
[[ ${s} == "TEXTREL" ]] && continue |
99 |
s=$(scanelf -qyRF '"#t%p"' "${D}" | grep -v 'usr/lib/debug/') |
|
|
100 |
s=$(echo ${s}) # strip newlines |
101 |
# eval needed to get ${QA_TEXTRELS} expanded so bash splits |
102 |
# words taking account of spaces in quoted words. |
103 |
f=$(eval " |
104 |
for s in ${s}; do |
100 |
for t in ${QA_TEXTRELS}; do |
105 |
for t in ${QA_TEXTRELS}; do |
101 |
[[ ${t} == ${s} ]] && continue 2 |
106 |
[[ \${s} == \${t} ]] && continue 2 |
102 |
done |
107 |
done |
103 |
f=( ${f} ${s} ) |
108 |
printf \"\${s}\n\" |
104 |
done |
109 |
done") |
105 |
if [[ -n ${f} ]] ; then |
110 |
if [[ -n ${f} ]] ; then |
106 |
scanelf -qyRF '%T %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-textrel.log |
111 |
scanelf -qyRF '%T %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-textrel.log |
107 |
vecho -ne '\a\n' |
112 |
vecho -ne '\a\n' |
Lines 113-125
Link Here
|
113 |
vecho " For more information, see http://hardened.gentoo.org/pic-fix-guide.xml" |
118 |
vecho " For more information, see http://hardened.gentoo.org/pic-fix-guide.xml" |
114 |
vecho " Please include this file in your report:" |
119 |
vecho " Please include this file in your report:" |
115 |
vecho " ${T}/scanelf-textrel.log" |
120 |
vecho " ${T}/scanelf-textrel.log" |
116 |
vecho "${f[@]}" |
121 |
vprintf "${f}" |
117 |
vecho -ne '\a\n' |
122 |
vecho -ne '\a\n' |
118 |
die_msg="${die_msg} textrels," |
123 |
die_msg="${die_msg} textrels," |
119 |
sleep 1 |
124 |
sleep 1 |
120 |
fi |
125 |
fi |
121 |
|
126 |
|
122 |
# Also, executable stacks only matter on linux (and just glibc atm ...) |
127 |
# Also, executable stacks only matter on linux (and just glibc atm ...) |
|
|
128 |
f="" |
123 |
case ${CTARGET:-${CHOST}} in |
129 |
case ${CTARGET:-${CHOST}} in |
124 |
*-linux-gnu*) |
130 |
*-linux-gnu*) |
125 |
# Check for files with executable stacks, but only on arches which |
131 |
# Check for files with executable stacks, but only on arches which |
Lines 136-151
Link Here
|
136 |
qa_var="QA_EXECSTACK_${ARCH}" |
142 |
qa_var="QA_EXECSTACK_${ARCH}" |
137 |
[[ -n ${!qa_var} ]] && QA_EXECSTACK=${!qa_var} |
143 |
[[ -n ${!qa_var} ]] && QA_EXECSTACK=${!qa_var} |
138 |
[[ -n ${QA_STRICT_EXECSTACK} ]] && QA_EXECSTACK="" |
144 |
[[ -n ${QA_STRICT_EXECSTACK} ]] && QA_EXECSTACK="" |
139 |
f=$(scanelf -qyRF '%e %p' "${D}" | grep -v ' usr/lib/debug/' | \ |
145 |
QA_EXECSTACK=$(echo ${QA_EXECSTACK}) # strip newlines |
140 |
gawk ' |
146 |
s=$(scanelf -qyRF '"#e%p"' "${D}" | grep -v 'usr/lib/debug/') |
141 |
BEGIN { split("'"${QA_EXECSTACK}"'", ignore); } |
147 |
s=$(echo ${s}) # strip newlines |
142 |
{ for (idx in ignore) |
148 |
# eval needed to get ${QA_EXECSTACK} expanded so bash splits |
143 |
if ($NF ~ "^"ignore[idx]"$") |
149 |
# words taking account of spaces in quoted words. |
144 |
next; |
150 |
f=$(eval " |
145 |
print; |
151 |
for s in ${s}; do |
146 |
}') |
152 |
for e in ${QA_EXECSTACK}; do |
|
|
153 |
[[ \${s} == \${e} ]] && continue 2 |
154 |
done |
155 |
printf "\${s}\n" |
156 |
done") |
147 |
;; |
157 |
;; |
148 |
*) f="" ;; |
|
|
149 |
esac |
158 |
esac |
150 |
;; |
159 |
;; |
151 |
esac |
160 |
esac |
Lines 160-166
Link Here
|
160 |
vecho " For more information, see http://hardened.gentoo.org/gnu-stack.xml" |
169 |
vecho " For more information, see http://hardened.gentoo.org/gnu-stack.xml" |
161 |
vecho " Please include this file in your report:" |
170 |
vecho " Please include this file in your report:" |
162 |
vecho " ${T}/scanelf-execstack.log" |
171 |
vecho " ${T}/scanelf-execstack.log" |
163 |
vecho "${f}" |
172 |
vprintf "${f}" |
164 |
vecho -ne '\a\n' |
173 |
vecho -ne '\a\n' |
165 |
die_msg="${die_msg} execstacks" |
174 |
die_msg="${die_msg} execstacks" |
166 |
sleep 1 |
175 |
sleep 1 |