[lintian] 05/08: c/binaries: Implement hardening-no-fortify-functions

To: debian-lint-maint@lists.debian.org
Subject: [lintian] 05/08: c/binaries: Implement hardening-no-fortify-functions
From: Niels Thykier <nthykier@moszumanska.debian.org>
Date: Sun, 18 Sep 2016 11:07:22 +0000
Message-id: <[🔎] E1blZwQ-0007SR-8c@moszumanska.debian.org>
Reply-to: Niels Thykier <niels@thykier.net>
In-reply-to: <[🔎] 20160918110718.28213.18043@moszumanska.debian.org>
References: <[🔎] 20160918110718.28213.18043@moszumanska.debian.org>

This is an automated email from the git hooks/post-receive script.

nthykier pushed a commit to branch master
in repository lintian.

commit daaef1a8561105c5c4e54424a460cf0deea249e7
Author: Niels Thykier <niels@thykier.net>
Date:   Sat Sep 17 20:22:16 2016 +0000

    c/binaries: Implement hardening-no-fortify-functions
    
    Signed-off-by: Niels Thykier <niels@thykier.net>
---
 checks/binaries.pm               | 34 ++++++++++++----
 data/binaries/hardened-functions | 88 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 113 insertions(+), 9 deletions(-)

diff --git a/checks/binaries.pm b/checks/binaries.pm
index a9ba42f..bf17de8 100644
--- a/checks/binaries.pm
+++ b/checks/binaries.pm
@@ -98,6 +98,7 @@ sub _split_hash {
 
 our $HARDENING= Lintian::Data->new('binaries/hardening-tags', qr/\s*\|\|\s*/o,
     \&_split_hash);
+our $HARDENED_FUNCTIONS = Lintian::Data->new('binaries/hardened-functions');
 our $LFS_SYMBOLS = Lintian::Data->new('binaries/lfs-symbols');
 
 our $ARCH_32_REGEX;
@@ -127,7 +128,7 @@ sub run {
 
     foreach my $file (sort keys %{$info->objdump_info}) {
         my $objdump = $info->objdump_info->{$file};
-        my $has_lfs;
+        my ($has_lfs, %unharded_functions, @hardened_functions);
         my $is_profiled = 0;
         # $file can be an object inside a static lib.  These do
         # not appear in the output of our file_info collection.
@@ -153,6 +154,20 @@ sub run {
         foreach my $symbol (@{$objdump->{SYMBOLS}}) {
             my ($foo, $sec, $sym) = @{$symbol};
 
+            if ($foo eq 'UND') {
+                my $name = $sym;
+                my $hardened;
+                $hardened = 1 if $name =~ s/^__(\S+)_chk$/$1/;
+                if ($HARDENED_FUNCTIONS->known($name)) {
+                    if ($hardened) {
+                        push(@hardened_functions, $name);
+                    } else {
+                        $unharded_functions{$name} = 1;
+                    }
+                }
+
+            }
+
             unless (defined $has_lfs) {
                 if ($foo eq 'UND' and $LFS_SYMBOLS->known($sym)) {
                     # Using a 32bit only interface call, some parts of the
@@ -179,6 +194,13 @@ sub run {
             tag 'binary-compiled-with-profiling-enabled', $file
               if $is_profiled;
         }
+        if (    %unharded_functions
+            and not @hardened_functions
+            and not $built_with_golang
+            and $arch_hardening->{'hardening-no-fortify-functions'}) {
+            tag 'hardening-no-fortify-functions', $file;
+        }
+
         tag 'apparently-corrupted-elf-binary', $file
           if $objdump->{'ERRORS'};
         tag 'binary-file-built-without-LFS-support', $file
@@ -565,7 +587,7 @@ sub run {
                 tag 'hardening-no-bindnow', $file;
             }
 
-            if ($arch_hardening->{'hardening-no-pie'}
+            if (    $arch_hardening->{'hardening-no-pie'}
                 and $objdump->{'ELF-TYPE'} eq 'EXEC') {
                 tag 'hardening-no-pie', $file;
             }
@@ -578,13 +600,7 @@ sub run {
                     foreach my $t (@{$info->hardening_info->{$fname}}) {
                         my $tag = "hardening-$t";
                         # Implemented elsewhere
-                        next if $t eq 'no-relro' or $t eq 'no-bindnow' or $t eq 'no-pie';
-                        # Binaries built by the Go compiler do not support all
-                        # hardening measures.
-                        next
-                          if ($t eq 'no-relro'
-                            ||$t eq 'no-fortify-functions')
-                          &&$built_with_golang;
+                        next if $t ne 'no-stackprotector';
                         tag $tag, $file if $arch_hardening->{$tag};
                     }
                 }
diff --git a/data/binaries/hardened-functions b/data/binaries/hardened-functions
new file mode 100644
index 0000000..2187ec9
--- /dev/null
+++ b/data/binaries/hardened-functions
@@ -0,0 +1,88 @@
+# Set of C functions that have a hardened variant
+#
+# Known functions which are deliberately omitted
+# (due to false positives):
+#
+#    memcpy
+#    memset
+#    memmove
+#
+# The list is manually updated, please keep it
+# sorted by name
+#
+
+asprintf
+confstr
+dprintf
+fdelt
+fgets
+fgets_unlocked
+fgetws
+fgetws_unlocked
+fprintf
+fread
+fread_unlocked
+fwprintf
+getcwd
+getdomainname
+getgroups
+gethostname
+getlogin_r
+gets
+getwd
+longjmp
+mbsnrtowcs
+mbsrtowcs
+mbstowcs
+mempcpy
+obstack_printf
+obstack_vprintf
+poll
+ppoll
+pread64
+pread
+printf
+ptsname_r
+read
+readlink
+readlinkat
+realpath
+recv
+recvfrom
+snprintf
+sprintf
+stpcpy
+stpncpy
+strcat
+strcpy
+strncat
+strncpy
+swprintf
+syslog
+ttyname_r
+vasprintf
+vdprintf
+vfprintf
+vfwprintf
+vprintf
+vsnprintf
+vsprintf
+vswprintf
+vsyslog
+vwprintf
+wcpcpy
+wcpncpy
+wcrtomb
+wcscat
+wcscpy
+wcsncat
+wcsncpy
+wcsnrtombs
+wcsrtombs
+wcstombs
+wctomb
+wmemcpy
+wmemmove
+wmempcpy
+wmemset
+wprintf

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git

Reply to:

References:
- [lintian] branch master updated (35cc8d4 -> 800702f)
  - From: Niels Thykier <nthykier@moszumanska.debian.org>

Prev by Date: [lintian] 08/08: d/changelog: Add changelog entries for the hardening-rewrite
Next by Date: [lintian] 07/08: d/control: Drop hardening-includes from (Build-)Depends
Previous by thread: [lintian] 08/08: d/changelog: Add changelog entries for the hardening-rewrite
Next by thread: [lintian] 07/08: d/control: Drop hardening-includes from (Build-)Depends
Index(es):
- Date
- Thread