diff --git a/.gitignore b/.gitignore index e99bda5..6aac4df 100644 --- a/.gitignore +++ b/.gitignore @@ -26,3 +26,12 @@ /elfutils-0.183.tar.bz2 /elfutils-0.184.tar.bz2 /elfutils-0.185.tar.bz2 +/elfutils-0.186.tar.bz2 +/elfutils-0.187.tar.bz2 +/elfutils-0.188.tar.bz2 +/elfutils-0.189.tar.bz2 +/elfutils-0.190.tar.bz2 +/elfutils-0.191.tar.bz2 +/elfutils-0.192.tar.bz2 +/elfutils-0.193.tar.bz2 +/elfutils-0.194.tar.bz2 diff --git a/elfutils-0.185-raise-pthread_kill-backtrace.patch b/elfutils-0.185-raise-pthread_kill-backtrace.patch deleted file mode 100644 index 9c0108f..0000000 --- a/elfutils-0.185-raise-pthread_kill-backtrace.patch +++ /dev/null @@ -1,125 +0,0 @@ -commit 9aee0992d6e6ec4cce2c015d8da4b61022c6f6dd -Author: Mark Wielaard -Date: Wed Aug 4 21:01:27 2021 +0200 - - tests: Allow an extra pthread_kill frame in backtrace tests - - glibc 2.34 calls pthread_kill from the raise function. Before raise - directly called the (tg)kill syscall. So allow pthread_kill to be the - first frame in a backtrace where raise is expected. Also change some - asserts to fprintf plus abort to make it more clear why the testcase - fails. - - https://sourceware.org/bugzilla/show_bug.cgi?id=28190 - - Signed-off-by: Mark Wielaard - -diff --git a/tests/backtrace.c b/tests/backtrace.c -index 36c8b8c4..afc12fb9 100644 ---- a/tests/backtrace.c -+++ b/tests/backtrace.c -@@ -97,6 +97,9 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc, - static bool reduce_frameno = false; - if (reduce_frameno) - frameno--; -+ static bool pthread_kill_seen = false; -+ if (pthread_kill_seen) -+ frameno--; - if (! use_raise_jmp_patching && frameno >= 2) - frameno += 2; - const char *symname2 = NULL; -@@ -107,11 +110,26 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc, - && (strcmp (symname, "__kernel_vsyscall") == 0 - || strcmp (symname, "__libc_do_syscall") == 0)) - reduce_frameno = true; -+ else if (! pthread_kill_seen && symname -+ && strstr (symname, "pthread_kill") != NULL) -+ pthread_kill_seen = true; - else -- assert (symname && strcmp (symname, "raise") == 0); -+ { -+ if (!symname || strcmp (symname, "raise") != 0) -+ { -+ fprintf (stderr, -+ "case 0: expected symname 'raise' got '%s'\n", symname); -+ abort (); -+ } -+ } - break; - case 1: -- assert (symname != NULL && strcmp (symname, "sigusr2") == 0); -+ if (symname == NULL || strcmp (symname, "sigusr2") != 0) -+ { -+ fprintf (stderr, -+ "case 1: expected symname 'sigusr2' got '%s'\n", symname); -+ abort (); -+ } - break; - case 2: // x86_64 only - /* __restore_rt - glibc maybe does not have to have this symbol. */ -@@ -120,11 +138,21 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc, - if (use_raise_jmp_patching) - { - /* Verify we trapped on the very first instruction of jmp. */ -- assert (symname != NULL && strcmp (symname, "jmp") == 0); -+ if (symname == NULL || strcmp (symname, "jmp") != 0) -+ { -+ fprintf (stderr, -+ "case 3: expected symname 'raise' got '%s'\n", symname); -+ abort (); -+ } - mod = dwfl_addrmodule (dwfl, pc - 1); - if (mod) - symname2 = dwfl_module_addrname (mod, pc - 1); -- assert (symname2 == NULL || strcmp (symname2, "jmp") != 0); -+ if (symname2 == NULL || strcmp (symname2, "jmp") != 0) -+ { -+ fprintf (stderr, -+ "case 3: expected symname2 'jmp' got '%s'\n", symname2); -+ abort (); -+ } - break; - } - FALLTHROUGH; -@@ -137,11 +165,22 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc, - duplicate_sigusr2 = true; - break; - } -- assert (symname != NULL && strcmp (symname, "stdarg") == 0); -+ if (symname == NULL || strcmp (symname, "stdarg") != 0) -+ { -+ fprintf (stderr, -+ "case 4: expected symname 