Filewatcher File Search File Search
Catalog
Content Search
» » » » »

blhc

build log hardening check

Perl tool which checks build logs for missing hardening flags. Hardening flags enable additional security features in the compiler to prevent e.g. stack overflows, format string vulnerabilities, GOT overwrites, etc. See e.g. <http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags>.

Because most build systems are quite complicated there are many places where compiler flags from the environment might be ignored. The parser verifies that all compiler commands use the correct hardening flags and thus all hardening features are correctly used.

It's designed to check build logs generated by Debian's dpkg-buildpackage (or tools using dpkg-buildpackage like pbuilder or the official buildd build logs) to help maintainers detect missing hardening flags in their packages.

Homepage:
Package version:0.03+20120626+git93afe23-1
Architecture:all
Distribution:Debian
Filename:blhc_0.03+20120626+git93afe23-1_all.deb

/usr/share/doc/blhc/README.gz

README
======

blhc (build log hardening check) is a small tool which checks build logs for
missing hardening flags. It's licensed under the GPL 3 or later.

Hardening flags enable additional security features in the compiler to prevent
e.g. stack overflows, format string vulnerabilities, GOT overwrites, etc.

Because most build systems are quite complicated there are many places where
compiler fl
more»

/usr/share/doc/blhc/NEWS.gz

NEWS
====

Version 0.03
------------

- Fix --ignore-flag with -fPIE.
- Detect overwrite of -D_FORTIFY_SOURCE=2 with -D_FORTIFY_SOURCE=0 or 1 or
  -U_FORTIFY_SOURCE.

- Add --ignore-arch-flag and --ignore-arch-line options to ignore flags and
  lines on certain architectures only.
- Buildd tags "no-compiler-commands" and "invalid-cmake-used" are now
  information ('I-') instead of warning ('W-').

more»

/usr/share/man/man1/blhc.1.gz

BLHC(1)          User Contributed Perl Documentation         BLHC(1)



NAME
       blhc - build log hardening check, checks build logs for
       missing hardening flags

SYNOPSIS
       blhc [options] <dpkg-buildpackage build log file>..

DESCRIPTION
       blhc is a small tool which checks build logs for missing
       hardening flags. It's licensed under the GPL 3 or later.

       It's design
more»

/usr/share/doc/blhc/changelog.Debian.gz

blhc (0.03+20120626+git93afe23-1) unstable; urgency=low

  * New upstream release
    - Fixes for fa
more»

/usr/share/doc/blhc/copyright

Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0
Upstream-Name: blhc
Upstrea
more»

Browse inside blhc_0.03+20120626+git93afe23-1_all.deb

         [DIR]DEBIAN/ (2)  65535+ mirrors
         [DIR]usr/ (2)  65535+ mirrors

Download blhc_0.03+20120626+git93afe23-1_all.deb

Results 1 - 1 of 1
Help - FTP Sites List - Software Dir.
Search over 15 billion files
© 1997-2016 FileWatcher.com