Add a rustc option to strip environment information from path strings
Usernames and other environment specific information can be revealed in on-chain program binary files that compiler generates, because it includes paths to source files as strings in the binary files. The added option instructs the compiler to strip the path parts up to and including crate root subdirectory from the path strings added to the generated binary files.
This commit is contained in:
parent
ffeac6488e
commit
0bbfcc3ba0
|
@ -28,6 +28,7 @@ struct Config<'a> {
|
||||||
generate_child_script_on_failure: bool,
|
generate_child_script_on_failure: bool,
|
||||||
no_default_features: bool,
|
no_default_features: bool,
|
||||||
offline: bool,
|
offline: bool,
|
||||||
|
remap_cwd: bool,
|
||||||
verbose: bool,
|
verbose: bool,
|
||||||
workspace: bool,
|
workspace: bool,
|
||||||
jobs: Option<String>,
|
jobs: Option<String>,
|
||||||
|
@ -51,6 +52,7 @@ impl Default for Config<'_> {
|
||||||
generate_child_script_on_failure: false,
|
generate_child_script_on_failure: false,
|
||||||
no_default_features: false,
|
no_default_features: false,
|
||||||
offline: false,
|
offline: false,
|
||||||
|
remap_cwd: true,
|
||||||
verbose: false,
|
verbose: false,
|
||||||
workspace: false,
|
workspace: false,
|
||||||
jobs: None,
|
jobs: None,
|
||||||
|
@ -515,11 +517,14 @@ fn build_sbf_package(config: &Config, target_directory: &Path, package: &cargo_m
|
||||||
env::set_var("OBJDUMP", llvm_bin.join("llvm-objdump"));
|
env::set_var("OBJDUMP", llvm_bin.join("llvm-objdump"));
|
||||||
env::set_var("OBJCOPY", llvm_bin.join("llvm-objcopy"));
|
env::set_var("OBJCOPY", llvm_bin.join("llvm-objcopy"));
|
||||||
|
|
||||||
|
let rustflags = env::var("RUSTFLAGS").ok();
|
||||||
|
let rustflags = rustflags.as_deref().unwrap_or_default();
|
||||||
|
if config.remap_cwd {
|
||||||
|
let rustflags = format!("{} -Zremap-cwd-prefix=", &rustflags);
|
||||||
|
env::set_var("RUSTFLAGS", &rustflags);
|
||||||
|
}
|
||||||
if config.verbose {
|
if config.verbose {
|
||||||
debug!(
|
debug!("RUSTFLAGS={}", &rustflags);
|
||||||
"RUSTFLAGS={}",
|
|
||||||
env::var("RUSTFLAGS").ok().as_deref().unwrap_or("")
|
|
||||||
);
|
|
||||||
};
|
};
|
||||||
|
|
||||||
let cargo_build = PathBuf::from("cargo");
|
let cargo_build = PathBuf::from("cargo");
|
||||||
|
@ -744,6 +749,12 @@ fn main() {
|
||||||
.multiple_values(true)
|
.multiple_values(true)
|
||||||
.last(true),
|
.last(true),
|
||||||
)
|
)
|
||||||
|
.arg(
|
||||||
|
Arg::new("remap_cwd")
|
||||||
|
.long("disable-remap-cwd")
|
||||||
|
.takes_value(false)
|
||||||
|
.help("Disable remap of cwd prefix and preserve full path strings in binaries"),
|
||||||
|
)
|
||||||
.arg(
|
.arg(
|
||||||
Arg::new("dump")
|
Arg::new("dump")
|
||||||
.long("dump")
|
.long("dump")
|
||||||
|
@ -838,6 +849,7 @@ fn main() {
|
||||||
features: matches.values_of_t("features").ok().unwrap_or_default(),
|
features: matches.values_of_t("features").ok().unwrap_or_default(),
|
||||||
generate_child_script_on_failure: matches.is_present("generate_child_script_on_failure"),
|
generate_child_script_on_failure: matches.is_present("generate_child_script_on_failure"),
|
||||||
no_default_features: matches.is_present("no_default_features"),
|
no_default_features: matches.is_present("no_default_features"),
|
||||||
|
remap_cwd: !matches.is_present("remap_cwd"),
|
||||||
offline: matches.is_present("offline"),
|
offline: matches.is_present("offline"),
|
||||||
verbose: matches.is_present("verbose"),
|
verbose: matches.is_present("verbose"),
|
||||||
workspace: matches.is_present("workspace"),
|
workspace: matches.is_present("workspace"),
|
||||||
|
|
Loading…
Reference in New Issue