Merge bitcoin/bitcoin#26953: contrib: add ELF OS ABI check to symbol-check.py

65ba8a79a2919a0bd89f2f2d981e072d4f2f549d contrib: add ELF ABI check to symbol-check.py (fanquake)

Pull request description:

  Check that the operating system ABI version embedded into the release binaries, is the version we expect it to be.

ACKs for top commit:
  laanwj:
    Code review ACK 65ba8a79a2919a0bd89f2f2d981e072d4f2f549d
  TheCharlatan:
    ACK 65ba8a79a2919a0bd89f2f2d981e072d4f2f549d

Tree-SHA512: 798d7c3b05183becf113a2ea13d889e18f1cec01d3cc279e64dbddede4d57f87444978f3f52c44bc5fdf0ba93d77c7c0be37aa815f93f348c35da45dc3d30ac2
This commit is contained in:
fanquake 2023-05-03 09:48:44 +01:00 committed by pasta
parent deb7de26dd
commit a4e429cb5a
No known key found for this signature in database
GPG Key ID: E2F3D7916E722D38

View File

@ -75,6 +75,25 @@ ELF_INTERPRETER_NAMES: Dict[lief.ELF.ARCH, Dict[lief.ENDIANNESS, str]] = {
},
}
ELF_ABIS: Dict[lief.ELF.ARCH, Dict[lief.ENDIANNESS, List[int]]] = {
lief.ELF.ARCH.x86_64: {
lief.ENDIANNESS.LITTLE: [3,2,0],
},
lief.ELF.ARCH.ARM: {
lief.ENDIANNESS.LITTLE: [3,2,0],
},
lief.ELF.ARCH.AARCH64: {
lief.ENDIANNESS.LITTLE: [3,7,0],
},
lief.ELF.ARCH.PPC64: {
lief.ENDIANNESS.LITTLE: [3,10,0],
lief.ENDIANNESS.BIG: [3,2,0],
},
lief.ELF.ARCH.RISCV: {
lief.ENDIANNESS.LITTLE: [4,15,0],
},
}
# Allowed NEEDED libraries
ELF_ALLOWED_LIBRARIES = {
# dashd and dash-qt
@ -248,12 +267,19 @@ def check_ELF_interpreter(binary) -> bool:
return binary.concrete.interpreter == expected_interpreter
def check_ELF_ABI(binary) -> bool:
expected_abi = ELF_ABIS[binary.header.machine_type][binary.abstract.header.endianness]
note = binary.concrete.get(lief.ELF.NOTE_TYPES.ABI_TAG)
assert note.details.abi == lief.ELF.NOTE_ABIS.LINUX
return note.details.version == expected_abi
CHECKS = {
lief.EXE_FORMATS.ELF: [
('IMPORTED_SYMBOLS', check_imported_symbols),
('EXPORTED_SYMBOLS', check_exported_symbols),
('LIBRARY_DEPENDENCIES', check_ELF_libraries),
('INTERPRETER_NAME', check_ELF_interpreter),
('ABI', check_ELF_ABI),
],
lief.EXE_FORMATS.MACHO: [
('DYNAMIC_LIBRARIES', check_MACHO_libraries),