#!/bin/sh # # this script finds the static libraries and executables in # $TRACKED subdirectories, in order to list and re-compile # the spells created those. # # This way, we will get rid of buggy static compiles. # # 20020313, kongar ############################ # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # $Id: find_zlib_static,v 1.5 2002/03/13 10:00:26 kongar Exp $ ############################ ##### sanity checks check_wish() { cat << EOF As you already aware of, there is a bug in zlib. This bug can potentially be exploited. See http://www.gzip.org/zlib/advisory-2002-03-11.txt for details. zlib is being used by the system in 3 different ways: 1) as a shared library 2) core code compiled into static libraries and programs 3) application specific usage. The app use its own zlib. This scripts will upgrade the zlib spell (if you didn't already) and scan the system for statically linked libraries and executables which used zlib. At the end, you'll be presented an update list. This script does not determine whether the application is using the buggy version or not. So, for every other run, it will give the list. Better be sure to re-compile the applications listed. After recompilation, you'll be safe :=) BTW, This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. :=) Kongar EOF if ! query "Do you wish to continue?" n then echo "cancelled by user"; exit fi } check_root(){ if ! [ "$UID" == 0 ]; then echo "root access needed for that!" exit fi } check_details(){ SPELL="zlib" run_details unset SPELL if [ "$VERSION" != "1.1.4" ]; then echo "You need a sorcery update pal!" exit fi } check_version(){ unset VERSION VERSION=`installed_version zlib` if [ "$VERSION" != "1.1.4" ]; then echo installed version is $VERSION, grimoire version is 1.1.4, rebuilding... cast zlib fi } sanity_checks() { check_root check_wish check_details check_version } ##### end sanity checks show_from() { cd $INSTALL_LOGS grep $1 * } find_libs() { LIB_LIST=`find /usr/lib \ ! -regex '.*/doc/.*' ! -regex '.*/man/.*' ! -regex '.*/include/.*' \ ! -regex '.*/src/.*' ! -regex '.*/share/.*' ! -regex '.*/fonts/.*' \ ! -regex '.*/info/.*' ! -regex '.*/perl5/.*' ! -regex '.*/site-packages/.*' \ ! -regex '.*\.so.*' \ -exec file {} \; \ | egrep "current ar archive|statically linked" \ | cut -d ":" -f 1-1` echo "First phase completed, all candidates were found!" echo AFFECTED=`nm --print-file-name $LIB_LIST | egrep "deflate|inflate" | cut -d ":" -f 1-1 ` echo "Second phase completed, files have embedded libz code in, found!" echo echo "Now determining the spells need re-cast!" echo for TARGET in $AFFECTED; do echo $TARGET >> $TMPFILE; done SORTED=`cat $TMPFILE | sort | grep -v libz | uniq` for SPELL in $SORTED; do for INSTALLED_SPELL in $INSTALLED_SPELLS; do if [ `show_from $SPELL | cut -d ":" -f 1-1 | grep $INSTALLED_SPELL` ]; then #echo $INSTALLED_SPELL; push_queue $INSTALL_QUEUE $INSTALLED_SPELL fi done done } main() { sanity_checks; echo "Finding statically linked files and checking for zlib" echo "existence in them. This may require some time!" echo "3 minutes on my P1000" echo find_libs upgrade_install_queue rm $TMPFILE } . /etc/sorcery/config TMPFILE=/tmp/zlibfind.`uuidgen` INSTALLED_SPELLS=`gaze installed | cut -d ":" -f 1-1` main $*