From 5e38c24c1d628c59e4908f602fe1c37aa2441e28 Mon Sep 17 00:00:00 2001
From: Jack Grigg <jack@z.cash>
Date: Wed, 6 Jun 2018 00:02:16 +1200
Subject: [PATCH] Add Mach-O 64-bit detection to security-check.py

Fixes sec-hard test on MacOS CI worker. At some point we can extend this with
actual security hardening checks.
---
 contrib/devtools/security-check.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/contrib/devtools/security-check.py b/contrib/devtools/security-check.py
index 427cbfb73..43c825bde 100755
--- a/contrib/devtools/security-check.py
+++ b/contrib/devtools/security-check.py
@@ -6,6 +6,7 @@ Otherwise the exit status will be 1 and it will log which executables failed whi
 Needs `readelf` (for ELF) and `objdump` (for PE).
 '''
 from __future__ import division,print_function,unicode_literals
+import struct
 import subprocess
 import sys
 import os
@@ -171,6 +172,8 @@ CHECKS = {
     ('DYNAMIC_BASE', check_PE_DYNAMIC_BASE),
     ('HIGH_ENTROPY_VA', check_PE_HIGH_ENTROPY_VA),
     ('NX', check_PE_NX)
+],
+'MachO64': [
 ]
 }
 
@@ -181,6 +184,8 @@ def identify_executable(executable):
         return 'PE'
     elif magic.startswith(b'\x7fELF'):
         return 'ELF'
+    elif struct.unpack('I', magic)[0] == 0xFEEDFACF:
+        return 'MachO64'
     return None
 
 if __name__ == '__main__':