bryson/pacman
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
pacman/scripts/libmakepkg/tidy/strip.sh.in
Eli Schwartz 88d054093c makepkg: don't let the strip routine mess up file attributes 
It updates the stripped/objcopied file by creating a temp file,
chown/chmodding it, and replacing the original file. But upstream
binutils has CVE-worthy issues with this if running strip as root, and
some recent versions of strip don't play nicely with fakeroot.

Also, this has always destroyed xattrs. :/

Sidestep the issue by telling strip/objcopy to write to a temporary
file, and manually dump the contents of that back into the original
binary. Since the original binary is intact, albeit with different
contents, it retains its correct attributes in fakeroot.

Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
2021-02-08 14:22:55 +10:00

144 lines
4.3 KiB
Bash
Raw Blame History

#!/bin/bash
#
# strip.sh - Strip debugging symbols from binary files
#
# Copyright (c) 2007-2020 Pacman Development Team <pacman-dev@archlinux.org>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
[[ -n "$LIBMAKEPKG_TIDY_STRIP_SH" ]] && return
LIBMAKEPKG_TIDY_STRIP_SH=1
LIBRARY=${LIBRARY:-'@libmakepkgdir@'}
source "$LIBRARY/util/message.sh"
source "$LIBRARY/util/option.sh"
packaging_options+=('strip' 'debug')
tidy_modify+=('tidy_strip')
build_id() {
LANG=C readelf -n "$1" | sed -n '/Build ID/ { s/.*: //p; q; }'
}
source_files() {
LANG=C readelf "$1" --debug-dump | \
awk '/DW_AT_name +:/{name=$8}/DW_AT_comp_dir +:/{{if (name == "<artificial>") next}{if (name !~ /^[<\/]/) {printf "%s/", $8}}{print name}}'
}
strip_file() {
local binary=$1; shift
if check_option "debug" "y"; then
local bid=$(build_id "$binary")
# has this file already been stripped
if [[ -n "$bid" ]]; then
if [[ -f "$dbgdir/.build-id/${bid:0:2}/${bid:2}.debug" ]]; then
return
fi
elif [[ -f "$dbgdir/$binary.debug" ]]; then
return
fi
# copy source files to debug directory
local file dest t
while IFS= read -r t; do
file=${t/${dbgsrcdir}/"$srcdir"}
dest="${dbgsrc/"$dbgsrcdir"/}$t"
if ! [[ -f $dest ]]; then
mkdir -p "${dest%/*}"
cp -- "$file" "$dest"
fi
done < <(source_files "$binary")
# copy debug symbols to debug directory
mkdir -p "$dbgdir/${binary%/*}"
objcopy --only-keep-debug "$binary" "$dbgdir/$binary.debug"
local tempfile=$(mktemp "$binary.XXXXXX")
objcopy --add-gnu-debuglink="$dbgdir/${binary#/}.debug" "$binary" "$tempfile"
cat "$tempfile" > "$binary"
rm "$tempfile"
# create any needed hardlinks
while IFS= read -rd '' file ; do
if [[ "${binary}" -ef "${file}" && ! -f "$dbgdir/${file}.debug" ]]; then
mkdir -p "$dbgdir/${file%/*}"
ln "$dbgdir/${binary}.debug" "$dbgdir/${file}.debug"
fi
done < <(find . -type f -perm -u+w -print0 2>/dev/null)
if [[ -n "$bid" ]]; then
local target
mkdir -p "$dbgdir/.build-id/${bid:0:2}"
target="../../../../../${binary#./}"
target="${target/..\/..\/usr\/lib\/}"
target="${target/..\/usr\/}"
ln -s "$target" "$dbgdir/.build-id/${bid:0:2}/${bid:2}"
target="../../${binary#./}.debug"
ln -s "$target" "$dbgdir/.build-id/${bid:0:2}/${bid:2}.debug"
fi
fi
local tempfile=$(mktemp "$binary.XXXXXX")
if strip "$@" "$binary" -o "$tempfile"; then
cat "$tempfile" > "$binary"
fi
rm -f "$tempfile"
}
tidy_strip() {
if check_option "strip" "y"; then
msg2 "$(gettext "Stripping unneeded symbols from binaries and libraries...")"
# make sure library stripping variables are defined to prevent excess stripping
[[ -z ${STRIP_SHARED+x} ]] && STRIP_SHARED="-S"
[[ -z ${STRIP_STATIC+x} ]] && STRIP_STATIC="-S"
if check_option "debug" "y"; then
dbgdir="$pkgdirbase/$pkgbase-@DEBUGSUFFIX@/usr/lib/debug"
dbgsrcdir="${DBGSRCDIR:-/usr/src/debug}"
dbgsrc="$pkgdirbase/$pkgbase-@DEBUGSUFFIX@$dbgsrcdir"
mkdir -p "$dbgdir" "$dbgsrc"
fi
local binary strip_flags
find . -type f -perm -u+w -print0 2>/dev/null | while IFS= read -rd '' binary ; do
case "$(LC_ALL=C readelf -h "$binary" 2>/dev/null)" in
*Type:*'DYN (Shared object file)'*) # Libraries (.so) or Relocatable binaries
strip_flags="$STRIP_SHARED";;
*Type:*'EXEC (Executable file)'*) # Binaries
strip_flags="$STRIP_BINARIES";;
*Type:*'REL (Relocatable file)'*) # Libraries (.a) or objects
if ar t "$binary" &>/dev/null; then # Libraries (.a)
strip_flags="$STRIP_STATIC"
elif [[ $binary = *'.ko' ]]; then # Kernel module
strip_flags="$STRIP_SHARED"
else
continue
fi
;;
*)
continue ;;
esac
strip_file "$binary" ${strip_flags}
done
fi
}
Reference in a new issue View git blame Copy permalink