7c9e821c4e6cb186208ead9c8df616d1f393a49a scripts: add MACHO NOUNDEFS check to security-check.py (fanquake)
4ca92dc6d3f3e487d63286d8871d1829b3d279ff scripts: add MACHO PIE check to security-check.py (fanquake)
Pull request description:
This uses `otool -vh` to print the mach header and look for the `PIE` flag:
```bash
otool -vh src/bitcoind
Mach header
magic cputype cpusubtype caps filetype ncmds sizeofcmds flags
MH_MAGIC_64 X86_64 ALL LIB64 EXECUTE 24 2544 NOUNDEFS DYLDLINK TWOLEVEL WEAK_DEFINES BINDS_TO_WEAK PIE
```
From [`mach-o/loader.h`](https://opensource.apple.com/source/cctools/cctools-927.0.2/include/mach-o/loader.h.auto.html):
```c
#define MH_PIE 0x200000 /* When this bit is set, the OS will
load the main executable at a
random address. Only used in
MH_EXECUTE filetypes. */
```
ACKs for top commit:
laanwj:
code review ACK 7c9e821c4e6cb186208ead9c8df616d1f393a49a
Tree-SHA512: 5ba2f60440d0e31c70371a355c91ca4f723d80f7287d04e2098bf5b11892cc74216ff8f1454603c4db9675d4f7983614843b992b8dcfca0309aadf2aa7ab2e4b
af1ed206f Fix broken Gmane URLs (Craig Younkins)
Pull request description:
This is an automated pull request to fix broken Gmane URLs.
Here's what I did:
First I searched for Gmane URLs in your repo. For each Gmane URL, I checked if the content was available at the URL. For URLs where the content was not available, I first checked the `article` subdomain of Gmane, which has some content not available on the `thread` and `comments` subdomains.
If the content wasn't anywhere on Gmane's web interface, I resolved the URL to a [Message-ID](https://en.wikipedia.org/wiki/Message-ID) via the Gmane NNTP interface and tried to find the Message-ID on other mailing list archivers. I checked `mail-archive.com`, then `marc.info`, then `lists.debian.org` and so on.
If a new URL was found, I replaced it in this pull request. If the content wasn't found, I left the link alone.
Tree-SHA512: b46258de485a411fc4fbd6b8fb044c30fa062fd3a7ef78c6b8b405802c91283bc5c9f7f8b8c83385f3a12fe39578ea0695efd19ce19f3bb4606fbbd1be894d0e
1e60713a68296a0ff221befb48b2958fbf019ebf contrib: Fix test-security-check fail in Ubuntu 18.04 (Chun Kuan Lee)
Pull request description:
- Fix test-security-check fail in Ubuntu 18.04. Those flags are enabled by default, so we must specify `-no` to make the executable does 'not' have those attributes.
- Drop HIGH_ENTROPY_VA. After update our gitian system to Bionic, the compiler should support HIGH_ENTROPY_VA
Tree-SHA512: 78c1f2aae1253ddd52faa1af569b7151a503a217c7ccbe21b8004d8910c45d8a27ff04695eacbdadd7192d2c91c0d59941ca20c651dd2d5052b9999163a11ae4
37d363dd4acf7d41196d44b295593019add241c3 Tools: fix BIND_NOW check in security-check.py (Conrado Gouvea)
Pull request description:
Previously, the BIND_NOW check would work only if it was the first value in FLAGS.
Tree-SHA512: 39cd83f673a6b521803be5585ada516f2db4eede718f0c5aea3377825ed1adcefed5bbb41dd9a5f24a26f7d27116cfc81bde7e26283232593b72768c5ae3d321
78214588d Use for-loop instead of list comprehension (practicalswift)
823979436 Use the variable name _ for unused return values (practicalswift)
2e6080bbf Remove unused variables and/or function calls (practicalswift)
9b94054b7 Avoid reference to undefined name: stderr does not exist, sys.stderr does (practicalswift)
51cb6b822 Use print(...) instead of undefined printf(...) (practicalswift)
25cd520fc Use sys.exit(...) instead of exit(...): exit(...) should not be used in programs (practicalswift)
Pull request description:
Python cleanups:
* Avoid reference to undefined name: `stderr` does not exist, `sys.stderr` does
* Use `print(...)` instead of undefined `printf(...)`
* Avoid redefinition of variable (`tx`) in list comprehension
* Remove unused variables and/or function calls
* Use `sys.exit(...)` instead of `exit(...)`: [`exit(...)` should not be used in programs](https://github.com/bitcoin/bitcoin/pull/10753#discussion_r125935027)
Tree-SHA512: 1238dfbc1d20f7edadea5e5406a589f293065638f6234809f0d5b6ba746dffe3d276bc5884c7af388a6c798c61a8759faaccf57f381225644754c0f61914eb4b
* Merge #11881: Remove Python2 support
1874058 Make base58 python contrib code work with python3 (Evan Klitzke)
bc6fdf2 Change all python files to use Python3 (John Newbery)
Pull request description:
Following discussion here: https://github.com/bitcoin/bitcoin/pull/11843#issuecomment-351033742
It's easier for maintainers if all python tools/scripts support only a single version of Python. There are only a few scripts that aren't explicitly python3 at this point, so this PR changes those remaining scripts to explicitly require python3.
Tree-SHA512: 5d38eef6e0fc7d8515e23a1f4c75e8b4160fd0fe23cba52a1f41689b114e54a9e503e0724829e8b41982ef98f2d113df80d9e238213b74f09ceaed0344a19e24
* Merge #12829: Python3 fixup
f50975b [contrib] fixup symbol-check.py Python3 support (John Newbery)
5de2b18 [contrib] fixup security-check.py Python3 support (John Newbery)
Pull request description:
security-check.py and symbol-check.py were broken by #11881. Fix them.
Tree-SHA512: 86de3d6dc3292b1ae4cc04c2d7d7dbbf39c9270551d7b224b8d8b19e3184c30c897dbf823200403706d06bb405c0decad5cfd690cb2c0312992a235a4ffcf6bf
62c2915 build: supply `-Wl,--high-entropy-va` (Wladimir J. van der Laan)
9a75d29 devtools: Check for high-entropy ASLR in 64-bit PE executables (Wladimir J. van der Laan)
- fix parsing of BIND_NOW with older readelf
- add _IO_stdin_used to ignored exports
For details see: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=634261#109
- add check-symbols and check-security make targets
These are not added to the default checks because some of them depend on
release-build configs.
- always link librt for glibc back-compat builds
glibc absorbed clock_gettime in 2.17. librt (its previous location) is safe to
link in anyway for back-compat.
Fixes#7420
- add security/symbol checks to gitian
Github-Pull: #7424
Rebased-From: cd27bf51e0475813ba5bf3d3eaf78ea8ce872118a81c87fafc
Perform the following ELF security checks:
- PIE: Check for position independent executable (PIE), allowing for address space randomization
- NX: Check that no sections are writable and executable (including the stack)
- RELRO: Check for read-only relocations, binding at startup
- Canary: Check for use of stack canary
Also add a check to symbol-check.py that checks that only the subset of
allowed libraries is imported (to avoid incompatibilities).