X-Git-Url: https://ruderich.org/simon/gitweb/?p=blhc%2Fblhc.git;a=blobdiff_plain;f=bin%2Fblhc;h=6e5e8f44b1b16ae125776d49688b9663babe22d5;hp=fa0f8a396baa04fcfccbe4e9208f6a392898bf84;hb=db749f492c88f727c2b6c402984b273548335ba0;hpb=d52160954caa2af70f44181bcf113df1a5c3c61b diff --git a/bin/blhc b/bin/blhc index fa0f8a3..6e5e8f4 100755 --- a/bin/blhc +++ b/bin/blhc @@ -2,7 +2,7 @@ # Build log hardening check, checks build logs for missing hardening flags. -# Copyright (C) 2012-2016 Simon Ruderich +# Copyright (C) 2012-2017 Simon Ruderich # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -24,7 +24,7 @@ use warnings; use Getopt::Long (); use Text::ParseWords (); -our $VERSION = '0.05'; +our $VERSION = '0.07'; # CONSTANTS/VARIABLES @@ -89,10 +89,10 @@ my @source_no_preprocess_compile_cpp = ( qw( mii ), ); my @source_no_preprocess_compile_ada = ( + # Ada source + qw( ada ), # Ada body qw( adb ), - # If you add another file, fix use of @source_no_preprocess_compile_ada - # below (search for $compile_ada). ); my @source_no_preprocess_compile = ( # C @@ -106,11 +106,15 @@ my @source_no_preprocess_compile = ( # Ada @source_no_preprocess_compile_ada, ); +my @source_no_preprocess_no_compile_ada = ( + # Ada specification + qw( ads ), +); my @source_no_preprocess_no_compile = ( # Assembly qw( s ), - # Ada specification - qw( ads ), + # Ada + @source_no_preprocess_no_compile_ada, ); my @source_no_preprocess = ( @source_no_preprocess_compile, @@ -161,6 +165,10 @@ my %extensions_compile_cpp = map { $_ => 1 } ( @source_preprocess_compile_cpp, @source_no_preprocess_compile_cpp, ); +my %extensions_ada = map { $_ => 1 } ( + @source_no_preprocess_compile_ada, + @source_no_preprocess_no_compile_ada, +); my %extensions_object = map { $_ => 1 } ( @object, ); @@ -610,7 +618,7 @@ if ($option_help) { } if ($option_version) { print <<"EOF"; -blhc $VERSION Copyright (C) 2012-2016 Simon Ruderich +blhc $VERSION Copyright (C) 2012-2017 Simon Ruderich This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -972,6 +980,8 @@ foreach my $file (@ARGV) { # look like a compiler executable thus causing the line to be # treated as a normal compiler line. next if $line =~ m{^\s*rm\s+}; + # Some build systems emit "gcc > file". + next if $line =~ m{$cc_regex_normal\s*>\s*\S+}; # Check if additional hardening options were used. Used to ensure # they are used for the complete build. @@ -1012,17 +1022,25 @@ foreach my $file (@ARGV) { # Option or auto detected. if ($arch) { - # The following was partially copied from dpkg-dev 1.18.7 - # (/usr/share/perl5/Dpkg/Vendor/Debian.pm, add_hardening_flags()), + # The following was partially copied from dpkg-dev 1.18.15 + # (/usr/share/perl5/Dpkg/Vendor/Debian.pm, _add_hardening_flags()), # copyright Raphaël Hertzog , Kees Cook # , Canonical, Ltd. licensed under GPL version 2 or # later. Keep it in sync. require Dpkg::Arch; - my ($abi, $os, $cpu) = Dpkg::Arch::debarch_to_debtriplet($arch); + my ($os, $cpu); + # Recent dpkg versions use a quadruplet for arch. Support both. + eval { + (undef, undef, $os, $cpu) = Dpkg::Arch::debarch_to_debtuple($arch); + }; + if ($@) { + (undef, $os, $cpu) = Dpkg::Arch::debarch_to_debtriplet($arch); + } # Disable unsupported hardening options. - if ($os !~ /^(?:linux|knetbsd|hurd)$/ or $cpu =~ /^(?:hppa|avr32)$/) { + if ($os !~ /^(?:linux|kfreebsd|knetbsd|hurd)$/ + or $cpu =~ /^(?:hppa|avr32)$/) { $harden_pie = 0; } if ($cpu =~ /^(?:ia64|alpha|hppa|nios2)$/ or $arch eq 'arm') { @@ -1227,10 +1245,9 @@ LINE: $compile_cpp = 1; # Ada needs special CFLAGS, use them if only ada files are compiled. } elsif ($ada - and $compile - and array_equal(\@extensions, - \@source_no_preprocess_compile_ada)) { + and extension_found(\%extensions_ada, @extensions)) { $compile_ada = 1; + $preprocess = 0; # Ada uses no CPPFLAGS @cflags_backup = @cflags; @cflags = @cflags_ada; } @@ -1609,7 +1626,7 @@ Ejari.aalto@cante.netE for their valuable input and suggestions. =head1 LICENSE AND COPYRIGHT -Copyright (C) 2012-2016 by Simon Ruderich +Copyright (C) 2012-2017 by Simon Ruderich This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by