admin/brew
1
0
Fork 0
Code Issues Packages Projects Releases 6 Wiki Activity

Incorporate suggestions from feedback

Browse Source 
1. Never install `binutils`. Instead, report an audit failure.
2. Tighten instruction check with a stricter matching strategy.
This commit is contained in:
Carlo Cabrera 2021-07-05 17:47:20 +01:00
parent c59a42b24e
commit 63aa192088
No known key found for this signature in database
GPG Key ID: C74D447FC549A1D0
1 changed files with 17 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
Library/Homebrew/formula_cellar_checks.rb
View File

@ -298,19 +298,17 @@ module FormulaCellarChecks
objdump ||= Formula["binutils"].opt_bin/"objdump" if Formula["binutils"].any_version_installed? objdump ||= Formula["binutils"].opt_bin/"objdump" if Formula["binutils"].any_version_installed?
objdump ||= which("objdump") objdump ||= which("objdump")
objdump ||= which("objdump", ENV["HOMEBREW_PATH"]) objdump ||= which("objdump", ENV["HOMEBREW_PATH"])
objdump ||= begin
# If the system provides no `objdump`, install binutils instead of llvm since unless objdump
# binutils is smaller and has fewer dependencies. return <<~EOS
ohai "Installing `binutils` for `cpuid` instruction check..." No `objdump` found, so cannot check for a `cpuid` instruction. Install `objdump` with
safe_system HOMEBREW_BREW_FILE, "install", "binutils" brew install binutils
Formula["binutils"].opt_bin/"objdump" EOS
end end
keg = Keg.new(formula.prefix) keg = Keg.new(formula.prefix)
has_cpuid_instruction = false has_cpuid_instruction = keg.binary_executable_or_library_files.any? do |file|
keg.binary_executable_or_library_files.each do |file| cpuid_instruction?(file, objdump)
has_cpuid_instruction = cpuid_instruction?(file, objdump)
break if has_cpuid_instruction
end end
return if has_cpuid_instruction return if has_cpuid_instruction
@ -347,10 +345,18 @@ module FormulaCellarChecks
end end
def cpuid_instruction?(file, objdump = "objdump") def cpuid_instruction?(file, objdump = "objdump")
@instruction_column_index ||= {}
@instruction_column_index[objdump] ||= if Utils.popen_read(objdump, "--version").include? "LLVM"
1 # `llvm-objdump` or macOS `objdump`
else
2 # GNU binutils `objdump`
end
has_cpuid_instruction = false has_cpuid_instruction = false
Utils.popen_read(objdump, "--disassemble", file) do |io| Utils.popen_read(objdump, "--disassemble", file) do |io|
until io.eof? until io.eof?
has_cpuid_instruction = io.readline.include? "cpuid" instruction = io.readline.split("\t")[@instruction_column_index[objdump]]&.chomp
has_cpuid_instruction = instruction.match?(/^cpuid(\s+|$)/) if instruction
break if has_cpuid_instruction break if has_cpuid_instruction
end end
end end