| 1 |
Hello, |
| 2 |
|
| 3 |
On Sun, 03 Dec 2017, ckard wrote: |
| 4 |
>On Sun, Dec 3, 2017 at 8:06 PM, <tuxic@××××××.de> wrote: |
| 5 |
>> is there any way to check, whether a compilated binary is using |
| 6 |
>> the position-independant-code feature or is still build according |
| 7 |
>> to old standards? |
| 8 |
> |
| 9 |
>You can use app-admin/checksec to see if different security features are |
| 10 |
>enabled or not. |
| 11 |
|
| 12 |
Nice. For this special use-case (what has been rebuilt with PIE and |
| 13 |
what not), I've extracted a (faster) variant from checksec, though |
| 14 |
it's unclear to me how to discern libs built with PIE and without[1]. |
| 15 |
I guess the linker'll tell me. |
| 16 |
|
| 17 |
==== ~/bin/check-pie ==== |
| 18 |
#!/bin/bash |
| 19 |
for arg; do |
| 20 |
re=$(readelf -h "$arg" 2>/dev/null) |
| 21 |
if printf '%s' -- "$re" | grep -q 'Type:[[:space:]]*EXEC'; then |
| 22 |
pie="no pie" |
| 23 |
elif printf '%s' -- "$re" | grep -q 'Type:[[:space:]]*DYN'; then |
| 24 |
pie=$(readelf -d "$arg" | awk -F':' ' |
| 25 |
$1 ~ /\(FLAGS.*Flags$/ && $2 ~ / PIE/ { print "PIE"; } |
| 26 |
$1 ~ /\(SONAME/ { print "DSO"; }') |
| 27 |
else |
| 28 |
printf "Not an executable: %s\n" "$arg" >&2 |
| 29 |
continue; |
| 30 |
fi |
| 31 |
printf "%s\t%s\n" "$arg" "$pie" |
| 32 |
done |
| 33 |
==== |
| 34 |
|
| 35 |
USAGE is check-pie FILE[S...] |
| 36 |
|
| 37 |
e.g.: |
| 38 |
|
| 39 |
# check-pie /usr/bin/* 2>/dev/null | \ |
| 40 |
awk '/PIE/{PIE++;} |
| 41 |
/no pie/{nopie++}; |
| 42 |
END{ printf("PIE: %i, no PIE:%i\n", PIE, nopie); }' |
| 43 |
|
| 44 |
HTH, |
| 45 |
-dnh |
| 46 |
|
| 47 |
[1] I've built a lib of my own both with -fpie/-fno-pie and compared |
| 48 |
readelf -a outputs, and there's not difference besides offsets. |
| 49 |
|
| 50 |
-- |
| 51 |
Any sufficiently advanced technology is indistinguishable from magic. |
| 52 |
-- Arthur C. Clarke |
Archives