1#!/bin/sh 2# find_elf4tmp utility 3# Copyright (c) 2010-12 Steve Grubb. ALL RIGHTS RESERVED. 4# sgrubb@redhat.com 5# 6# This software may be freely redistributed under the terms of the GNU 7# public license. 8# 9# You should have received a copy of the GNU General Public License 10# along with this program; if not, write to the Free Software 11# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 12 13# This script will search a directory and its subdirectories for all elf 14# executables. It will then search for the use of the tmp directory. If it finds 15# this is true, it will then check to see if XXX is being used which would 16# indicate that the path is going to be randomized. 17 18if [ $# -ge 2 ] ; then 19 echo "Usage: find_elf4tmp [directory]" 1>&2 20 exit 1 21fi 22if [ ! -x /usr/bin/strings ] ; then 23 echo "Skipping due to missing /usr/bin/eu-strings utility" 24 exit 1 25fi 26if [ -h /bin ] ; then 27 DIRS="/usr/bin /usr/sbin /usr/libexec /usr/kerberos /usr/games /usr/lib /usr/lib64 /usr/local" 28else 29 DIRS="/bin /sbin /usr/bin /usr/sbin /usr/libexec /usr/kerberos /usr/games /lib /lib64 /usr/lib /usr/lib64 /usr/local" 30fi 31if [ $# -eq 1 ] ; then 32 if [ -d "$1" ] ; then 33 DIRS="$1" 34 else 35 echo "Option passed in was not a directory" 1>&2 36 exit 1 37 fi 38fi 39 40FOUND=0 41for d in $DIRS 42do 43 if [ ! -d $d ] ; then 44 continue 45 fi 46# echo "Scanning files in $d..." 47 for f in `/usr/bin/find $d -type f 2>/dev/null` 48 do 49 # Get just the elf executables 50 testf=`echo $f | /usr/bin/file -n -f - 2>/dev/null | grep ELF` 51 if [ x"$testf" != "x" ] ; then 52 test_res=`/usr/bin/strings $f | /bin/grep '/tmp/' | /bin/egrep -v 'XX|/tmp/$|[ .,:]/tmp/'` 53 if [ x"$test_res" = "x" ] ; then 54 continue 55 fi 56 57 # Do further examination... 58 syms=`/usr/bin/readelf -s $f 2>/dev/null | egrep ' mkstemp@.*GLIBC| tempnam@.*GLIBC| tmpfile@.*GLIBC'` 59 if [ x"$syms" != "x" ] ; then 60 continue 61 fi 62 63 # Well its a bad one...out with it 64 FOUND=1 65 66 # Get the package 67 RPM=`/bin/rpm -qf --queryformat "%{NAME}-%{VERSION}" $f 2>/dev/null | /bin/grep -v 'not owned' | /usr/bin/sort | /usr/bin/uniq` 68 if [ x"$RPM" = "x" ] ; then 69 RPM="<unowned>" 70 fi 71 72 # For each tmp string, output the line 73 echo $test_res | /usr/bin/tr '\b' '\n' | /usr/bin/awk 'NF >= 1 { printf "%-46s\t%-30s\t%s\n", f, r, $1 }' r=$RPM f=$f 74 fi 75 done 76done 77if [ $FOUND -eq 0 ] ; then 78 # Nothing to report, just exit 79 echo "No problems found" 1>&2 80 exit 0 81fi 82exit 1 83 84 85