Minor changes.

src/archive.rs

@@ -16,7 +16,7 @@ pub fn analyze_binary(parser: &BinaryParser) -> Result<Vec<Box<dyn DisplayInColo
     Ok(vec![has_stack_protection])
 }
 
-pub fn has_stack_protection(
+pub(crate) fn has_stack_protection(
     parser: &BinaryParser,
     archive: &goblin::archive::Archive,
 ) -> Result<bool> {

src/elf.rs

@@ -4,8 +4,8 @@
 // Licensed under the MIT license. This file may not be copied, modified,
 // or distributed except according to those terms.
 
-pub mod checked_functions;
-pub mod needed_libc;
+pub(crate) mod checked_functions;
+pub(crate) mod needed_libc;
 
 use std::collections::HashSet;
 
@@ -45,7 +45,7 @@ pub fn analyze_binary(parser: &BinaryParser) -> Result<Vec<Box<dyn DisplayInColo
     Ok(result)
 }
 
-pub fn get_libc_functions_by_protection<'t>(
+pub(crate) fn get_libc_functions_by_protection<'t>(
     elf: &goblin::elf::Elf,
     libc_ref: &'t NeededLibC,
 ) -> (HashSet<&'t str>, HashSet<&'t str>) {
@@ -77,7 +77,7 @@ pub fn get_libc_functions_by_protection<'t>(
 }
 
 /// [`ET_EXEC`, `ET_DYN`, `PT_PHDR`](http://refspecs.linux-foundation.org/elf/TIS1.1.pdf).
-pub fn supports_aslr(elf: &goblin::elf::Elf) -> ASLRCompatibilityLevel {
+pub(crate) fn supports_aslr(elf: &goblin::elf::Elf) -> ASLRCompatibilityLevel {
     debug!(
         "Header type is 'ET_{}'.",
         goblin::elf::header::et_to_str(elf.header.e_type)
@@ -127,7 +127,7 @@ pub fn supports_aslr(elf: &goblin::elf::Elf) -> ASLRCompatibilityLevel {
 }
 
 /// [PT_GNU_RELRO](http://refspecs.linux-foundation.org/LSB_5.0.0/LSB-Core-generic/LSB-Core-generic/progheader.html).
-pub fn becomes_read_only_after_relocations(elf: &goblin::elf::Elf) -> bool {
+pub(crate) fn becomes_read_only_after_relocations(elf: &goblin::elf::Elf) -> bool {
     let r = elf
         .program_headers
         .iter()
@@ -140,7 +140,7 @@ pub fn becomes_read_only_after_relocations(elf: &goblin::elf::Elf) -> bool {
 }
 
 /// [`__stack_chk_fail`](http://refspecs.linux-foundation.org/LSB_5.0.0/LSB-Core-generic/LSB-Core-generic/baselib---stack-chk-fail-1.html).
-pub fn has_stack_protection(elf: &goblin::elf::Elf) -> bool {
+pub(crate) fn has_stack_protection(elf: &goblin::elf::Elf) -> bool {
     let r = elf
         .dynsyms
         .iter()
@@ -164,7 +164,7 @@ const STV_DEFAULT: u8 = 0;
 /// Visible in other components but not preemptable.
 //const STV_PROTECTED: u8 = 3;
 
-pub fn dynamic_symbol_is_named_exported_function<'elf>(
+pub(crate) fn dynamic_symbol_is_named_exported_function<'elf>(
     elf: &'elf goblin::elf::Elf,
     symbol: &goblin::elf::sym::Sym,
 ) -> Option<&'elf str> {
@@ -192,9 +192,9 @@ pub fn dynamic_symbol_is_named_exported_function<'elf>(
 }
 
 /// Position Independent Executable.
-pub const DF_1_PIE: u64 = 0x08_00_00_00;
+pub(crate) const DF_1_PIE: u64 = 0x08_00_00_00;
 
