highperfocused/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-11-26 14:00:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

contrib: add macho branch protection check

Browse Source
This commit is contained in:
fanquake
2024-01-03 17:16:16 +00:00
parent 65c05db660
commit 5335e454c0
2 changed files with 15 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
contrib/devtools/security-check.py
View File

@@ -192,6 +192,16 @@ def check_MACHO_control_flow(binary) -> bool:
return True
return False
def check_MACHO_branch_protection(binary) -> bool:
'''
Check for branch protection instrumentation
'''
content = binary.get_content_from_virtual_address(binary.entrypoint, 4, lief.Binary.VA_TYPES.AUTO)
if content.tolist() == [95, 36, 3, 213]: # bti
return True
return False
BASE_ELF = [
('PIE', check_PIE),
('NX', check_NX),
@@ -231,7 +241,7 @@ CHECKS = {
lief.ARCHITECTURES.X86: BASE_MACHO + [('PIE', check_PIE),
('NX', check_NX),
('CONTROL_FLOW', check_MACHO_control_flow)],
lief.ARCHITECTURES.ARM64: BASE_MACHO,
lief.ARCHITECTURES.ARM64: BASE_MACHO + [('BRANCH_PROTECTION', check_MACHO_branch_protection)],
}
}