summaryrefslogtreecommitdiff
path: root/build/win32/autobinscope.py
blob: fdba68e0c375615e866f90e3f67eeb12753dc7c6 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
#!/usr/bin/env python

# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.

# run Microsoft's Binscope tool (http://www.microsoft.com/download/en/details.aspx?id=11910)
# against a fresh Windows build. output a 'binscope.log' file with full details
# of the run and appropriate strings to integrate with the buildbots

# from the docs : "The error code returned when running under the command line is equal 
# to the number of failures the tool reported plus the number of errors. BinScope will return 
# 0 only if there are no errors or failures."

# the symbol dir should point to the symbol dir hierarchy created
# via running make buildsymbols in a windows build's objdir

import sys
import subprocess
import os

BINSCOPE_OUTPUT_LOGFILE = r".\binscope_xml_output.log"

# usage
if len(sys.argv) < 3:
  print """usage : autobinscope.by path_to_binary path_to_symbols [log_file_path]"
		log_file_path is optional, log will be written to .\binscope_xml_output.log by default"""
  sys.exit(0)

binary_path = sys.argv[1]
symbol_path = sys.argv[2]

if len(sys.argv) == 4:
  log_file_path = sys.argv[3]
else:
  log_file_path = BINSCOPE_OUTPUT_LOGFILE
  
# execute binscope against the binary, using the BINSCOPE environment
# variable as the path to binscope.exe
try:
  binscope_path = os.environ['BINSCOPE']
except KeyError:
  print "BINSCOPE environment variable is not set, can't check DEP/ASLR etc. status."
  sys.exit(0)
  
try:    
  proc = subprocess.Popen([binscope_path, "/target", binary_path,
    "/output", log_file_path, "/sympath", symbol_path,
    "/c", "ATLVersionCheck", "/c", "ATLVulnCheck", "/c", "SharedSectionCheck", "/c", "APTCACheck", "/c", "NXCheck",
    "/c", "GSCheck", "/c", "GSFriendlyInitCheck",
    "/c", "CompilerVersionCheck", "/c", "SafeSEHCheck", "/c", "SNCheck",
    "/c", "DBCheck"], stdout=subprocess.PIPE)

except WindowsError, (errno, strerror): 
  if errno != 2 and errno != 3:
    print "Unexpected error ! \nError " + str(errno) + " : " + strerror + "\nExiting !\n"
    sys.exit(0)
  else:
    print "Could not locate binscope at location : %s\n" % binscope_path
    print "Binscope wasn't installed or the BINSCOPE env variable wasn't set correctly, skipping this check and exiting..."
    sys.exit(0)

proc.wait()

output = proc.communicate()[0]

# is this a PASS or a FAIL ? 
if proc.returncode != 0:
  print "Error count: %d" % proc.returncode
  print "TEST-UNEXPECTED-FAIL | autobinscope.py | %s is missing a needed Windows protection, such as /GS or ASLR" % binary_path
  logfile = open(log_file_path, "r")
  for line in logfile:
    print(line),
else:
  print "TEST-PASS | autobinscope.py | %s succeeded" % binary_path