#!/bin/sh

# shellcheck disable=SC2039
if ! type scanelf > /dev/null 2>&1; then
    echo "scanelf (from pax-utils) is required for these checks." >&2
    exit 3
fi

RET=0

# check for exec stacks
OUT=$(scanelf -qyRAF '%e %p' "$1")

if [ x"${OUT}" != x ]; then
    RET=2
    echo "The following files contain writable and executable sections"
    echo " Files with such sections will not work properly (or at all!) on some"
    echo " architectures/operating systems."
    echo " For more information, see:"
    echo "   https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart"
    echo
    echo "${OUT}"
    echo
fi


# check for TEXTRELS
OUT=$(scanelf -qyRAF '%T %p' "$1")

if [ x"${OUT}" != x ]; then
    RET=2
    echo "The following files contain runtime text relocations"
    echo " Text relocations force the dynamic linker to perform extra"
    echo " work at startup, waste system resources, and may pose a security"
    echo " risk.  On some architectures, the code may not even function"
    echo " properly, if at all."
    echo " For more information, see:"
    echo "   https://wiki.gentoo.org/wiki/Hardened/HOWTO_locate_and_fix_textrels"
    echo
    echo "${OUT}"
    echo
fi

exit $RET