adds a line when no copyright for Dogecoin Core Developers exists
but the file has been edited by us, to the last year found in git
log, or extends the year range on an existing line when a file
has been modified since the year previously listed.
Excludes subtrees.
Takes the security and symbol checkers from Bitcoin Core v24.0.1
because this uses the python3 capable lief module for reading
multi-platform binaries. This helps getting rid of
incompatibilities when using these tools in Ubuntu releases newer
than Bionic (18.04) and by using the external module, reduces risk
and maintenance cost of custom code.
This commit does NOT reconfigure for Dogecoin 1.14.7 parametrization
Backported from state at: b3f866a8@bitcoin/bitcoin
Perform the following ELF security checks:
- PIE: Check for position independent executable (PIE), allowing for address space randomization
- NX: Check that no sections are writable and executable (including the stack)
- RELRO: Check for read-only relocations, binding at startup
- Canary: Check for use of stack canary
Also add a check to symbol-check.py that checks that only the subset of
allowed libraries is imported (to avoid incompatibilities).
