1#!/bin/sh 2# 3# find-execstack utility 4# Copyright (c) 2007 Steve Grubb. ALL RIGHTS RESERVED. 5# sgrubb@redhat.com 6# 7# This software may be freely redistributed under the terms of the GNU 8# public license. 9# 10# You should have received a copy of the GNU General Public License 11# along with this program; if not, write to the Free Software 12# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 13# 14# This program looks for executable stacks 15# 16 17libdirs="/lib /lib64 /usr/lib /usr/lib64" 18progdirs="/bin /sbin /usr/bin /usr/sbin /usr/libexec" 19FOUND=0 20 21# First param is which list to use, second is search pattern 22scan () { 23if [ "$1" = "1" ] ; then 24 dirs=$libdirs 25elif [ "$1" = "2" ] ; then 26 dirs=$progdirs 27fi 28 29for d in $dirs ; do 30 if [ ! -d $d ] ; then 31 continue 32 fi 33 files=`/usr/bin/find $d -name "$2" -type f 2>/dev/null` 34 for f in $files 35 do 36 FOUND_ONE=0 37 stacks=`/usr/bin/eu-readelf -l $f 2>/dev/null | grep STACK` 38 if [ x"$stacks" != "x" ] ; then 39 perms=`echo $stacks | /bin/awk '{ print $7 }'` 40 if [ x"$perms" != x -a "$perms" != "RW" ] ; then 41 FOUND_ONE=1 42 fi 43 fi 44 old_stacks=`echo $stacks | /bin/grep -v GNU_STACK` 45 if [ x"$old_stacks" != "x" ] ; then 46 FOUND_ONE=1 47 fi 48 heaps=`/usr/bin/eu-readelf -l $f 2>/dev/null | grep GNU_HEAP` 49 if [ x"$heaps" != "x" ] ; then 50 FOUND_ONE=1 51 fi 52 if [ $FOUND_ONE = 1 ] ; then 53 printf "%-42s" $f 54 rpm -qf --queryformat "%{SOURCERPM}" $f 55 echo 56 FOUND=1 57 fi 58 done 59done 60} 61 62scan 1 '*.so' 63scan 2 '*' 64 65if [ $FOUND -eq 0 ] ; then 66 # Nothing to report, just exit 67 echo "No problems found" 1>&2 68 exit 0 69fi 70exit 1 71 72 73