This tool does check compiled elf-files (and all dependencies) against given rules. Objectives are
- check for discouraged functions (e.g. strcpy)
- check for combinations of symbols (e.g. mutex and pthreads)
usage: pysymbolcheck [-h] [--libpath LIBPATH] rules file
Eval symbols of a binary against given rules
positional arguments:
rules Path to a rule file
file File to parse
optional arguments:
-h, --help show this help message and exit
--libpath LIBPATH ":" separated path to lookup librariesa rule file consists of a json-array, like this
[]within this n element of the following can be added
{ "severity": "error", "id": "A_Unique_ID", "msg": "some message", "rule", "<rule>" }for severity it is advised to use only info, warning or error
A rule can consist of any logical combined operation such as
((A && B) || (C && D )) && !E
to get the needed information following keywords are implemented
| keyword | variables | purpose | example |
|---|---|---|---|
| AVAILABLE() | symbol-name | check if a symbol is defined in the binary or any referenced lib | AVAILABLE(strncpy) |
| USED() | symbol-name | check if a symbol is used by some binary or lib | USED(strncpy) |
| SIZE() | symbol-name | get the size in bytes of a symbol | SIZE(strncpy) |
| TYPE() | symbol-name | get the type in bytes of a symbol | TYPE(strncpy) |
| && | n.a. | logical and | A && B |
| || | n.a. | logical or | A || B |
| ! | n.a. | not operator | !A |