59 lines
1.3 KiB
Go
59 lines
1.3 KiB
Go
package ldd
|
|
|
|
import (
|
|
"bytes"
|
|
"context"
|
|
"io"
|
|
"os"
|
|
"os/exec"
|
|
"time"
|
|
|
|
"git.gensokyo.uk/security/fortify/sandbox"
|
|
)
|
|
|
|
const lddTimeout = 2 * time.Second
|
|
|
|
var (
|
|
msgStatic = []byte("Not a valid dynamic program")
|
|
msgStaticGlibc = []byte("not a dynamic executable")
|
|
)
|
|
|
|
func Exec(ctx context.Context, p string) ([]*Entry, error) { return ExecFilter(ctx, nil, nil, p) }
|
|
|
|
func ExecFilter(ctx context.Context,
|
|
commandContext func(context.Context) *exec.Cmd,
|
|
f func([]byte) []byte,
|
|
p string) ([]*Entry, error) {
|
|
c, cancel := context.WithTimeout(ctx, lddTimeout)
|
|
defer cancel()
|
|
container := sandbox.New(c, "ldd", p)
|
|
container.CommandContext = commandContext
|
|
container.Hostname = "fortify-ldd"
|
|
stdout, stderr := new(bytes.Buffer), new(bytes.Buffer)
|
|
container.Stdout = stdout
|
|
container.Stderr = stderr
|
|
container.Bind("/", "/", 0).Proc("/proc").Dev("/dev")
|
|
|
|
if err := container.Start(); err != nil {
|
|
return nil, err
|
|
}
|
|
defer func() { _, _ = io.Copy(os.Stderr, stderr) }()
|
|
if err := container.Serve(); err != nil {
|
|
return nil, err
|
|
}
|
|
if err := container.Wait(); err != nil {
|
|
m := stderr.Bytes()
|
|
if bytes.Contains(m, append([]byte(p+": "), msgStatic...)) ||
|
|
bytes.Contains(m, msgStaticGlibc) {
|
|
return nil, nil
|
|
}
|
|
return nil, err
|
|
}
|
|
|
|
v := stdout.Bytes()
|
|
if f != nil {
|
|
v = f(v)
|
|
}
|
|
return Parse(v)
|
|
}
|