1. Ronald Oussoren
  2. macholib
Issue #11 new

MachoStandalone should strip code signatures

Ronald Oussoren
repo owner created an issue

MachoStandalone changes binaries, which break code signatures. The command should therefore remove code signatures.

Comments (2)

  1. Ronald Oussoren reporter

    I've attached a patch that does some of the work. The patch is not complete though, the code signature is stored in the LINKEDIT segment, not just in the macho headers:

    /*
     * The linkedit_data_command contains the offsets and sizes of a blob
     * of data in the __LINKEDIT segment.  
     */
    struct linkedit_data_command {
        uint32_t    cmd;            /* LC_CODE_SIGNATURE, LC_SEGMENT_SPLIT_INFO,
                                                LC_FUNCTION_STARTS, LC_DATA_IN_CODE,
                                                or LC_DYLIB_CODE_SIGN_DRS */
        uint32_t    cmdsize;        /* sizeof(struct linkedit_data_command) */
        uint32_t    dataoff;        /* file offset of data in __LINKEDIT segment */
        uint32_t    datasize;       /* file size of data in __LINKEDIT segment  */
    };
    

    The patch only removes the linkedit_data load command, but doesn't adjust the LINKEDIT segment and that confuses other tools (like strip(1)).

  2. Log in to comment