dash/contrib
fanquake bd7b5a3ad4
Merge #18713: scripts: Add MACHO stack canary check to security-check.py
8334ee31f868f0f9baf0920d14d20174ed889dbe scripts: add MACHO LAZY_BINDINGS test to test-security-check.py (fanquake)
7b99c7454cdb74cd9cd7a5eedc2fb9d0a19df456 scripts: add MACHO Canary check to security-check.py (fanquake)

Pull request description:

  7b99c7454cdb74cd9cd7a5eedc2fb9d0a19df456 uses `otool -Iv` to check for `___stack_chk_fail` in the macOS binaries. Similar to the [ELF check](https://github.com/bitcoin/bitcoin/blob/master/contrib/devtools/security-check.py#L105). Note that looking for a triple underscore prefixed function (as opposed to two for ELF) is correct for the macOS binaries. i.e:
  ```bash
  otool -Iv bitcoind | grep chk
  0x00000001006715b8   509 ___memcpy_chk
  0x00000001006715be   510 ___snprintf_chk
  0x00000001006715c4   511 ___sprintf_chk
  0x00000001006715ca   512 ___stack_chk_fail
  0x00000001006715d6   517 ___vsnprintf_chk
  0x0000000100787898   513 ___stack_chk_guard
  ```

  8334ee31f868f0f9baf0920d14d20174ed889dbe is a follow up to #18295 and adds test cases to `test-security-check.py` that for some reason I didn't add at the time. I'll sort out #18434 so that we can run these tests in the CI.

ACKs for top commit:
  practicalswift:
    ACK 8334ee31f868f0f9baf0920d14d20174ed889dbe: Mitigations are important. Important things are worth asserting :)
  jonasschnelli:
    utACK 8334ee31f868f0f9baf0920d14d20174ed889dbe.

Tree-SHA512: 1aa5ded34bbd187eddb112b27278deb328bfc21ac82316b20fab6ad894f223b239a76b53dab0ac1770d194c1760fcc40d4da91ec09959ba4fc8eadedb173936a
2022-06-18 22:14:03 -07:00
..
auto_gdb Fix python dead code warnings 2021-10-05 20:34:01 +03:00
containers ci: fix docker context (#4816) 2022-04-28 11:35:50 -05:00
debian merge #17165: Remove BIP70 support (#4023) 2022-04-25 12:01:47 +03:00
devtools Merge #18713: scripts: Add MACHO stack canary check to security-check.py 2022-06-18 22:14:03 -07:00
gitian-descriptors Merge #17787: scripts: add MACHO PIE check to security-check.py 2022-06-08 12:36:52 +07:00
gitian-keys contrib: Added thephez.pgp (#3750) 2020-09-30 15:30:55 +03:00
init Merge #16569: Increase init file stop timeout 2022-04-02 16:30:52 +05:30
linearize Merge #15257: Scripts and tools: Bump flake8 to 3.7.8 2021-10-05 20:34:01 +03:00
macdeploy Merge bitcoin/bitcoin#23598: contrib: Specify wb mode when creating mac sdk 2022-04-03 18:48:15 -05:00
qos Partial Merge #14831: Scripts and tools: Use #!/usr/bin/env bash instead of #!/bin/bash. 2021-08-15 11:08:08 -04:00
seeds Merge #15840: Contrib scripts: Filter IPv6 by ASN 2021-11-18 12:12:55 -05:00
testgen Merge #16812: doc: Fix whitespace errs in .md files, bitcoin.conf, and Info.plist.in 2022-01-20 13:09:17 -05:00
verify-commits partial merge #16327: scripts and tools: Update ShellCheck linter 2021-12-03 18:13:01 +03:00
verifybinaries partial merge #16327: scripts and tools: Update ShellCheck linter 2021-12-03 18:13:01 +03:00
windeploy partial merge #16327: scripts and tools: Update ShellCheck linter 2021-12-03 18:13:01 +03:00
zmq Merge bitcoin#14060: ZMQ: add options to configure outbound message high water mark, aka SNDHWM (#4360) 2021-09-08 12:39:06 -04:00
dash-cli.bash-completion Merge #17282: contrib: remove accounts from bash completion 2022-05-31 12:06:32 -04:00
dash-qt.pro merge bitcoin#15450: Create wallet menu option 2022-04-06 13:49:58 +05:30
dash-tx.bash-completion Merge #8289: bash-completion: Adapt for 0.12 and 0.13 2017-12-28 11:44:59 +01:00
dashd.bash-completion merge #17165: Remove BIP70 support (#4023) 2022-04-25 12:01:47 +03:00
filter-lcov.py Merge #17691: doc: Add missed copyright headers 2022-04-02 09:19:20 +05:30
gitian-build.py Merge #17691: doc: Add missed copyright headers 2022-04-02 09:19:20 +05:30
README.md Merge #16812: doc: Fix whitespace errs in .md files, bitcoin.conf, and Info.plist.in 2022-01-20 13:09:17 -05:00
valgrind.supp bitcoin -> Dash 2020-01-30 07:37:50 -06:00

Repository Tools

Developer tools

Specific tools for developers working on this repository. Contains the script github-merge.py for merging GitHub pull requests securely and signing them using GPG.

Verify-Commits

Tool to verify that every merge commit was signed by a developer using the above github-merge.py script.

Linearize

Construct a linear, no-fork, best version of the blockchain.

Qos

A Linux bash script that will set up traffic control (tc) to limit the outgoing bandwidth for connections to the Dash network. This means one can have an always-on dashd instance running, and another local dashd/dash-qt instance which connects to this node and receives blocks from it.

Seeds

Utility to generate the pnSeed[] array that is compiled into the client.

Build Tools and Keys

Debian

Contains files used to package dashd/dash-qt for Debian-based Linux systems. If you compile dashd/dash-qt yourself, there are some useful files here.

Gitian-descriptors

Notes on getting Gitian builds up and running using KVM.

Gitian-keys

PGP keys used for signing Dash Core Gitian release results.

MacDeploy

Scripts and notes for Mac builds.

Gitian-build

Script for running full Gitian builds.

Test and Verify Tools

TestGen

Utilities to generate test vectors for the data-driven Dash tests.

Verify Binaries

This script attempts to download and verify the signature file SHA256SUMS.asc from bitcoin.org.