Nick Clifton

Born in Canada, raised in the UK. Joined Cygnus in the US, which then became part of Red Hat. Now back in the UK, working remotely and enjoying every minute of it.

Areas of Expertise

Compilers & Linkers

Recent Posts

Annocheck: Examining the contents of binary files

Annocheck: Examining the contents of binary files

The Annobin plugin for GCC stores extra information inside binary files as they are compiled.  Examining this information used to be performed by a set of shell scripts, but that has now changed and a new program—annocheck—has been written to do the job.  The advantage of the program is that it is faster and more flexible than the scripts, and it does not rely upon other utilities to actually peer inside the binaries.

This article is about the annocheck program: how to use it, how it works, and how to extend it. The program’s main purpose is to examine how a binary was built and to check that it has all of the appropriate security hardening features enabled. But that is not its only use.  It also has several other modes that perform different kinds of examination of binary files.

Another feature of annocheck is that it was designed to be easily extensible. It provides a framework for dissecting binary files and a set of utilities to help with this examination. It also knows how to handle archives, RPMs, and directories, presenting the contents of these to each tool as a series of ordinary files. Thus, tools need only worry about the specific tasks they want to carry out.

Continue reading “Annocheck: Examining the contents of binary files”

Share
GNU Toolchain Update – Spring 2018

GNU Toolchain Update – Spring 2018

The GNU Toolchain is a collection of programming tools produced by the GNU Project. The tools are often packaged together due to their common use for developing software applications, operating systems, and low-level software for embedded systems.

This blog is part of a series (see: Fall 2017 Update) covering the latest changes and improvements in the components that make up this Toolchain. Apart from the announcement of new releases, the features described here are at the bleeding edge of software development in the tools. This means that it may be awhile before they make it into production releases, and they might not be fully functional yet. But anyone who is interested in experimenting with them can build their own copy of the Toolchain and then try them out.

Continue reading “GNU Toolchain Update – Spring 2018”

Share
Annobin – Storing Extra Information in Binaries

Annobin – Storing Extra Information in Binaries

Introduction

Compiled files, often called binaries, are a mainstay of modern computer systems. But it is often hard for system builders and users to find out more than just very basic information about these files. The Annobin project exists as means to answer questions like:

  • How was this binary built?
  • What testing was performed on the binary?
  • What sources were used to make the binary ?

The Annobin project is an implementation of the Watermark specification , which details how to record extra information in a binary. One important feature of this specification is that it includes an address range for the information stored. This makes it possible to record the fact that part of a binary was compiled with one set of options and another part was recorded with a different set of options.

Continue reading “Annobin – Storing Extra Information in Binaries”

Share
Fall 2017 GNU Toolchain Update

Fall 2017 GNU Toolchain Update

The GNU Toolchain is a collection of programming tools produced by the GNU Project. The tools are often packaged together due to their common use for developing software applications, operating systems, and low-level software for embedded systems.

This blog is part of a regular series covering the latest changes and improvements in the components that make up this Toolchain. Apart from the announcement of new releases, however, the features described here are at the bleeding edge of software development in the tools. This does mean that it may be a while before they make it into production releases, and they might not be fully functional yet. But anyone who is interested in experimenting with them can build their own copy of the Toolchain and then try them out.

Continue reading “Fall 2017 GNU Toolchain Update”

Share
Summer 2017 GNU Toolchain Update

Summer 2017 GNU Toolchain Update

The GNU Toolchain is a collection of programming tools produced by the GNU Project. The tools are often packaged together due to their common use for developing software applications, operating systems, and low-level software for embedded systems.

This blog is part of a regular series covering the latest changes and improvements in the components that make up this Toolchain. Apart from the announcement of new releases, however, the features described here are at the bleeding edge of software development in the tools. This does mean that it may be a while before they make it into production releases, and they might not be fully functional yet. But anyone who is interested in experimenting with them can build their own copy of the Toolchain and then try them out.

Continue reading “Summer 2017 GNU Toolchain Update”

Share
Spring 2017 GNU Toolchain Update

Spring 2017 GNU Toolchain Update

The GNU Toolchain is a collection of programming tools produced by the GNU Project. The tools are often packaged together due to their common use for developing software applications, operating systems, and low-level software for embedded systems.

This blog is part of a regular series covering the latest changes and improvements in the components that make up this Toolchain. Apart from the announcement of new releases, however, the features described here are at the bleeding edge of software development in the tools. This does mean that it may be a while before they make it into production releases, and they might not be fully functional yet. But anyone who is interested in experimenting with them can build their own copy of the Toolchain and then try them out.

Continue reading “Spring 2017 GNU Toolchain Update”

Share

November 2016 GNU Toolchain Update

The GNU Toolchain is a collection of  programming tools produced by the GNU Project. The tools are often packaged together due to their common use for developing software applications, operating systems, and low level software for embedded systems.

This blog is part of a regular series covering the latest changes and improvements in the components that make up this Toolchain.  Apart from the announcement of new releases however, the features described here are at the very bleeding edge of software development in the tools.  This does mean that it may be a while before they make it into production releases, although interested parties can always build their own copies of the toolchain in order to try them out.

Continue reading “November 2016 GNU Toolchain Update”

Share

August 2016 GNU Toolchain Update

The GNU Toolchain is a collection of  programming tools produced by the GNU Project. The tools are often packaged together due to their common use for developing software applications, operating systems, and low level software for embedded systems.

This blog is part of a regular series covering the latest changes and improvements in the components that make up this Toolchain.  Apart from the announcement of new releases however, the features described here are at the very bleeding edge of software development in the tools.  This does mean that it may be a while before they make it into production releases, although interested parties can always build their own copies of the toolchain in order to try them out.

Continue reading “August 2016 GNU Toolchain Update”

Share

April/May 2016 GNU Toolchain Update

Introduction

The GNU Toolchain is a collection of  programming tools produced by the GNU Project. The tools are often packaged together due to their common use for developing software applications, operating systems, and low level software for embedded systems.

This blog is part of a regular series covering the latest changes and improvements in the components that make up this Toolchain.  Apart from the announcement of new releases however, the features described here are at the very bleeding edge of software development in the tools.  This does mean that it may be a while before they make it into production releases, although interested parties can always build their own copies of the toolchain in order to try them out.

Continue reading “April/May 2016 GNU Toolchain Update”

Share