file: Skip SSP check for data libraries

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/libpakfire/file.c b/src/libpakfire/file.c
index 94d8ff045dc1e004221952f41f343b233959ede1..20df1dc988f5b64aea552506c42832546cbb9218 100644 (file)
--- a/src/libpakfire/file.c
+++ b/src/libpakfire/file.c
@@ -1659,6 +1659,9 @@ static int __pakfire_file_hardening_check_ssp(
        GElf_Sym symbol;
        const char* name = NULL;
 
+       // Count any global functions
+       size_t counter = 0;
+
        // Walk through all sections
        for (;;) {
                section = elf_nextscn(elf, section);
@@ -1692,6 +1695,18 @@ static int __pakfire_file_hardening_check_ssp(
                // Exit if there is a symbol called "__stack_chk_fail"
                if (pakfire_string_startswith(name, "__stack_chk_fail"))
                        return 0;
+
+               // Count any global functions
+               if ((ELF64_ST_BIND(symbol.st_info) == STB_GLOBAL) &&
+                               (ELF64_ST_TYPE(symbol.st_info) == STT_FUNC))
+                       counter++;
+       }
+
+       // We do not perform the check for libraries that do not contain any functions.
+       // Some packages use shared libraries to provide data.
+       if (!counter) {
+               DEBUG(file->pakfire, "%s: File has no functions. Skipping SSP check.\n", file->path);
+               return 0;
        }
 
        // The file does not seem to have SSP enabled