'stdarg' got '%s'\n", symname); -+ abort (); -+ } - break; - case 5: - /* Verify we trapped on the very last instruction of child. */ -- assert (symname != NULL && strcmp (symname, "backtracegen") == 0); -+ if (symname == NULL || strcmp (symname, "backtracegen") != 0) -+ { -+ fprintf (stderr, -+ "case 5: expected symname 'backtracegen' got '%s'\n", -+ symname); -+ abort (); -+ } - mod = dwfl_addrmodule (dwfl, pc); - if (mod) - symname2 = dwfl_module_addrname (mod, pc); -@@ -151,7 +190,15 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc, - // instructions or even inserts some padding instructions at the end - // (which apparently happens on ppc64). - if (use_raise_jmp_patching) -- assert (symname2 == NULL || strcmp (symname2, "backtracegen") != 0); -+ { -+ if (symname2 != NULL && strcmp (symname2, "backtracegen") == 0) -+ { -+ fprintf (stderr, -+ "use_raise_jmp_patching didn't expect symname2 " -+ "'backtracegen'\n"); -+ abort (); -+ } -+ } - break; - } - } diff --git a/elfutils-0.186-fdo-swap.patch b/elfutils-0.186-fdo-swap.patch new file mode 100644 index 0000000..34b114f --- /dev/null +++ b/elfutils-0.186-fdo-swap.patch @@ -0,0 +1,35 @@ +diff --git a/libelf/gelf_getnote.c b/libelf/gelf_getnote.c +index 0f7b9d68..6ef970c5 100644 +--- a/libelf/gelf_getnote.c ++++ b/libelf/gelf_getnote.c +@@ -31,6 +31,7 @@ + #endif + + #include ++#include + #include + #include + +@@ -73,6 +74,22 @@ gelf_getnote (Elf_Data *data, size_t offset, GElf_Nhdr *result, + offset = 0; + else + { ++ /* Workaround FDO package notes on big-endian systems, ++ getting namesz and descsz wrong. Detect it by getting ++ a bad namesz, descsz and byte swapped n_type for ++ NT_FDO_PACKAGING_METADATA. */ ++ if (unlikely (n->n_type == bswap_32 (NT_FDO_PACKAGING_METADATA) ++ && n->n_namesz > data->d_size ++ && n->n_descsz > data->d_size)) ++ { ++ /* n might not be writable, use result and redirect n. */ ++ *result = *n; ++ result->n_type = bswap_32 (n->n_type); ++ result->n_namesz = bswap_32 (n->n_namesz); ++ result->n_descsz = bswap_32 (n->n_descsz); ++ n = result; ++ } ++ + /* This is slightly tricky, offset is guaranteed to be 4 + byte aligned, which is what we need for the name_offset. + And normally desc_offset is also 4 byte aligned, but not diff --git a/elfutils-0.194-alloc-jobs.patch b/elfutils-0.194-alloc-jobs.patch new file mode 100644 index 0000000..cabf590 --- /dev/null +++ b/elfutils-0.194-alloc-jobs.patch @@ -0,0 +1,135 @@ +From f66135f16fe44182a3fc5b651d7e5071c936217d Mon Sep 17 00:00:00 2001 +From: Aaron Merey +Date: Mon, 27 Oct 2025 22:00:12 -0400 +Subject: [PATCH] readelf: Allocate job_data one-by-one as needed + +Currently, job_data is stored in an array whose size is equal to the +number of debug sections (.debug_*, .eh_frame, .gdb_index, etc.). + +This size may be too small if a binary contains multiple debug sections +with the same name. For example an ET_REL binary compiled with -ggdb3 +can contain multiple .debug_macro sections. + +Fix this by allocating job_data on the fly when preparing to read a +debug section. This supports an arbitrary number of debug sections +while also avoiding unnecessary memory allocation. + +https://sourceware.org/bugzilla/show_bug.cgi?id=33580 + +Signed-off-by: Aaron Merey +--- + src/readelf.c | 49 +++++++++++++++++++++++++------------------------ + 1 file changed, 25 insertions(+), 24 deletions(-) + +diff --git a/src/readelf.c b/src/readelf.c +index ee6c203d..a2d17358 100644 +--- a/src/readelf.c ++++ b/src/readelf.c +@@ -12200,7 +12200,8 @@ getone_dwflmod (Dwfl_Module *dwflmod, + return DWARF_CB_OK; + } + +-typedef struct { ++typedef struct Job_Data { ++ struct Job_Data *next; + Dwfl_Module *dwflmod; + Ebl *ebl; + GElf_Ehdr *ehdr; +@@ -12230,7 +12231,7 @@ do_job (void *data, FILE *out) + If thread safety is not supported or the maximum number of threads is set + to 1, then immediately call START_ROUTINE with the given arguments. */ + static void +-schedule_job (job_data jdata[], size_t idx, ++schedule_job (job_data **jdatalist, + void (*start_routine) (Dwfl_Module *, Ebl *, GElf_Ehdr *, + Elf_Scn *, GElf_Shdr *, Dwarf *, FILE *), + Dwfl_Module *dwflmod, Ebl *ebl, GElf_Ehdr *ehdr, Elf_Scn *scn, +@@ -12239,21 +12240,24 @@ schedule_job (job_data jdata[], size_t idx, + #ifdef USE_LOCKS + if (max_threads > 1) + { +- /* Add to the job queue. */ +- jdata[idx].dwflmod = dwflmod; +- jdata[idx].ebl = ebl; +- jdata[idx].ehdr = ehdr; +- jdata[idx].scn = *scn; +- jdata[idx].shdr = *shdr; +- jdata[idx].dbg = dbg; +- jdata[idx].fp = start_routine; ++ job_data *jdata = xmalloc (sizeof (job_data)); ++ ++ jdata->dwflmod = dwflmod; ++ jdata->ebl = ebl; ++ jdata->ehdr = ehdr; ++ jdata->scn = *scn; ++ jdata->shdr = *shdr; ++ jdata->dbg = dbg; ++ jdata->fp = start_routine; ++ jdata->next = *jdatalist; ++ *jdatalist = jdata; + +- add_job (do_job, (void *) &jdata[idx]); ++ add_job (do_job, (void *) jdata); + } + else + start_routine (dwflmod, ebl, ehdr, scn, shdr, dbg, stdout); + #else +- (void) jdata; (void) idx; ++ (void) jdatalist; + + start_routine (dwflmod, ebl, ehdr, scn, shdr, dbg, stdout); + #endif +@@ -12431,8 +12435,7 @@ print_debug (Dwfl_Module *dwflmod, Ebl *ebl, GElf_Ehdr *ehdr) + if (unlikely (elf_getshdrstrndx (ebl->elf, &shstrndx) < 0)) + error_exit (0, _("cannot get section header string table index")); + +- ssize_t num_jobs = 0; +- job_data *jdata = NULL; ++ job_data *jdatalist = NULL; + + /* If the .debug_info section is listed as implicitly required then + we must make sure to handle it before handling any other debug +@@ -12531,13 +12534,6 @@ print_debug (Dwfl_Module *dwflmod, Ebl *ebl, GElf_Ehdr *ehdr) + if (name == NULL) + continue; + +- if (jdata == NULL) +- { +- jdata = calloc (ndebug_sections, sizeof (*jdata)); +- if (jdata == NULL) +- error_exit (0, _("failed to allocate job data")); +- } +- + int n; + for (n = 0; n < ndebug_sections; ++n) + { +@@ -12561,10 +12557,9 @@ print_debug (Dwfl_Module *dwflmod, Ebl *ebl, GElf_Ehdr *ehdr) + { + if (((print_debug_sections | implicit_debug_sections) + & debug_sections[n].bitmask)) +- schedule_job (jdata, num_jobs++, debug_sections[n].fp, ++ schedule_job (&jdatalist, debug_sections[n].fp, + dwflmod, ebl, ehdr, scn, shdr, dbg); + +- assert (num_jobs <= ndebug_sections); + break; + } + } +@@ -12579,7 +12574,13 @@ print_debug (Dwfl_Module *dwflmod, Ebl *ebl, GElf_Ehdr *ehdr) + + dwfl_end (skel_dwfl); + free (skel_name); +- free (jdata); ++ ++ while (jdatalist != NULL) ++ { ++ job_data *jdata = jdatalist; ++ jdatalist = jdatalist->next; ++ free (jdata); ++ } + + /* Turn implicit and/or explicit back on in case we go over another file. */ + if (implicit_info) +-- +2.51.0 + diff --git a/elfutils-0.194-fix-const.patch b/elfutils-0.194-fix-const.patch new file mode 100644 index 0000000..085f899 --- /dev/null +++ b/elfutils-0.194-fix-const.patch @@ -0,0 +1,301 @@ +From 4a5cf8be906d5991e7527e69e3f2ceaa74811301 Mon Sep 17 00:00:00 2001 +From: Andreas Schwab +Date: Mon, 24 Nov 2025 13:46:16 +0100 +Subject: [PATCH] Fix const-correctness issues + +These were uncovered by the C23 const-preserving library macros. +--- + debuginfod/debuginfod-client.c | 2 +- + libcpu/riscv_disasm.c | 52 +++++++++++++++++----------------- + libdw/dwarf_getsrclines.c | 6 ++-- + src/readelf.c | 8 +++--- + 4 