-pub fn symbol_is_named_function_or_unspecified<'elf>(
+pub(crate) fn symbol_is_named_function_or_unspecified<'elf>(
     elf: &'elf goblin::elf::Elf,
     symbol: &goblin::elf::sym::Sym,
 ) -> Option<&'elf str> {
@@ -253,7 +253,7 @@ fn dynamic_symbol_is_named_imported_function<'elf>(
 
 /// - [`DT_BIND_NOW`](http://refspecs.linux-foundation.org/LSB_5.0.0/LSB-Core-generic/LSB-Core-generic/dynamicsection.html).
 /// - [`DF_BIND_NOW`, `DF_1_NOW`](http://refspecs.linux-foundation.org/LSB_5.0.0/LSB-Core-generic/LSB-Core-generic/libc-ddefs.html).
-pub fn requires_immediate_binding(elf: &goblin::elf::Elf) -> bool {
+pub(crate) fn requires_immediate_binding(elf: &goblin::elf::Elf) -> bool {
     elf.dynamic
         // We want to reference the data in `elf.dynamic`, not move it.
         .as_ref()

src/elf/checked_functions.rs

@@ -5,41 +5,41 @@
 // or distributed except according to those terms.
 
 #[derive(Debug, Eq, PartialEq, Hash)]
-pub struct CheckedFunction {
+pub(crate) struct CheckedFunction {
     checked_name: String,
 }
 
 impl CheckedFunction {
-    pub fn from_checked_name(checked_name: &str) -> Self {
+    pub(crate) fn from_checked_name(checked_name: &str) -> Self {
         Self {
             checked_name: String::from(checked_name),
         }
     }
 
-    pub fn from_unchecked_name(unchecked_name: &str) -> Self {
+    pub(crate) fn from_unchecked_name(unchecked_name: &str) -> Self {
         Self {
             checked_name: format!("__{unchecked_name}_chk"),
         }
     }
 
-    pub fn _get_checked_name(&self) -> &str {
+    pub(crate) fn _get_checked_name(&self) -> &str {
         &self.checked_name
     }
 
-    pub fn get_unchecked_name(&self) -> &str {
+    pub(crate) fn get_unchecked_name(&self) -> &str {
         &self.checked_name[2..self.checked_name.len() - 4]
     }
 }
 
 /// [Functions prefixed by `__` and suffixed by `_chk`](http://refspecs.linux-foundation.org/LSB_5.0.0/LSB-Core-generic/LSB-Core-generic/libc.html).
-pub fn function_is_checked_version(name: &str) -> bool {
+pub(crate) fn function_is_checked_version(name: &str) -> bool {
     name.starts_with("__") && name.ends_with("_chk")
 }
 
 /// - [LSB 4.0.0](http://refspecs.linux-foundation.org/LSB_4.0.0/LSB-Core-generic/LSB-Core-generic/libc.html).
 /// - [LSB 4.1.0](http://refspecs.linux-foundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/libc.html).
 /// - [LSB 5.0.0](http://refspecs.linux-foundation.org/LSB_5.0.0/LSB-Core-generic/LSB-Core-generic/libc.html).
-pub static LSB_4_0_0_FUNCTIONS_WITH_CHECKED_VERSIONS: &[&str] = &[
+pub(crate) static LSB_4_0_0_FUNCTIONS_WITH_CHECKED_VERSIONS: &[&str] = &[
     "confstr",
     "fgets",
     "fgets_unlocked",

src/elf/needed_libc.rs

@@ -16,12 +16,12 @@ use crate::cmdline::{LibCSpec, ARGS};
 use crate::errors::{Error, Result};
 use crate::parser::BinaryParser;
 
-pub struct NeededLibC {
+pub(crate) struct NeededLibC {
     checked_functions: HashSet<CheckedFunction>,
 }
 
 impl NeededLibC {
-    pub fn from_spec(spec: LibCSpec) -> Self {
+    pub(crate) fn from_spec(spec: LibCSpec) -> Self {
         let functions_with_checked_versions = spec.get_functions_with_checked_versions();
 
         if log_enabled!(log::Level::Debug) {
@@ -173,13 +173,13 @@ impl NeededLibC {
         checked_functions
     }
 
