[ELF/PE/Mach-O] Brainstorming: Add checks for unstripped symbols/debug sections/profiling sections/embedded bitcode/... #103
Description
Hi,
as suggested by @Wenzel , here a brainstorming post regarding a potentially interesting new feature:
Adding checks to detect:
-unstripped symbols
-unremoved debug information
-unremoved profiling instrumentation
-unremoved coverage instrumentation
-unremoved embedded LLVM bitcode
...
Rationale:
Besides checking for compiler hardening flags, it could be useful for developers to check for above points, before releasing a binary as to not disclose sensitive information.
On the other hand, this can be also useful for reverse engineering, as those points may give further inside into the code.
Implementation:
Check for presence of corresponding section/segment names "debug_", "_llvm_prf", ... or certain symbols "_llvm_profile*", ...
Agree/Disagree/Discussion or concrete ideas for checks?