Skip to content

Commit

Permalink
Removed offline fortify_source check
Browse files Browse the repository at this point in the history
  • Loading branch information
lennarthenke committed Oct 25, 2023
1 parent e0dc06d commit 32b8982
Show file tree
Hide file tree
Showing 3 changed files with 0 additions and 15 deletions.
11 changes: 0 additions & 11 deletions src/plugins/analysis/checksec/code/checksec.py
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,6 @@ def check_mitigations(file_path):
check_nx(file_path, mitigations, summary, checksec_result)
check_canary(file_path, mitigations, summary, checksec_result)
check_pie(file_path, mitigations, summary, checksec_result)
check_fortify_source(file_path, mitigations, summary, checksec_result)
check_clang_cfi(file_path, mitigations, summary, checksec_result)
check_clang_safestack(file_path, mitigations, summary, checksec_result)
check_stripped_symbols(file_path, mitigations, summary, checksec_result)
Expand All @@ -78,16 +77,6 @@ def check_relro(file_path, mitigations, summary, checksec_result):
mitigations.update({'RELRO': 'disabled'})


def check_fortify_source(file_path, mitigations, summary, checksec_result):
if checksec_result['fortify_source'] == 'yes':
summary.update({'FORTIFY_SOURCE enabled': file_path})
mitigations.update({'FORTIFY_SOURCE': 'enabled'})

elif checksec_result['fortify_source'] == 'no':
summary.update({'FORTIFY_SOURCE disabled': file_path})
mitigations.update({'FORTIFY_SOURCE': 'disabled'})


def check_pie(file_path, mitigations, summary, checksec_result):
if checksec_result['pie'] == 'yes':
summary.update({'PIE enabled': file_path})
Expand Down
Binary file not shown.
4 changes: 0 additions & 4 deletions src/plugins/analysis/checksec/test/test_plugin_checksec.py
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@
check_canary,
check_clang_cfi,
check_clang_safestack,
check_fortify_source,
check_nx,
check_pie,
check_relro,
Expand All @@ -27,7 +26,6 @@
FILE_PATH_EXE_CANARY = PLUGIN_DIR / 'test/data/Hallo_Canary'
FILE_PATH_EXE_SAFESTACK = PLUGIN_DIR / 'test/data/Hallo_SafeStack'
FILE_PATH_EXE_NO_PIE = PLUGIN_DIR / 'test/data/Hallo_no_pie'
FILE_PATH_EXE_FORTIFY = PLUGIN_DIR / 'test/data/Hallo_Fortify'
FILE_PATH_EXE_RUNPATH = PLUGIN_DIR / 'test/data/Hallo_runpath'
FILE_PATH_EXE_RPATH = PLUGIN_DIR / 'test/data/Hallo_rpath'
FILE_PATH_EXE_STRIPPED = PLUGIN_DIR / 'test/data/Hallo_stripped'
Expand Down Expand Up @@ -62,8 +60,6 @@ def test_check_mitigations(analysis_plugin):
(FILE_PATH_OBJECT, check_nx, {'NX': 'disabled'}, 'NX disabled'),
(FILE_PATH_EXE, check_canary, {'CANARY': 'disabled'}, 'CANARY disabled'),
(FILE_PATH_EXE_CANARY, check_canary, {'CANARY': 'enabled'}, 'CANARY enabled'),
(FILE_PATH_EXE, check_fortify_source, {'FORTIFY_SOURCE': 'disabled'}, 'FORTIFY_SOURCE disabled'),
(FILE_PATH_EXE_FORTIFY, check_fortify_source, {'FORTIFY_SOURCE': 'enabled'}, 'FORTIFY_SOURCE enabled'),
(FILE_PATH_EXE, check_clang_cfi, {'CLANGCFI': 'disabled'}, 'CLANGCFI disabled'),
# TODO: Test CLANCFI: enabled
(FILE_PATH_EXE, check_clang_safestack, {'SAFESTACK': 'disabled'}, 'SAFESTACK disabled'),
Expand Down

0 comments on commit 32b8982

Please sign in to comment.