# Build log hardening check, checks build logs for missing hardening flags.
-# Copyright (C) 2012 Simon Ruderich
+# Copyright (C) 2012-2013 Simon Ruderich
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
use Getopt::Long ();
use Text::ParseWords ();
-our $VERSION = '0.03';
+our $VERSION = '0.04';
# CONSTANTS/VARIABLES
#
# C++ compiler setting.
return 0 if $line =~ /^\s*C\+\+.+?:\s+(?:yes|no)\s*$/;
+ return 0 if $line =~ /^\s*C\+\+ Library: stdc\+\+$/;
# "Compiling" with no file name.
if ($line =~ /^\s*[Cc]ompiling\s+(.+?)(?:\.\.\.)?$/) {
# $file_extension_regex may need spaces around the filename.
Pod::Usage::pod2usage(1);
}
if ($option_version) {
- print "blhc $VERSION Copyright (C) 2012 Simon Ruderich
+ print "blhc $VERSION Copyright (C) 2012-2013 Simon Ruderich
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
next if $line =~ /^\s*(?:Host\s+)?(?:C(?:\+\+)?\s+)?
[Cc]ompiler[\s.]*:?\s+
/x;
- next if $line =~ /^\s*(?:- )?(?:HOST_)?(?:CC|CXX)\s*=\s*$cc_regex_full\s*$/o;
+ next if $line =~ m{^\s*(?:-\s)?(?:HOST_)?(?:CC|CXX)
+ \s*=\s*$cc_regex_full
+ # optional compiler options, don't allow
+ # "everything" here to prevent false negatives
+ \s*(?:\s-\S+)*\s*$}xo;
# `moc-qt4`/`moc-qt5` contain '-I.../linux-g++' in their command
# line (or similar for other architectures) which gets recognized
# as a compiler line, but `moc-qt*` is only a preprocessor for Qt
# C++ files. No hardening flags are relevant during this step,
# thus ignore `moc-qt*` lines. The resulting files will be
# compiled in a separate step (and therefore checked).
- next if $line =~ m{^\S+/bin/moc-qt[45]
+ next if $line =~ m{^\S+/bin/moc(?:-qt[45])?
\s.+\s
-I\S+/mkspecs/[a-z]+-g\++(?:-64)?
\s}x;
=head1 LICENSE AND COPYRIGHT
-Copyright (C) 2012 by Simon Ruderich
+Copyright (C) 2012-2013 by Simon Ruderich
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by