Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Expand the list of got_audit expected duplicate symbols. #122

Merged
merged 2 commits into from
Feb 25, 2025
Merged

Expand the list of got_audit expected duplicate symbols. #122

merged 2 commits into from
Feb 25, 2025
+91 −10

Conversation

gordonmessmer
Copy link
Contributor

@gordonmessmer gordonmessmer commented Feb 12, 2025
edited
Loading

Description/Motivation/Screenshots

Based on normal audits of Fedora binaries, the set of expected duplicate symbols has been expanded.

In order to reduce false positives in GotAudit, the build_line function requires the path to the file whose symbols are being described. This change will also not print an ERROR condition if a symbol resolves locally, within the section that requires it.

These changes require hugsy/gef/pull/1172

How Has This Been Tested ?

"Tested" indicates that the PR works and the unit test (i.e. make test) run passes without issue.

  • x86-32
  • x86-64
  • ARM
  • AARCH64
  • MIPS
  • POWERPC
  • SPARC
  • RISC-V

Checklist

  • My code follows the code style of this project.
  • My change includes a change to the documentation, if required.
  • If my change adds new code,
    adequate tests have been added.
  • I have read and agree to the
    CONTRIBUTING document.

@gordonmessmer gordonmessmer mentioned this pull request Feb 12, 2025
Merged
4 tasks
Grazfather
Grazfather reviewed Feb 17, 2025
View reviewed changes
Grazfather
Grazfather reviewed Feb 18, 2025
View reviewed changes
Grazfather pushed a commit to hugsy/gef that referenced this pull request Feb 24, 2025
@gordonmessmer
Add a path argument to GotCommand build_line to support hugsy/gef-ext…
265f22e 
…ras/pull/122 (#1172)

Add a path argument to GotCommand build_line to support updates in
GotAudit.

Related changes in hugsy/gef-extras/pull/122

In order to reduce false positives in GotAudit, the build_line function
requires the path to the file whose symbols are being described.
hugsy
hugsy requested changes Feb 24, 2025
View reviewed changes
Copy link
Owner

@hugsy hugsy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The code looks good, but can you update the got-audit test to test those changes?

@gordonmessmer
Copy link
Contributor Author

That's definitely an interesting question. :)

I think that updating the test would involve adding a new binary that uses at least one of the duplicate symbols, and links to a library that duplicates them. But that starts to get very platform-specific, and it's difficult to determine in testing whether a duplicate symbol is correctly allowed, or if there is simply no symbol duplication.

That might be easier if the list of symbols were loaded from a configuration file or something along those lines. (I really don't think hard-coding the set is a good long-term solution.) But I'm not sure what would be idomatic for this project, so if you have any suggestions on how you'd like to see the allowed set of symbols specified, I'd appreciate the feedback.

@hugsy
Copy link
Owner

hugsy commented Feb 25, 2025

I think that updating the test would involve adding a new binary that uses at least one of the duplicate symbols, and links to a library that duplicates them. But that starts to get very platform-specific, and it's difficult to determine in testing whether a duplicate symbol is correctly allowed, or if there is simply no symbol duplication.

Fair, I didn't think of that. That might be a lot of effort for little gain, so for now disregard my previous comment.

That might be easier if the list of symbols were loaded from a configuration file or something along those lines

True, but let's move there only if/when there's a need for it.

Thanks for the PR(s) @gordonmessmer

@hugsy hugsy merged commit 954ed58 into hugsy:main Feb 25, 2025
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Grazfather Grazfather Grazfather approved these changes

@hugsy hugsy hugsy approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@gordonmessmer @hugsy @Grazfather