Skip to content

Commit 42b589d

Browse files
committed
scripts: test for MACHO control flow instrumentation
1 parent 469a5bc commit 42b589d

File tree

2 files changed

+22
-6
lines changed

2 files changed

+22
-6
lines changed

contrib/devtools/security-check.py

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -188,6 +188,19 @@ def check_NX(executable) -> bool:
188188
binary = lief.parse(executable)
189189
return binary.has_nx
190190

191+
def check_control_flow(executable) -> bool:
192+
'''
193+
Check for control flow instrumentation
194+
'''
195+
binary = lief.parse(executable)
196+
197+
content = binary.get_content_from_virtual_address(binary.entrypoint, 4, lief.Binary.VA_TYPES.AUTO)
198+
199+
if content == [243, 15, 30, 250]: # endbr64
200+
return True
201+
return False
202+
203+
191204
CHECKS = {
192205
'ELF': [
193206
('PIE', check_ELF_PIE),
@@ -208,7 +221,8 @@ def check_NX(executable) -> bool:
208221
('NOUNDEFS', check_MACHO_NOUNDEFS),
209222
('NX', check_NX),
210223
('LAZY_BINDINGS', check_MACHO_LAZY_BINDINGS),
211-
('Canary', check_MACHO_Canary)
224+
('Canary', check_MACHO_Canary),
225+
('CONTROL_FLOW', check_control_flow),
212226
]
213227
}
214228

contrib/devtools/test-security-check.py

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -77,16 +77,18 @@ def test_MACHO(self):
7777
write_testcode(source)
7878

7979
self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-no_pie','-Wl,-flat_namespace','-Wl,-allow_stack_execute','-fno-stack-protector']),
80-
(1, executable+': failed PIE NOUNDEFS NX LAZY_BINDINGS Canary'))
80+
(1, executable+': failed PIE NOUNDEFS NX LAZY_BINDINGS Canary CONTROL_FLOW'))
8181
self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-no_pie','-Wl,-flat_namespace','-Wl,-allow_stack_execute','-fstack-protector-all']),
82-
(1, executable+': failed PIE NOUNDEFS NX LAZY_BINDINGS'))
82+
(1, executable+': failed PIE NOUNDEFS NX LAZY_BINDINGS CONTROL_FLOW'))
8383
self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-no_pie','-Wl,-flat_namespace','-fstack-protector-all']),
84-
(1, executable+': failed PIE NOUNDEFS LAZY_BINDINGS'))
84+
(1, executable+': failed PIE NOUNDEFS LAZY_BINDINGS CONTROL_FLOW'))
8585
self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-no_pie','-fstack-protector-all']),
86-
(1, executable+': failed PIE LAZY_BINDINGS'))
86+
(1, executable+': failed PIE LAZY_BINDINGS CONTROL_FLOW'))
8787
self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-no_pie','-Wl,-bind_at_load','-fstack-protector-all']),
88+
(1, executable+': failed PIE CONTROL_FLOW'))
89+
self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-no_pie','-Wl,-bind_at_load','-fstack-protector-all', '-fcf-protection=full']),
8890
(1, executable+': failed PIE'))
89-
self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-pie','-Wl,-bind_at_load','-fstack-protector-all']),
91+
self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-pie','-Wl,-bind_at_load','-fstack-protector-all', '-fcf-protection=full']),
9092
(0, ''))
9193

9294
clean_files(source, executable)

0 commit comments

Comments
 (0)