MachoStandalone should strip code signatures

Issue #11 new
Ronald Oussoren
repo owner created an issue

MachoStandalone changes binaries, which break code signatures. The command should therefore remove code signatures.

Comments (2)

  1. Ronald Oussoren reporter

    I've attached a patch that does some of the work. The patch is not complete though, the code signature is stored in the LINKEDIT segment, not just in the macho headers:

    /*
     * The linkedit_data_command contains the offsets and sizes of a blob
     * of data in the __LINKEDIT segment.  
     */
    struct linkedit_data_command {
        uint32_t    cmd;            /* LC_CODE_SIGNATURE, LC_SEGMENT_SPLIT_INFO,
                                                LC_FUNCTION_STARTS, LC_DATA_IN_CODE,
                                                or LC_DYLIB_CODE_SIGN_DRS */
        uint32_t    cmdsize;        /* sizeof(struct linkedit_data_command) */
        uint32_t    dataoff;        /* file offset of data in __LINKEDIT segment */
        uint32_t    datasize;       /* file size of data in __LINKEDIT segment  */
    };
    

    The patch only removes the linkedit_data load command, but doesn't adjust the LINKEDIT segment and that confuses other tools (like strip(1)).

  2. Log in to comment