files changed, 34 insertions(+), 34 deletions(-) + +diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c +index c0ff5967..c5bc8a4f 100644 +--- a/debuginfod/debuginfod-client.c ++++ b/debuginfod/debuginfod-client.c +@@ -3104,7 +3104,7 @@ int debuginfod_add_http_header (debuginfod_client *client, const char* header) + /* Sanity check header value is of the form Header: Value. + It should contain at least one colon that isn't the first or + last character. */ +- char *colon = strchr (header, ':'); /* first colon */ ++ const char *colon = strchr (header, ':'); /* first colon */ + if (colon == NULL /* present */ + || colon == header /* not at beginning - i.e., have a header name */ + || *(colon + 1) == '\0') /* not at end - i.e., have a value */ +diff --git a/libcpu/riscv_disasm.c b/libcpu/riscv_disasm.c +index 0dee842a..749d4567 100644 +--- a/libcpu/riscv_disasm.c ++++ b/libcpu/riscv_disasm.c +@@ -77,7 +77,7 @@ static const char *regnames[32] = + "a6", "a7", "s2", "s3", "s4", "s5", "s6", "s7", + "s8", "s9", "s10", "s11", "t3", "t4", "t5", "t6" + }; +-#define REG(nr) ((char *) regnames[nr]) ++#define REG(nr) regnames[nr] + #define REGP(nr) REG (8 + (nr)) + + +@@ -88,7 +88,7 @@ static const char *fregnames[32] = + "fa6", "fa7", "fs2", "fs3", "fs4", "fs5", "fs6", "fs7", + "fs8", "fs9", "fs10", "fs11", "ft8", "ft9", "ft10", "ft11" + }; +-#define FREG(nr) ((char *) fregnames[nr]) ++#define FREG(nr) fregnames[nr] + #define FREGP(nr) FREG (8 + (nr)) + + +@@ -163,12 +163,12 @@ riscv_disasm (Ebl *ebl, + break; + } + +- char *mne = NULL; ++ const char *mne = NULL; + /* Max length is 24, which is "illegal", so we print it as + "0x<48 hex chars>" + See: No instruction encodings defined for these sizes yet, below */ + char mnebuf[50]; +- char *op[5] = { NULL, NULL, NULL, NULL, NULL }; ++ const char *op[5] = { NULL, NULL, NULL, NULL, NULL }; + char immbuf[32]; + size_t len; + char *strp = NULL; +@@ -400,7 +400,7 @@ riscv_disasm (Ebl *ebl, + { + "sub", "xor", "or", "and", "subw", "addw", NULL, NULL + }; +- mne = (char *) arithmne[((first >> 10) & 0x4) | ((first >> 5) & 0x3)]; ++ mne = arithmne[((first >> 10) & 0x4) | ((first >> 5) & 0x3)]; + } + op[0] = op[1] = REGP ((first >> 7) & 0x7); + break; +@@ -572,7 +572,7 @@ riscv_disasm (Ebl *ebl, + { + NULL, NULL, "flw", "fld", "flq", NULL, NULL, NULL + }; +- mne = (char *) (idx == 0x00 ? loadmne[func] : floadmne[func]); ++ mne = idx == 0x00 ? loadmne[func] : floadmne[func]; + break; + case 0x03: + // MISC-MEM +@@ -595,8 +595,8 @@ riscv_disasm (Ebl *ebl, + uint32_t succ = (word >> 24) & 0xf; + if (pred != 0xf || succ != 0xf) + { +- op[0] = (char *) order[succ]; +- op[1] = (char *) order[pred]; ++ op[0] = order[succ]; ++ op[1] = order[pred]; + } + mne = "fence"; + } +@@ -614,7 +614,7 @@ riscv_disasm (Ebl *ebl, + "addi", NULL, "slti", "sltiu", "xori", NULL, "ori", "andi" + }; + func = (word >> 12) & 0x7; +- mne = (char *) opimmmne[func]; ++ mne = opimmmne[func]; + if (mne == NULL) + { + const uint64_t shiftmask = ebl->class == ELFCLASS32 ? 0x1f : 0x3f; +@@ -697,7 +697,7 @@ riscv_disasm (Ebl *ebl, + { + NULL, NULL, "fsw", "fsd", "fsq", NULL, NULL, NULL + }; +- mne = (char *) (idx == 0x08 ? storemne[func] : fstoremne[func]); ++ mne = idx == 0x08 ? storemne[func] : fstoremne[func]; + break; + case 0x0b: + // AMO +@@ -778,7 +778,7 @@ riscv_disasm (Ebl *ebl, + } + else + { +- mne = (char *) (idx == 0x0c ? arithmne2[func] : arithmne3[func]); ++ mne = idx == 0x0c ? arithmne2[func] : arithmne3[func]; + op[1] = REG (rs1); + op[2] = REG (rs2); + } +@@ -811,7 +811,7 @@ riscv_disasm (Ebl *ebl, + op[2] = FREG (rs2); + op[3] = FREG (rs3); + if (rm != 