[lintian] 01/01: Check for Microsoft Windows Portable Executable (PE) files that are missing security hardening features. Thanks to Petter Reinholdtsen for the report. (Closes: #837548)
This is an automated email from the git hooks/post-receive script.
lamby pushed a commit to branch master
in repository lintian.
commit 0a853680a8939ef073693c2c7f70e36c34f0521f
Author: Chris Lamb <lamby@debian.org>
Date: Tue Dec 19 11:29:56 2017 +0000
Check for Microsoft Windows Portable Executable (PE) files that are missing security hardening features. Thanks to Petter Reinholdtsen for the report. (Closes: #837548)
---
checks/pe.desc | 14 ++++
checks/pe.pm | 80 +++++++++++++++++++++
debian/changelog | 5 ++
profiles/debian/main.profile | 2 +-
.../pe-missing-security-features/debian/.coverage | 0
.../debian/debian/install | 1 +
.../debian/extrac32.exe | Bin 0 -> 1032 bytes
.../debian/win32-loader.exe | Bin 0 -> 1669581 bytes
t/tests/pe-missing-security-features/desc | 5 ++
t/tests/pe-missing-security-features/tags | 0
10 files changed, 106 insertions(+), 1 deletion(-)
diff --git a/checks/pe.desc b/checks/pe.desc
new file mode 100644
index 0000000..4d87eb5
--- /dev/null
+++ b/checks/pe.desc
@@ -0,0 +1,14 @@
+Check-Script: pe
+Author: Chris Lamb <lamby@debian.org>
+Type: binary
+Needs-Info: unpacked, file-info
+Info: This script checks Microsoft Windows Portable Executable (PE) files
+
+Tag: portable-executable-missing-security-features
+Severity: important
+Certainty: certain
+Info: The package ships a Microsoft Windows Portable Executable (PE) file
+ that appears to be lacking security hardening features.
+ .
+ You can see which are missing using the <tt>pesec</tt> tool from the
+ <tt>pev</tt> package.
diff --git a/checks/pe.pm b/checks/pe.pm
new file mode 100644
index 0000000..cbc0257
--- /dev/null
+++ b/checks/pe.pm
@@ -0,0 +1,80 @@
+# pe -- lintian check script -*- perl -*-
+
+# Copyright (C) 2017 Chris Lamb <lamby@debian.org>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, you can find it on the World Wide
+# Web at http://www.gnu.org/copyleft/gpl.html, or write to the Free
+# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
+# MA 02110-1301, USA.
+
+package Lintian::pe;
+use strict;
+use warnings;
+use autodie;
+
+use List::MoreUtils qw(any);
+
+use Lintian::Tags qw(tag);
+use Lintian::Util qw(internal_error);
+
+sub run {
+ my (undef, undef, $info) = @_;
+
+ foreach my $file ($info->sorted_index) {
+ next unless $file->is_file;
+ next unless $file->file_info =~ /^PE32\+? executable/;
+
+ my $buf;
+ my $fd = $file->open;
+
+ eval {
+ # Offset to main header
+ seek($fd, 0x3c, 0) or internal_error("seek: $!");
+ read($fd, $buf, 4) or internal_error("read: $!");
+ my $pe_offset = unpack('V', $buf);
+
+ # Read magic to determine whether we are are PE32 or PE32+
+ seek($fd, $pe_offset + 24, 0) or internal_error("seek: $!");
+ read($fd, $buf, 2) or internal_error("read: $!");
+ my $magic = unpack('v', $buf);
+
+ # Read and parse DLLCharacteristics value
+ seek($fd, (($magic == 0x20B) ? 68 : 64), 1)
+ or internal_error("seek: $!");
+ read($fd, $buf, 2) or internal_error("read: $!");
+ };
+
+ my $characteristics = unpack('v', $buf);
+ my %features = (
+ 'ASLR' => $characteristics & 0x40,
+ 'DEP/NX' => $characteristics & 0x100,
+ 'SEH' => ~$characteristics & 0x400,
+ );
+
+ tag 'portable-executable-missing-security-features', $file
+ unless any { $_ == 0 } values %features;
+
+ close($fd);
+ }
+
+ return;
+}
+
+1;
+
+# Local Variables:
+# indent-tabs-mode: nil
+# cperl-indent-level: 4
+# End:
+# vim: syntax=perl sw=4 sts=4 sr et
diff --git a/debian/changelog b/debian/changelog
index 415d2fa..58d8227 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,11 @@ lintian (2.5.66) UNRELEASED; urgency=medium
XXX: generate tag summary
+ * checks/pe.{pm,desc}:
+ + [CL] Check for Microsoft Windows Portable Executable (PE) files that
+ are missing security hardening features. Thanks to Petter
+ Reinholdtsen for the report. (Closes: #837548)
+
* t/tests/files-multiarch-foreign-files:
+ [CL] Don't hardcode architecture triplet to fix FTBFS on non-amd64
architectures. (Closes: #884683)
diff --git a/profiles/debian/main.profile b/profiles/debian/main.profile
index db7b848..2aee4b9 100644
--- a/profiles/debian/main.profile
+++ b/profiles/debian/main.profile
@@ -7,7 +7,7 @@ Enable-Tags-From-Check: apache2, application-not-library, appstream-metadata, au
debian-source-dir, description, duplicate-files, elpa, fields, filename-length,
files, gir, group-checks, huge-usr-share, infofiles, init.d, java, lintian,
manpages, md5sums, menu-format, menus, nmu, obsolete-sites, ocaml,
- patch-systems, phppear, po-debconf, python, rules, scripts, shared-libs,
+ patch-systems, pe, phppear, po-debconf, python, rules, scripts, shared-libs,
source-changelog, source-copyright, standards-version, symlinks, systemd,
testsuite, triggers, udev, upstream-metadata, usrmerge, version-substvars,
watch-file
diff --git a/t/tests/pe-missing-security-features/debian/.coverage b/t/tests/pe-missing-security-features/debian/.coverage
new file mode 100644
index 0000000..e69de29
diff --git a/t/tests/pe-missing-security-features/debian/debian/install b/t/tests/pe-missing-security-features/debian/debian/install
new file mode 100644
index 0000000..b2551e6
--- /dev/null
+++ b/t/tests/pe-missing-security-features/debian/debian/install
@@ -0,0 +1 @@
+*.exe usr/share/win32
diff --git a/t/tests/pe-missing-security-features/debian/extrac32.exe b/t/tests/pe-missing-security-features/debian/extrac32.exe
new file mode 100644
index 0000000..a362dac
Binary files /dev/null and b/t/tests/pe-missing-security-features/debian/extrac32.exe differ
diff --git a/t/tests/pe-missing-security-features/debian/win32-loader.exe b/t/tests/pe-missing-security-features/debian/win32-loader.exe
new file mode 100644
index 0000000..ee8a100
Binary files /dev/null and b/t/tests/pe-missing-security-features/debian/win32-loader.exe differ
diff --git a/t/tests/pe-missing-security-features/desc b/t/tests/pe-missing-security-features/desc
new file mode 100644
index 0000000..457bf80
--- /dev/null
+++ b/t/tests/pe-missing-security-features/desc
@@ -0,0 +1,5 @@
+Testname: pe-missing-security-features
+Version: 1.0
+Description: Check for PE binaries missing security features
+Test-Against:
+ portable-executable-missing-security-features
diff --git a/t/tests/pe-missing-security-features/tags b/t/tests/pe-missing-security-features/tags
new file mode 100644
index 0000000..e69de29
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Reply to: