Instead of pulling prelink as a dependency, use a pure python library, pyelftools, for reading the program headers. This could be useful elsewhere to replace parsing of things such as readelf. --- This relies on a pure python ELF parsing lib I found, pyelftools, to do the job of prelink's execstack. I sort of pieced this together from example code in pyelftools, so I'm not sure it's all that wonderful, but imo it's better than relying on prelink it does seem to get the job done. Namcap/rules/elffiles.py | 23 +++++++++++++++-------- 1 files changed, 15 insertions(+), 8 deletions(-) diff --git a/Namcap/rules/elffiles.py b/Namcap/rules/elffiles.py index 135b6d5..f8f16ac 100644 --- a/Namcap/rules/elffiles.py +++ b/Namcap/rules/elffiles.py @@ -22,6 +22,8 @@ import os import tempfile import subprocess +from elftools.elf.elffile import ELFFile + from Namcap.util import is_elf, clean_filename from Namcap.ruleclass import * @@ -107,8 +109,9 @@ class ELFExecStackRule(TarballRule): """ Check for executable stacks in ELF files. - Introduced by FS#26458. This uses the execstack utility from - the prelink package. + Introduced by FS#26458. Uses pyelftools to read the GNU_STACK + program header and ensure it does not have the executable bit + set. """ name = "elfexecstack" @@ -123,12 +126,16 @@ class ELFExecStackRule(TarballRule): continue try: - proc = subprocess.Popen(["execstack", tmpname], - stdout=subprocess.PIPE, - stderr=subprocess.PIPE) - out, err = proc.communicate() - if out.startswith(b'X'): - exec_stacks.append(entry.name) + fp = open(tmpname, 'rb') + elffile = ELFFile(fp) + + for segment in elffile.iter_segments(): + if segment['p_type'] != 'PT_GNU_STACK': continue + + mode = segment['p_flags'] + if mode & 1: exec_stacks.append(entry.name) + + fp.close() finally: os.unlink(tmpname) -- 1.7.9