webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-10 19:15:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
9e44d2ccf445bd56168141a8f08bd722daaa3bf1
bpfire/src/stripper
Michael Tremer 8ac8abb269 stripper: Strip any PIE executables 
Fixes: #12894
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
2022-07-06 09:57:22 +00:00

81 lines
1.6 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
paths=()
excludes=()
strip="strip"
break_on_error="1"
while [ $# -gt 0 ]; do
case "${1}" in
--strip=*)
strip="${1#*=}"
;;
--exclude=*)
if [ -n "${1#*=}" ]; then
excludes+=( "!" "-path" "${1#*=}" "!" "-path" "${1#*=}/*" )
fi
;;
--ignore-errors)
break_on_error="0"
;;
*)
paths+=( "${1}" )
;;
esac
shift
done
function _strip() {
local file="${1}"
local args=()
# Fetch the filetype
local type="$(readelf -h "${file}" 2>/dev/null)"
case "${type}" in
# Libraries and Relocatable binaries
*Type:*"DYN (Shared object file)"*)
args+=( "--strip-all" )
;;
*Type:*"DYN (Position-Independent Executable file)"*)
args+=( "--strip-all" )
;;
# Binaries
*Type:*"EXEC (Executable file)"*)
args+=( "--strip-all" )
;;
# Static libraries
*Type:*"REL (Relocatable file)"*)
args+=( "--strip-debug" "--remove-section=.comment" "--remove-section=.note" )
;;
# Skip any unrecognised files
*)
return 0
;;
esac
# Fetch any capabilities
local capabilities="$(getfattr --no-dereference --name="security.capability" \
--absolute-names --dump "${file}" 2>/dev/null)"
echo "Stripping ${file}..."
if ! "${strip}" "${args[@]}" "${file}"; then
return ${break_on_error}
fi
# Restore capabilities
if [ -n "${capabilities}" ]; then
setfattr --no-dereference --restore=<(echo "${capabilities}")
fi
}
for path in ${paths[@]}; do
for file in $(find -H "${path}" -xdev "${excludes[@]}" -type f \( -perm -0100 -or -perm -0010 -or -perm -0001 \) 2>/dev/null); do
_strip "${file}" || exit $?
done
done
Reference in New Issue View Git Blame Copy Permalink