public override void Analyze(BinaryAnalyzerContext context)
{
IELF elf = context.ELFBinary().ELF;
HashSet <string> symbolNames =
new HashSet <string>
(
ELFUtility.GetAllSymbols(elf).Select <ISymbolEntry, string>(sym => sym.Name)
);
foreach (string stack_chk in stack_check_symbols)
{
if (symbolNames.Contains(stack_chk))
{
context.Logger.Log(this,
RuleUtilities.BuildResult(ResultLevel.Pass, context, null,
nameof(RuleResources.BA3003_Pass),
context.TargetUri.GetFileName()));
return;
}
}
// If we haven't found the stack protector, we assume it wasn't used.
context.Logger.Log(this,
RuleUtilities.BuildResult(ResultLevel.Error, context, null,
nameof(RuleResources.BA3003_Error),
context.TargetUri.GetFileName()));
}
/// <summary>
/// Checks if Fortified functions are used--the -DFORTIFY_SOURCE=2 flag enables these when -O2 is enabled.
///
/// Check implementation:
/// -Get all function symbols in the ELF binary
/// -Check for any fortified functions--if we find any, we used the option.
/// -Check for any unfortified functions. If we only find unfortified functions, one of two things is true:
/// 1) Fortify Source wasn't used; or
/// 2) Fortify Source was used, but gcc/clang was unable to statically find anything that needed to be fortified.
/// We report on both cases.
/// -If no fortifiable functions were used at all, the rule doesn't apply.
/// </summary>
public override void Analyze(BinaryAnalyzerContext context)
{
IELF elf = context.ELFBinary().ELF;
IEnumerable <ISymbolEntry> symbols =
ELFUtility.GetAllSymbols(elf).Where(sym => sym.Type == SymbolType.Function || sym.Type == SymbolType.Object);
List <ISymbolEntry> protectedFunctions = new List <ISymbolEntry>();
List <ISymbolEntry> unprotectedFunctions = new List <ISymbolEntry>();
foreach (ISymbolEntry e in symbols)
{
if (unfortifiedFunctions.Contains(e.Name))
{
unprotectedFunctions.Add(e);
}
else if (fortifiedFunctions.Contains(e.Name))
{
protectedFunctions.Add(e);
}
}
if (protectedFunctions.Any())
{
if (unprotectedFunctions.Any())
{
context.Logger.Log(this,
RuleUtilities.BuildResult(ResultKind.Pass, context, null,
nameof(RuleResources.BA3030_Pass_SomeFunctionsChecked),
context.TargetUri.GetFileName()));
}
else
{
context.Logger.Log(this,
RuleUtilities.BuildResult(ResultKind.Pass, context, null,
nameof(RuleResources.BA3030_Pass_AllFunctionsChecked),
context.TargetUri.GetFileName()));
}
}
else if (unprotectedFunctions.Any())
{
context.Logger.Log(this,
RuleUtilities.BuildResult(FailureLevel.Error, context, null,
nameof(RuleResources.BA3030_Error),
context.TargetUri.GetFileName()));
}
else
{
context.Logger.Log(this,
RuleUtilities.BuildResult(ResultKind.Pass, context, null,
nameof(RuleResources.BA3030_Pass_NoCheckableFunctions),
context.TargetUri.GetFileName()));
}
}