|
15 | 15 | import os |
16 | 16 | from typing import List, Optional |
17 | 17 |
|
| 18 | +import lief |
18 | 19 | import pixie |
19 | 20 |
|
20 | 21 | # Debian 8 (Jessie) EOL: 2020. https://wiki.debian.org/DebianReleases#Production_Releases |
|
53 | 54 | } |
54 | 55 | CPPFILT_CMD = os.getenv('CPPFILT', '/usr/bin/c++filt') |
55 | 56 | OBJDUMP_CMD = os.getenv('OBJDUMP', '/usr/bin/objdump') |
56 | | -OTOOL_CMD = os.getenv('OTOOL', '/usr/bin/otool') |
57 | 57 |
|
58 | 58 | # Allowed NEEDED libraries |
59 | 59 | ELF_ALLOWED_LIBRARIES = { |
@@ -203,24 +203,13 @@ def check_ELF_libraries(filename) -> bool: |
203 | 203 | ok = False |
204 | 204 | return ok |
205 | 205 |
|
206 | | -def macho_read_libraries(filename) -> List[str]: |
207 | | - p = subprocess.Popen([OTOOL_CMD, '-L', filename], stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE, universal_newlines=True) |
208 | | - (stdout, stderr) = p.communicate() |
209 | | - if p.returncode: |
210 | | - raise IOError('Error opening file') |
211 | | - libraries = [] |
212 | | - for line in stdout.splitlines(): |
213 | | - tokens = line.split() |
214 | | - if len(tokens) == 1: # skip executable name |
215 | | - continue |
216 | | - libraries.append(tokens[0].split('/')[-1]) |
217 | | - return libraries |
218 | | - |
219 | 206 | def check_MACHO_libraries(filename) -> bool: |
220 | 207 | ok: bool = True |
221 | | - for dylib in macho_read_libraries(filename): |
222 | | - if dylib not in MACHO_ALLOWED_LIBRARIES: |
223 | | - print('{} is not in ALLOWED_LIBRARIES!'.format(dylib)) |
| 208 | + binary = lief.parse(filename) |
| 209 | + for dylib in binary.libraries: |
| 210 | + split = dylib.name.split('/') |
| 211 | + if split[-1] not in MACHO_ALLOWED_LIBRARIES: |
| 212 | + print(f'{split[-1]} is not in ALLOWED_LIBRARIES!') |
224 | 213 | ok = False |
225 | 214 | return ok |
226 | 215 |
|
|
0 commit comments