61 lines
1.3 KiB
Go
61 lines
1.3 KiB
Go
package ldd
|
|
|
|
import (
|
|
"bytes"
|
|
"context"
|
|
"os"
|
|
"os/exec"
|
|
"time"
|
|
|
|
"git.gensokyo.uk/security/fortify/helper"
|
|
"git.gensokyo.uk/security/fortify/helper/bwrap"
|
|
)
|
|
|
|
const lddTimeout = 2 * time.Second
|
|
|
|
var (
|
|
msgStatic = []byte("Not a valid dynamic program")
|
|
msgStaticGlibc = []byte("not a dynamic executable")
|
|
)
|
|
|
|
func Exec(ctx context.Context, p string) ([]*Entry, error) {
|
|
var h helper.Helper
|
|
|
|
if toolPath, err := exec.LookPath("ldd"); err != nil {
|
|
return nil, err
|
|
} else if h, err = helper.NewBwrap(
|
|
(&bwrap.Config{
|
|
Hostname: "fortify-ldd",
|
|
Chdir: "/",
|
|
Syscall: &bwrap.SyscallPolicy{DenyDevel: true, Multiarch: true},
|
|
NewSession: true,
|
|
DieWithParent: true,
|
|
}).Bind("/", "/").DevTmpfs("/dev"), toolPath, false,
|
|
nil, func(_, _ int) []string { return []string{p} },
|
|
nil, nil,
|
|
); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
stdout, stderr := new(bytes.Buffer), new(bytes.Buffer)
|
|
h.Stdout(stdout).Stderr(stderr)
|
|
|
|
c, cancel := context.WithTimeout(ctx, lddTimeout)
|
|
defer cancel()
|
|
if err := h.Start(c, false); err != nil {
|
|
return nil, err
|
|
}
|
|
if err := h.Wait(); err != nil {
|
|
m := stderr.Bytes()
|
|
if bytes.Contains(m, append([]byte(p+": "), msgStatic...)) ||
|
|
bytes.Contains(m, msgStaticGlibc) {
|
|
return nil, nil
|
|
}
|
|
|
|
_, _ = os.Stderr.Write(m)
|
|
return nil, err
|
|
}
|
|
|
|
return Parse(stdout)
|
|
}
|