0x7) +- op[4] = (char *) rndmode[rm]; ++ op[4] = rndmode[rm]; + } + break; + case 0x14: +@@ -839,7 +839,7 @@ riscv_disasm (Ebl *ebl, + op[1] = FREG (rs1); + op[2] = FREG (rs2); + if (rm != 0x7) +- op[3] = (char *) rndmode[rm]; ++ op[3] = rndmode[rm]; + } + else if (func == 0x1c && width != 2 && rs2 == 0 && rm <= 1) + { +@@ -950,7 +950,7 @@ riscv_disasm (Ebl *ebl, + } + mne = mnebuf; + if (rm != 0x7 && (func == 0x18 || width == 0 || rs2 >= 2)) +- op[2] = (char *) rndmode[rm]; ++ op[2] = rndmode[rm]; + } + else if (func == 0x0b && rs2 == 0) + { +@@ -961,7 +961,7 @@ riscv_disasm (Ebl *ebl, + *cp = '\0'; + mne = mnebuf; + if (rm != 0x7) +- op[2] = (char *) rndmode[rm]; ++ op[2] = rndmode[rm]; + } + else if (func == 0x05 && rm < 2) + { +@@ -1007,7 +1007,7 @@ riscv_disasm (Ebl *ebl, + "beq", "bne", NULL, NULL, "blt", "bge", "bltu", "bgeu" + }; + func = (word >> 12) & 0x7; +- mne = (char *) branchmne[func]; ++ mne = branchmne[func]; + if (rs1 == 0 && func == 5) + { + op[0] = op[1]; +@@ -1035,7 +1035,7 @@ riscv_disasm (Ebl *ebl, + else if (func == 5 || func == 7) + { + // binutils use these opcodes and the reverse parameter order +- char *tmp = op[0]; ++ const char *tmp = op[0]; + op[0] = op[1]; + op[1] = tmp; + mne = func == 5 ? "ble" : "bleu"; +@@ -1103,7 +1103,7 @@ riscv_disasm (Ebl *ebl, + { + NULL, "frflags", "frrm", "frsr", + }; +- mne = (char *) unprivrw[csr - 0x000]; ++ mne = unprivrw[csr - 0x000]; + } + else if (csr >= 0xc00 && csr <= 0xc03) + { +@@ -1111,7 +1111,7 @@ riscv_disasm (Ebl *ebl, + { + "rdcycle", "rdtime", "rdinstret" + }; +- mne = (char *) unprivrolow[csr - 0xc00]; ++ mne = unprivrolow[csr - 0xc00]; + } + op[0] = REG ((word >> 7) & 0x1f); + } +@@ -1128,7 +1128,7 @@ riscv_disasm (Ebl *ebl, + { + NULL, "fsflagsi", "fsrmi", NULL + }; +- mne = (char *) ((word & 0x4000) == 0 ? unprivrs : unprivrsi)[csr - 0x000]; ++ mne = ((word & 0x4000) == 0 ? unprivrs : unprivrsi)[csr - 0x000]; + + if ((word & 0x4000) == 0) + op[0] = REG ((word >> 15) & 0x1f); +@@ -1259,12 +1259,12 @@ riscv_disasm (Ebl *ebl, + if (rd != 0) + op[last++] = REG (rd); + struct known_csrs key = { csr, NULL }; +- struct known_csrs *found = bsearch (&key, known, +- sizeof (known) / sizeof (known[0]), +- sizeof (known[0]), +- compare_csr); ++ const struct known_csrs *found = bsearch (&key, known, ++ sizeof (known) / sizeof (known[0]), ++ sizeof (known[0]), ++ compare_csr); + if (found) +- op[last] = (char *) found->name; ++ op[last] = found->name; + else + { + snprintf (addrbuf, sizeof (addrbuf), "0x%" PRIx32, csr); +@@ -1289,7 +1289,7 @@ riscv_disasm (Ebl *ebl, + else if (instr == 3 && rd == 0) + mne = "csrc"; + else +- mne = (char *) mnecsr[instr]; ++ mne = mnecsr[instr]; + } + break; + default: +diff --git a/libdw/dwarf_getsrclines.c b/libdw/dwarf_getsrclines.c +index be10cdee..76db2929 100644 +--- a/libdw/dwarf_getsrclines.c ++++ b/libdw/dwarf_getsrclines.c +@@ -364,7 +364,7 @@ read_srcfiles (Dwarf *dbg, + const unsigned char *dirp = linep; + while (dirp < lineendp && *dirp != 0) + { +- uint8_t *endp = memchr (dirp, '\0', lineendp - dirp); ++ const uint8_t *endp = memchr (dirp, '\0', lineendp - dirp); + if (endp == NULL) + goto invalid_data; + ++ndirs; +@@ -440,7 +440,7 @@ read_srcfiles (Dwarf *dbg, + for (unsigned int n = 1; n < ndirlist; n++) + { + dirarray[n].dir = (char *) linep; +- uint8_t *endp = memchr (linep, '\0', lineendp - linep); ++ const uint8_t *endp = memchr (linep, '\0', lineendp - linep); + assert (endp != NULL); // Checked above when calculating ndirlist. + dirarray[n].len = endp - linep; + linep = endp + 1; +@@ -927,7 +927,7 @@ read_srclines (Dwarf *dbg, + case