Tools: fix BIND_NOW check in security-check.py

Previously, the BIND_NOW check would work only if it was the first value in FLAGS.
This commit is contained in:
Conrado Gouvea 2018-07-12 13:16:01 -03:00 committed by GitHub
parent dcb154e5aa
commit 37d363dd4a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -97,7 +97,7 @@ def check_ELF_RELRO(executable):
raise IOError('Error opening file') raise IOError('Error opening file')
for line in stdout.splitlines(): for line in stdout.splitlines():
tokens = line.split() tokens = line.split()
if len(tokens)>1 and tokens[1] == '(BIND_NOW)' or (len(tokens)>2 and tokens[1] == '(FLAGS)' and 'BIND_NOW' in tokens[2]): if len(tokens)>1 and tokens[1] == '(BIND_NOW)' or (len(tokens)>2 and tokens[1] == '(FLAGS)' and 'BIND_NOW' in tokens[2:]):
have_bindnow = True have_bindnow = True
return have_gnu_relro and have_bindnow return have_gnu_relro and have_bindnow