foster/bitcoin-bitcoin-core
0
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-02-02 09:46:52 -05:00
Code Issues Activity

contrib: add PE PIE check to security checks

Browse source
This commit is contained in:
fanquake 2021-04-06 10:13:06 +08:00
parent 8e1f40dd9a
commit 0f5d77c8e4
No known key found for this signature in database
GPG key ID: 2EEB9F5CC09526C1
1 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
contrib/devtools/security-check.py
View file

@ -134,6 +134,14 @@ def check_ELF_separate_code(executable):
return False return False
return True return True
def check_PE_PIE(executable) -> bool:
'''
Check for position independent executable (PIE),
allowing for address space randomization.
'''
binary = lief.parse(executable)
return binary.is_pie
def check_PE_DYNAMIC_BASE(executable) -> bool: def check_PE_DYNAMIC_BASE(executable) -> bool:
'''PIE: DllCharacteristics bit 0x40 signifies dynamicbase (ASLR)''' '''PIE: DllCharacteristics bit 0x40 signifies dynamicbase (ASLR)'''
binary = lief.parse(executable) binary = lief.parse(executable)
@ -201,6 +209,7 @@ CHECKS = {
('separate_code', check_ELF_separate_code), ('separate_code', check_ELF_separate_code),
], ],
'PE': [ 'PE': [
('PIE', check_PE_PIE),
('DYNAMIC_BASE', check_PE_DYNAMIC_BASE), ('DYNAMIC_BASE', check_PE_DYNAMIC_BASE),
('HIGH_ENTROPY_VA', check_PE_HIGH_ENTROPY_VA), ('HIGH_ENTROPY_VA', check_PE_HIGH_ENTROPY_VA),
('NX', check_PE_NX), ('NX', check_PE_NX),