DW_LNE_define_file: + { + char *fname = (char *) linep; +- uint8_t *endp = memchr (linep, '\0', lineendp - linep); ++ const uint8_t *endp = memchr (linep, '\0', lineendp - linep); + if (endp == NULL) + goto invalid_data; + size_t fnamelen = endp - linep; +diff --git a/src/readelf.c b/src/readelf.c +index a2d17358..fbdf8c71 100644 +--- a/src/readelf.c ++++ b/src/readelf.c +@@ -8269,7 +8269,7 @@ attr_callback (Dwarf_Attribute *attrp, void *arg) + valuestr = dwarf_filesrc (files, num, NULL, NULL); + if (valuestr != NULL) + { +- char *filename = strrchr (valuestr, '/'); ++ const char *filename = strrchr (valuestr, '/'); + if (filename != NULL) + valuestr = filename + 1; + } +@@ -9033,7 +9033,7 @@ print_form_data (Dwarf *dbg, int form, const unsigned char *readp, + Dwarf_Off str_offsets_base, FILE *out) + { + Dwarf_Word val; +- unsigned char *endp; ++ const unsigned char *endp; + Elf_Data *data; + char *str; + switch (form) +@@ -9530,7 +9530,7 @@ print_debug_line_section (Dwfl_Module *dwflmod, Ebl *ebl, GElf_Ehdr *ehdr, + { + while (linep < lineendp && *linep != 0) + { +- unsigned char *endp = memchr (linep, '\0', lineendp - linep); ++ const unsigned char *endp = memchr (linep, '\0', lineendp - linep); + if (unlikely (endp == NULL)) + goto invalid_unit; + +@@ -9764,7 +9764,7 @@ print_debug_line_section (Dwfl_Module *dwflmod, Ebl *ebl, GElf_Ehdr *ehdr, + case DW_LNE_define_file: + { + char *fname = (char *) linep; +- unsigned char *endp = memchr (linep, '\0', ++ const unsigned char *endp = memchr (linep, '\0', + lineendp - linep); + if (unlikely (endp == NULL)) + goto invalid_unit; +-- +2.52.0 + diff --git a/elfutils-debuginfod.sysusers b/elfutils-debuginfod.sysusers new file mode 100644 index 0000000..18c2561 --- /dev/null +++ b/elfutils-debuginfod.sysusers @@ -0,0 +1 @@ +u debuginfod - "elfutils debuginfo server" /var/cache/debuginfod - diff --git a/elfutils.spec b/elfutils.spec index 1d23d8e..803a824 100644 --- a/elfutils.spec +++ b/elfutils.spec @@ -1,23 +1,31 @@ +# Rebuild --with static to enable static subpackages +# This is *not* supported by elfutils maintainers +%bcond_with static + Name: elfutils -Version: 0.185 -%global baserelease 5 +Version: 0.194 +%global baserelease 2 Release: %{baserelease}%{?dist} URL: http://elfutils.org/ %global source_url ftp://sourceware.org/pub/elfutils/%{version}/ -License: GPLv3+ and (GPLv2+ or LGPLv3+) and GFDL +License: GPL-3.0-or-later AND (GPL-2.0-or-later OR LGPL-3.0-or-later) AND GFDL-1.3-no-invariants-or-later Source: %{?source_url}%{name}-%{version}.tar.bz2 +Source1: elfutils-debuginfod.sysusers Summary: A collection of utilities and DSOs to handle ELF files and DWARF data # Needed for isa specific Provides and Requires. %global depsuffix %{?_isa}%{!?_isa:-%{_arch}} +# eu-stacktrace currently only supports x86_64 +%ifarch x86_64 +%global enable_stacktrace 1 +%else +%global enable_stacktrace 0 +%endif + Requires: elfutils-libelf%{depsuffix} = %{version}-%{release} Requires: elfutils-libs%{depsuffix} = %{version}-%{release} -%if 0%{?rhel} >= 8 || 0%{?fedora} >= 20 -Recommends: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release} -%else Requires: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release} -%endif BuildRequires: gcc # For libstdc++ demangle support @@ -38,15 +46,32 @@ BuildRequires: pkgconfig(libmicrohttpd) >= 0.9.33 BuildRequires: pkgconfig(libcurl) >= 7.29.0 BuildRequires: pkgconfig(sqlite3) >= 3.7.17 BuildRequires: pkgconfig(libarchive) >= 3.1.2 +# For debugindod metadata query +BuildRequires: pkgconfig(json-c) >= 0.11 # For tests need to bunzip2 test files. BuildRequires: bzip2 BuildRequires: zstd -# For