freebsd-dev/scripts/paxcheck.sh
Giuseppe Di Natale c552fbc5f0 Enable shellcheck to run for select scripts
Enable shellcheck to run on zed scripts,
paxcheck.sh, zfs-tests.sh, zfs.sh, and zloop.sh.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Tony Hutter <hutter2@llnl.gov>
Signed-off-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Closes #5812
2017-03-09 10:20:15 -08:00

45 lines
1.2 KiB
Bash
Executable File

#!/bin/sh
# shellcheck disable=SC2039
if ! type scanelf > /dev/null 2>&1; then
echo "scanelf (from pax-utils) is required for these checks." >&2
exit 3
fi
RET=0
# check for exec stacks
OUT=$(scanelf -qyRAF '%e %p' "$1")
if [ x"${OUT}" != x ]; then
RET=2
echo "The following files contain writable and executable sections"
echo " Files with such sections will not work properly (or at all!) on some"
echo " architectures/operating systems."
echo " For more information, see:"
echo " https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart"
echo
echo "${OUT}"
echo
fi
# check for TEXTRELS
OUT=$(scanelf -qyRAF '%T %p' "$1")
if [ x"${OUT}" != x ]; then
RET=2
echo "The following files contain runtime text relocations"
echo " Text relocations force the dynamic linker to perform extra"
echo " work at startup, waste system resources, and may pose a security"
echo " risk. On some architectures, the code may not even function"
echo " properly, if at all."
echo " For more information, see:"
echo " https://wiki.gentoo.org/wiki/Hardened/HOWTO_locate_and_fix_textrels"
echo
echo "${OUT}"
echo
fi
exit $RET