mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-24 05:11:16 +00:00
02a7b4ebdf
Allow-list all Python code in tree for use with the black linter, and re-format all code in-tree accordingly. To produce this patch I did all of the following: 1. Make changes to tools/lint/black.yml to remove include: stanza and update list of source extensions. 2. Run ./mach lint --linter black --fix 3. Make some ad-hoc manual updates to python/mozbuild/mozbuild/test/configure/test_configure.py -- it has some hard-coded line numbers that the reformat breaks. 4. Make some ad-hoc manual updates to `testing/marionette/client/setup.py`, `testing/marionette/harness/setup.py`, and `testing/firefox-ui/harness/setup.py`, which have hard-coded regexes that break after the reformat. 5. Add a set of exclusions to black.yml. These will be deleted in a follow-up bug (1672023). # ignore-this-changeset Differential Revision: https://phabricator.services.mozilla.com/D94045
85 lines
2.0 KiB
Python
85 lines
2.0 KiB
Python
#!/usr/bin/env python
|
|
|
|
# This Source Code Form is subject to the terms of the Mozilla Public
|
|
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
# run the Winchecksec tool (https://github.com/trailofbits/winchecksec)
|
|
# against a given Windows binary.
|
|
|
|
import buildconfig
|
|
import json
|
|
import subprocess
|
|
import sys
|
|
|
|
# usage
|
|
if len(sys.argv) != 2:
|
|
print("""usage : autowinchecksec.by path_to_binary""")
|
|
sys.exit(0)
|
|
|
|
binary_path = sys.argv[1]
|
|
|
|
# execute winchecksec against the binary, using the WINCHECKSEC environment
|
|
# variable as the path to winchecksec.exe
|
|
try:
|
|
winchecksec_path = buildconfig.substs["WINCHECKSEC"]
|
|
except KeyError:
|
|
print(
|
|
"TEST-UNEXPECTED-FAIL | autowinchecksec.py | WINCHECKSEC environment variable is "
|
|
"not set, can't check DEP/ASLR etc. status."
|
|
)
|
|
sys.exit(1)
|
|
|
|
wine = buildconfig.substs.get("WINE")
|
|
if wine and winchecksec_path.lower().endswith(".exe"):
|
|
cmd = [wine, winchecksec_path]
|
|
else:
|
|
cmd = [winchecksec_path]
|
|
|
|
try:
|
|
result = subprocess.check_output(cmd + ["-j", binary_path], universal_newlines=True)
|
|
|
|
except subprocess.CalledProcessError as e:
|
|
print(
|
|
"TEST-UNEXPECTED-FAIL | autowinchecksec.py | Winchecksec returned error code %d:\n%s"
|
|
% (e.returncode, e.output)
|
|
)
|
|
sys.exit(1)
|
|
|
|
|
|
result = json.loads(result)
|
|
|
|
checks = [
|
|
"aslr",
|
|
"cfg",
|
|
"dynamicBase",
|
|
"gs",
|
|
"isolation",
|
|
"nx",
|
|
"seh",
|
|
]
|
|
|
|
if buildconfig.substs["CPU_ARCH"] == "x86":
|
|
checks += [
|
|
"safeSEH",
|
|
]
|
|
else:
|
|
checks += [
|
|
"highEntropyVA",
|
|
]
|
|
|
|
failed = [c for c in checks if result.get(c) is False]
|
|
|
|
if failed:
|
|
print(
|
|
"TEST-UNEXPECTED-FAIL | autowinchecksec.py | Winchecksec reported %d error(s) for %s"
|
|
% (len(failed), binary_path)
|
|
)
|
|
print(
|
|
"TEST-UNEXPECTED-FAIL | autowinchecksec.py | The following check(s) failed: %s"
|
|
% (", ".join(failed))
|
|
)
|
|
sys.exit(1)
|
|
else:
|
|
print("TEST-PASS | autowinchecksec.py | %s succeeded" % binary_path)
|