the run-debuginfod-find.sh test case in %%check for /usr/sbin/ss +# For the run-debuginfod-find.sh test case in %%check for /usr/sbin/ss etc. BuildRequires: iproute +BuildRequires: procps BuildRequires: bsdtar BuildRequires: curl -BuildRequires: procps +# For run-debuginfod-response-headers.sh test case +BuildRequires: socat +# For run-debuginfod-find-metadata.sh +BuildRequires: jq + +# For debuginfod rpm IMA verification +BuildRequires: rpm-devel +BuildRequires: ima-evm-utils-devel +BuildRequires: openssl-devel +BuildRequires: rpm-sign + +# For eu-stacktrace +%if %{enable_stacktrace} +BuildRequires: sysprof-capture-devel +%endif BuildRequires: automake BuildRequires: autoconf @@ -55,14 +80,28 @@ BuildRequires: gettext-devel %global _gnu %{nil} %global _program_prefix eu- -%global provide_yama_scope 0 +%global provide_yama_scope 0 %if 0%{?fedora} >= 22 || 0%{?rhel} >= 7 -%global provide_yama_scope 1 +%global provide_yama_scope 1 +%endif + +%global with_sysusers 0 + +%if 0%{?fedora} >= 32 || 0%{?rhel} >= 9 +%global with_sysusers 1 %endif # Patches -Patch1: elfutils-0.185-raise-pthread_kill-backtrace.patch + +# For s390x... FDO package notes are bogus. +Patch1: elfutils-0.186-fdo-swap.patch + +# Prevent assert failure in readelf for some -ggdb3 binaries. +Patch2: elfutils-0.194-alloc-jobs.patch + +# Fix const warning from newer GCC. +Patch3: elfutils-0.194-fix-const.patch %description Elfutils is a collection of utilities, including stack (to show @@ -74,7 +113,7 @@ elfcompress (to compress or decompress ELF sections). %package libs Summary: Libraries to handle compiled objects -License: GPLv2+ or LGPLv3+ +License: GPL-2.0-or-later OR LGPL-3.0-or-later %if 0%{!?_isa:1} Provides: elfutils-libs%{depsuffix} = %{version}-%{release} %endif @@ -97,7 +136,7 @@ libraries. %package devel Summary: Development libraries to handle compiled objects -License: GPLv2+ or LGPLv3+ +License: GPL-2.0-or-later OR LGPL-3.0-or-later %if 0%{!?_isa:1} Provides: elfutils-devel%{depsuffix} = %{version}-%{release} %endif @@ -108,7 +147,6 @@ Recommends: elfutils-debuginfod-client-devel%{depsuffix} = %{version}-%{release} %else Requires: elfutils-debuginfod-client-devel%{depsuffix} = %{version}-%{release} %endif -Obsoletes: elfutils-devel-static < 0.180-5 %description devel The elfutils-devel package contains the libraries to create @@ -116,9 +154,24 @@ applications for handling compiled objects. libdw provides access to the DWARF debugging information. libasm provides a programmable assembler interface. +%if %{with static} +%package devel-static +Summary: Static archives to handle compiled objects +License: GPL-2.0-or-later OR LGPL-3.0-or-later +%if 0%{!?_isa:1} +Provides: elfutils-devel-static%{depsuffix} = %{version}-%{release} +%endif +Requires: elfutils-devel%{depsuffix} = %{version}-%{release} +Requires: elfutils-libelf-devel-static%{depsuffix} = %{version}-%{release} + +%description devel-static +The elfutils-devel-static package contains the static archives +with the code to handle compiled objects. +%endif + %package libelf Summary: Library to read and write ELF files -License: GPLv2+ or LGPLv3+ +License: GPL-2.0-or-later OR LGPL-3.0-or-later %if 0%{!?_isa:1} Provides: elfutils-libelf%{depsuffix} = %{version}-%{release} %endif @@ -132,13 +185,12 @@ elfutils package use it also to generate new ELF files. %package libelf-devel Summary: Development support for libelf -License: GPLv2+ or LGPLv3+ +License: GPL-2.0-or-later OR LGPL-3.0-or-later %if 0%{!?