1e60713a68296a0ff221befb48b2958fbf019ebf contrib: Fix test-security-check fail in Ubuntu 18.04 (Chun Kuan Lee)
Pull request description:
- Fix test-security-check fail in Ubuntu 18.04. Those flags are enabled by default, so we must specify `-no` to make the executable does 'not' have those attributes.
- Drop HIGH_ENTROPY_VA. After update our gitian system to Bionic, the compiler should support HIGH_ENTROPY_VA
Tree-SHA512: 78c1f2aae1253ddd52faa1af569b7151a503a217c7ccbe21b8004d8910c45d8a27ff04695eacbdadd7192d2c91c0d59941ca20c651dd2d5052b9999163a11ae4
c8176b3cc7556d7bcec39a55ae4d6ba16453baaa Add linter: Make sure we explicitly open all text files using UTF-8 or ASCII encoding in Python (practicalswift)
634bd970013eca90f4b4c1f9044eec8c97ba62c2 Explicitly specify encoding when opening text files in Python code (practicalswift)
Pull request description:
Add linter: Make sure we explicitly open all text files using UTF-8 encoding in Python.
As requested by @laanwj in #13440.
Tree-SHA512: 1651c00fe220ceb273324abd6703aee504029b96c7ef0e3029145901762c733c9b9d24927da281394fd4681a5bff774336c04eed01fafea997bb32192c334c06
Signed-off-by: pasta <pasta@dashboost.org>
# Conflicts:
# contrib/devtools/circular-dependencies.py
# contrib/linearize/linearize-data.py
# contrib/linearize/linearize-hashes.py
# contrib/seeds/generate-seeds.py
# contrib/verify-commits/verify-commits.py
# test/functional/multiwallet.py
# test/functional/notifications.py
# test/functional/test_runner.py
# test/util/rpcauth-test.py
ab3f4dd tests: Add test for 64-bit PE, modify 32-bit test results (Chun Kuan Lee)
Pull request description:
9a75d29b6f change the error result from `PIE` to `DYNAMIC_BASE`. And there are no test for 64-bit, so I made one
Tree-SHA512: 9d5643dadf4d9fc34ea32d94655bfb98eec2f7bc2820b4b0f525d5acf1cd22f3acf38bf8904dda4f50fd9ca5a5e56d566a392e6f804eea6e50e03cba40048621
Perform the following ELF security checks:
- PIE: Check for position independent executable (PIE), allowing for address space randomization
- NX: Check that no sections are writable and executable (including the stack)
- RELRO: Check for read-only relocations, binding at startup
- Canary: Check for use of stack canary
Also add a check to symbol-check.py that checks that only the subset of
allowed libraries is imported (to avoid incompatibilities).
