]>
Commit | Line | Data |
---|---|---|
e5192f6a MT |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2007, 2008, 2009 Michael Tremer & Christian Schmidt # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
22 | TMP_DIR=$1 | |
23 | ||
24 | echo " Searching for bad RPATH attributes..." | |
25 | ||
26 | # Make sure we disallow insecure RUNPATH/RPATH's | |
27 | # Don't want paths that point to the tree where the package was built | |
28 | # (older, broken libtools would do this). Also check for null paths | |
29 | # because the loader will search $PWD when it finds null paths. | |
30 | ||
31 | command="scanelf -qyRF '%r %p' ${TMP_DIR} 2>/dev/null | awk '{ print $NF }'" | |
32 | ||
33 | for i in $QUALITY_AGENT_WHITELIST_RPATH; do | |
34 | if [ -n "$FILTER" ]; then | |
35 | FILTER="$FILTER|$i" | |
36 | else | |
37 | FILTER="$i" | |
38 | fi | |
39 | done | |
40 | ||
41 | if [ -n "$FILTER" ]; then | |
42 | command="$command | grep -vE \"$FILTER\"" | |
43 | fi | |
44 | ||
45 | files=$($command) | |
46 | if [ -n "$files" ]; then | |
47 | echo " QA Notice: The following files contain insecure RUNPATH's" | |
48 | echo "${files}" | |
49 | echo | |
50 | exit 1 | |
51 | fi |