Commit Graph

9 Commits

Author SHA1 Message Date
Wladimir J. van der Laan
4e1567acff
Merge #8249: Enable (and check for) 64-bit ASLR on Windows
62c2915 build: supply `-Wl,--high-entropy-va` (Wladimir J. van der Laan)
9a75d29 devtools: Check for high-entropy ASLR in 64-bit PE executables (Wladimir J. van der Laan)
2016-09-26 13:34:38 +02:00
Wladimir J. van der Laan
9a75d29b6f devtools: Check for high-entropy ASLR in 64-bit PE executables
check_PE_PIE only checked for DYNAMIC_BASE, this is not enough
for (secure) ASLR on 64-bit.
2016-09-26 12:57:55 +02:00
isle2983
4677b197f7 [copyright] add MIT License copyright header to remaining Python files 2016-09-11 16:21:01 -06:00
Matthew King
7b01ce254c Favour python over python2 as per PR #7723 2016-06-28 12:59:34 +03:00
Matthew King
873e81f89b Use portable #! in python scripts (/usr/bin/env) 2016-06-26 16:47:03 +03:00
Wladimir J. van der Laan
18f05c765c build: python 3 compatibility
Ubuntu 16.04 "xenial xerus" does not come with Python 2.x by default.
It is possible to install a python-2.7 package, but this has its own
problem: no `python` or `python2` symlink (see #7717).

This fixes the following scripts to work with python 3:
- `make check` (bctest,py, bitcoin-util-test.py)
- `make translate` (extract_strings_qt.py)
- `make symbols-check` (symbol-check.py)
- `make security-check` (security-check.py)

Explicitly call the python commands using $(PYTHON) instead
of relying on the interpreter line at the top of the scripts.
2016-03-29 17:20:16 +02:00
Cory Fields
cd27bf51e0 release: fix parsing of BIND_NOW with older readelf 2016-01-26 23:07:04 -05:00
calebogden
0331aa350c Fixing typos on security-check.py and torcontrol.cpp 2016-01-08 13:31:42 -08:00
Wladimir J. van der Laan
579b863cd7 devtools: Add security-check.py
Perform the following ELF security checks:

- PIE: Check for position independent executable (PIE), allowing for address space randomization
- NX: Check that no sections are writable and executable (including the stack)
- RELRO: Check for read-only relocations, binding at startup
- Canary: Check for use of stack canary

Also add a check to symbol-check.py that checks that only the subset of
allowed libraries is imported (to avoid incompatibilities).
2015-10-22 03:35:38 +02:00