search

microsoft / binskim

A binary static analysis tool that provides security and correctness results for Windows Portable Executable and *nix ELF binary formats
Other
769 stars 156 forks source link

strange warning when run on linux #478

Open chipitsine opened 3 years ago

chipitsine commented 3 years ago

I built BinSkim (master branch) on Linux.

when I run 

./bld/bin/x64_Release/netcoreapp3.1/BinSkim analyze /home/ilia/haproxy/haproxy

I see

[ilia@fedora binskim]$ ./bld/bin/x64_Release/netcoreapp3.1/BinSkim analyze /home/ilia/haproxy/haproxy 
Analyzing...
BINSKIM : warning WRN998.UnsupportedPlatform : Rule 'DoNotIncorporateVulnerableDependencies' was disabled as it cannot run on the current platform 'Linux'.  It can only run on 'Windows'.
BINSKIM : warning WRN998.UnsupportedPlatform : Rule 'EnableSecureSourceCodeHashing' was disabled as it cannot run on the current platform 'Linux'.  It can only run on 'Windows'.
BINSKIM : warning WRN998.UnsupportedPlatform : Rule 'DoNotShipVulnerableBinaries' was disabled as it cannot run on the current platform 'Linux'.  It can only run on 'Windows'.
BINSKIM : warning WRN998.UnsupportedPlatform : Rule 'BuildWithSecureTools' was disabled as it cannot run on the current platform 'Linux'.  It can only run on 'Windows'.
BINSKIM : warning WRN998.UnsupportedPlatform : Rule 'EnableCriticalCompilerWarnings' was disabled as it cannot run on the current platform 'Linux'.  It can only run on 'Windows'.
BINSKIM : warning WRN998.UnsupportedPlatform : Rule 'EnableStackProtection' was disabled as it cannot run on the current platform 'Linux'.  It can only run on 'Windows'.
BINSKIM : warning WRN998.UnsupportedPlatform : Rule 'InitializeStackProtection' was disabled as it cannot run on the current platform 'Linux'.  It can only run on 'Windows'.
BINSKIM : warning WRN998.UnsupportedPlatform : Rule 'DoNotDisableStackProtectionForFunctions' was disabled as it cannot run on the current platform 'Linux'.  It can only run on 'Windows'.
BINSKIM : warning WRN998.UnsupportedPlatform : Rule 'SignSecurely' was disabled as it cannot run on the current platform 'Linux'.  It can only run on 'Windows'.
BINSKIM : warning WRN998.UnsupportedPlatform : Rule 'EnableSpectreMitigations' was disabled as it cannot run on the current platform 'Linux'.  It can only run on 'Windows'.
BINSKIM : warning WRN998.UnsupportedPlatform : Rule 'EnableShadowStack' was disabled as it cannot run on the current platform 'Linux'.  It can only run on 'Windows'.
BINSKIM : warning WRN998.UnsupportedPlatform : Rule 'EnableAdditionalSdlSecurityChecks' was disabled as it cannot run on the current platform 'Linux'.  It can only run on 'Windows'.
BINSKIM : warning WRN998.UnsupportedPlatform : Rule 'ReportPECompilerData' was disabled as it cannot run on the current platform 'Linux'.  It can only run on 'Windows'.

what is the idea behind these warnings ? all those rules are related to WinPE. I'm not examining WinPE, "haproxy" is pure ELF binary.

that's pretty fine that WinPE rules are not applied to ELF binaries. why is it so important to warn me in the way above :) ?

chipitsine commented 3 years ago

can BinSkim display those warnigs only if WinPE is examined on Linux ?