-    pub fn exports_function<'this>(&'this self, checked_name: &str) -> Option<&'this str> {
+    pub(crate) fn exports_function<'this>(&'this self, checked_name: &str) -> Option<&'this str> {
         self.checked_functions
             .get(&CheckedFunction::from_checked_name(checked_name))
             .map(CheckedFunction::get_unchecked_name)
     }
 
-    pub fn exports_checked_version_of_function<'this>(
+    pub(crate) fn exports_checked_version_of_function<'this>(
         &'this self,
         unchecked_name: &str,
     ) -> Option<&'this str> {

src/errors.rs

@@ -6,10 +6,10 @@
 
 use std::path::PathBuf;
 
-pub type Result<T> = core::result::Result<T, Error>;
+pub(crate) type Result<T> = core::result::Result<T, Error>;
 
 #[derive(Debug, thiserror::Error)]
-pub enum Error {
+pub(crate) enum Error {
     #[error("{operation}({path}) failed")]
     IO1 {
         operation: &'static str,
@@ -65,7 +65,7 @@ pub enum Error {
 }
 
 impl Error {
-    pub fn from_io1(
+    pub(crate) fn from_io1(
         source: std::io::Error,
         operation: &'static str,
         path: impl Into<PathBuf>,

src/options.rs

@@ -4,7 +4,7 @@
 // Licensed under the MIT license. This file may not be copied, modified,
 // or distributed except according to those terms.
 
-pub mod status;
+pub(crate) mod status;
 
 use crate::elf::needed_libc::NeededLibC;
 use crate::errors::Result;
@@ -43,7 +43,7 @@ impl<'t> BinarySecurityOption<'t> for PEDllCharacteristicsBitOption {
 }
 
 #[derive(Default)]
-pub struct PEHasCheckSumOption;
+pub(crate) struct PEHasCheckSumOption;
 
 impl<'t> BinarySecurityOption<'t> for PEHasCheckSumOption {
     fn check(&self, parser: &BinaryParser) -> Result<Box<dyn DisplayInColorTerm>> {
@@ -61,7 +61,7 @@ impl<'t> BinarySecurityOption<'t> for PEHasCheckSumOption {
 }
 
 #[derive(Default)]
-pub struct DataExecutionPreventionOption;
+pub(crate) struct DataExecutionPreventionOption;
 
 impl<'t> BinarySecurityOption<'t> for DataExecutionPreventionOption {
     /// Returns information about support of Data Execution Prevention (DEP) in the executable.
@@ -85,7 +85,7 @@ impl<'t> BinarySecurityOption<'t> for DataExecutionPreventionOption {
 }
 
 #[derive(Default)]
-pub struct PERunsOnlyInAppContainerOption;
+pub(crate) struct PERunsOnlyInAppContainerOption;
 
 impl<'t> BinarySecurityOption<'t> for PERunsOnlyInAppContainerOption {
     /// Returns information about the requirement to run this executable inside `AppContainer`.
@@ -105,7 +105,7 @@ impl<'t> BinarySecurityOption<'t> for PERunsOnlyInAppContainerOption {
 }
 
 #[derive(Default)]
-pub struct RequiresIntegrityCheckOption;
+pub(crate) struct RequiresIntegrityCheckOption;
 
 impl<'t> BinarySecurityOption<'t> for RequiresIntegrityCheckOption {
     /// Returns whether the operating system must to verify the digital signature of this executable
@@ -126,7 +126,7 @@ impl<'t> BinarySecurityOption<'t> for RequiresIntegrityCheckOption {
 }
 
 #[derive(Default)]
-pub struct PEEnableManifestHandlingOption;
+pub(crate) struct PEEnableManifestHandlingOption;
 
 impl<'t> BinarySecurityOption<'t> for PEEnableManifestHandlingOption {
     /// Returns whether the operating system is allowed to consider manifest files when loading
@@ -149,7 +149,7 @@ impl<'t> BinarySecurityOption<'t> for PEEnableManifestHandlingOption {
 }
 
