-
Notifications
You must be signed in to change notification settings - Fork 21
/
audit-rpath-libs.sh
executable file
·50 lines (40 loc) · 1.48 KB
/
audit-rpath-libs.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
#!/usr/bin/env bash
dir="$1"
if [[ -z "$dir" ]]; then
echo "Please specify a directory"
exit 1
fi
if [[ ! -d "${dir}" ]]; then
echo "Please specify a real directory"
exit 1
fi
# Find a non-anemic grep
GREP=$(command -v grep 2>/dev/null)
if [[ -d /usr/gnu/bin ]]; then
GREP=/usr/gnu/bin/grep
fi
if [[ $(uname -s | $GREP Darwin) ]]; then
LIB_EXT='*\.dylib*'
else
LIB_EXT='*\.so*'
fi
# Find libfoo.so* files using the shell wildcard. Some libraries
# are _not_ executable and get missed in the do loop.
IFS= find "$dir" -type f -name "$LIB_EXT" -print | while read -r file
do
if [[ ! $(file -i "$file" | $GREP -E "regular|application") ]]; then continue; fi
echo "****************************************"
echo "$file:"
echo ""
if [[ $(command -v readelf 2>/dev/null) ]]; then
readelf -d "$file" | $GREP -E 'RPATH|RUNPATH' | tr '\t' ' ' | sed 's/ */ /g' | cut -d ' ' -f 3,6
elif [[ $(command -v otool 2>/dev/null) ]]; then
otool -l "$file" | $GREP -A 2 -E 'RPATH|RUNPATH' | $GREP -E 'RPATH|RUNPATH|path' | tr '\t' ' ' | sed 's/ */ /g' | cut -d ' ' -f 3
elif [[ $(command -v dump 2>/dev/null) ]]; then
dump -Lv "$file" | $GREP -E 'RPATH|RUNPATH' | tr '\t' ' ' | sed 's/ */ /g' | cut -d ' ' -f 2,3
elif [[ $(command -v elfdump 2>/dev/null) ]]; then
elfdump "$file" | $GREP -E 'RPATH|RUNPATH' | tr '\t' ' ' | sed 's/ */ /g' | cut -d ' ' -f 3,5
fi
done
echo "****************************************"
exit 0