 #[derive(Default)]
-pub struct PEControlFlowGuardOption;
+pub(crate) struct PEControlFlowGuardOption;
 
 impl<'t> BinarySecurityOption<'t> for PEControlFlowGuardOption {
     fn check(&self, parser: &BinaryParser) -> Result<Box<dyn DisplayInColorTerm>> {
@@ -163,7 +163,7 @@ impl<'t> BinarySecurityOption<'t> for PEControlFlowGuardOption {
 }
 
 #[derive(Default)]
-pub struct PEHandlesAddressesLargerThan2GBOption;
+pub(crate) struct PEHandlesAddressesLargerThan2GBOption;
 
 impl<'t> BinarySecurityOption<'t> for PEHandlesAddressesLargerThan2GBOption {
     fn check(&self, parser: &BinaryParser) -> Result<Box<dyn DisplayInColorTerm>> {
@@ -180,7 +180,7 @@ impl<'t> BinarySecurityOption<'t> for PEHandlesAddressesLargerThan2GBOption {
 }
 
 #[derive(Default)]
-pub struct AddressSpaceLayoutRandomizationOption;
+pub(crate) struct AddressSpaceLayoutRandomizationOption;
 
 impl<'t> BinarySecurityOption<'t> for AddressSpaceLayoutRandomizationOption {
     /// Returns the level of support of Address Space Layout Randomization (ASLR).
@@ -198,7 +198,7 @@ impl<'t> BinarySecurityOption<'t> for AddressSpaceLayoutRandomizationOption {
 }
 
 #[derive(Default)]
-pub struct PESafeStructuredExceptionHandlingOption;
+pub(crate) struct PESafeStructuredExceptionHandlingOption;
 
 impl<'t> BinarySecurityOption<'t> for PESafeStructuredExceptionHandlingOption {
     fn check(&self, parser: &BinaryParser) -> Result<Box<dyn DisplayInColorTerm>> {
@@ -215,7 +215,7 @@ impl<'t> BinarySecurityOption<'t> for PESafeStructuredExceptionHandlingOption {
 }
 
 #[derive(Default)]
-pub struct ELFReadOnlyAfterRelocationsOption;
+pub(crate) struct ELFReadOnlyAfterRelocationsOption;
 
 impl<'t> BinarySecurityOption<'t> for ELFReadOnlyAfterRelocationsOption {
     fn check(&self, parser: &BinaryParser) -> Result<Box<dyn DisplayInColorTerm>> {
@@ -232,7 +232,7 @@ impl<'t> BinarySecurityOption<'t> for ELFReadOnlyAfterRelocationsOption {
 }
 
 #[derive(Default)]
-pub struct ELFStackProtectionOption;
+pub(crate) struct ELFStackProtectionOption;
 
 impl<'t> BinarySecurityOption<'t> for ELFStackProtectionOption {
     fn check(&self, parser: &BinaryParser) -> Result<Box<dyn DisplayInColorTerm>> {
@@ -253,7 +253,7 @@ impl<'t> BinarySecurityOption<'t> for ELFStackProtectionOption {
 }
 
 #[derive(Default)]
-pub struct ELFImmediateBindingOption;
+pub(crate) struct ELFImmediateBindingOption;
 
 impl<'t> BinarySecurityOption<'t> for ELFImmediateBindingOption {
     fn check(&self, parser: &BinaryParser) -> Result<Box<dyn DisplayInColorTerm>> {
@@ -266,12 +266,12 @@ impl<'t> BinarySecurityOption<'t> for ELFImmediateBindingOption {
     }
 }
 
-pub struct ELFFortifySourceOption {
+pub(crate) struct ELFFortifySourceOption {
     libc_spec: Option<cmdline::LibCSpec>,
 }
 
 impl ELFFortifySourceOption {
-    pub fn new(libc_spec: Option<cmdline::LibCSpec>) -> Self {
+    pub(crate) fn new(libc_spec: Option<cmdline::LibCSpec>) -> Self {
         Self { libc_spec }
     }
 }