_isa:1} Provides: elfutils-libelf-devel%{depsuffix} = %{version}-%{release} %endif Requires: elfutils-libelf%{depsuffix} = %{version}-%{release} Obsoletes: libelf-devel <= 0.8.2-2 -Obsoletes: elfutils-libelf-devel-static < 0.180-5 %description libelf-devel The elfutils-libelf-devel package contains the libraries to create @@ -146,10 +198,25 @@ applications for handling compiled objects. libelf allows you to access the internals of the ELF object file format, so you can see the different sections of an ELF file. +%if %{with static} +%package libelf-devel-static +Summary: Static archive of libelf +License: GPL-2.0-or-later OR LGPL-3.0-or-later +%if 0%{!?_isa:1} +Provides: elfutils-libelf-devel-static%{depsuffix} = %{version}-%{release} +%endif +Requires: elfutils-libelf-devel%{depsuffix} = %{version}-%{release} +Requires: libzstd-static%{depsuffix} + +%description libelf-devel-static +The elfutils-libelf-static package contains the static archive +for libelf. +%endif + %if %{provide_yama_scope} %package default-yama-scope Summary: Default yama attach scope sysctl setting -License: GPLv2+ or LGPLv3+ +License: GPL-2.0-or-later OR LGPL-3.0-or-later Provides: default-yama-scope BuildArch: noarch # For the sysctl_apply macro we need systemd as build requires. @@ -183,14 +250,17 @@ profiling) of processes. %package debuginfod-client Summary: Library and command line client for build-id HTTP ELF/DWARF server -License: GPLv3+ and (GPLv2+ or LGPLv3+) +License: GPL-3.0-or-later AND (GPL-2.0-or-later OR LGPL-3.0-or-later) %if 0%{!?_isa:1} Provides: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release} %endif +# For debuginfod-find binary +Requires: elfutils-libs%{depsuffix} = %{version}-%{release} +Requires: elfutils-libelf%{depsuffix} = %{version}-%{release} %package debuginfod-client-devel Summary: Libraries and headers to build debuginfod client applications -License: GPLv2+ or LGPLv3+ +License: GPL-2.0-or-later OR LGPL-3.0-or-later %if 0%{!?_isa:1} Provides: elfutils-debuginfod-client-devel%{depsuffix} = %{version}-%{release} %endif @@ -198,16 +268,23 @@ Requires: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release} %package debuginfod Summary: HTTP ELF/DWARF file server addressed by build-id -License: GPLv3+ +License: GPL-3.0-or-later Requires: elfutils-libs%{depsuffix} = %{version}-%{release} Requires: elfutils-libelf%{depsuffix} = %{version}-%{release} Requires: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release} BuildRequires: systemd +%if %{with_sysusers} +BuildRequires: systemd-rpm-macros +%endif BuildRequires: make Requires(post): systemd Requires(preun): systemd Requires(postun): systemd +%if %{with_sysusers} +%{?sysusers_requires_compat} +%else Requires(pre): shadow-utils +%endif # To extract .deb files with a bsdtar (= libarchive) subshell Requires: bsdtar @@ -238,14 +315,6 @@ autoreconf -f -v -i find . -name \*.sh ! -perm -0100 -print | xargs chmod +x %build -# This package uses top level ASM constructs which are incompatible with LTO. -# Top level ASMs are often used to implement symbol versioning. gcc-10 -# introduces a new mechanism for symbol versioning which works with LTO. -# Converting packages to use that mechanism instead of toplevel ASMs is -# recommended. -# Disable LTO -%define _lto_cflags %{nil} - # Remove -Wall from default flags. The makefiles enable enough warnings # themselves, and they use -Werror. Appending -Wall defeats the cases where # the makefiles disable some specific warnings for specific code. @@ -256,7 +325,19 @@ RPM_OPT_FLAGS="${RPM_OPT_FLAGS} -Wformat" trap 'cat config.log' EXIT -%configure CFLAGS="$RPM_OPT_FLAGS" --enable-debuginfod-urls=https://debuginfod.fedoraproject.org/ +# dist_debuginfod_url is defined in macros.dist. Fedora and CentOS have +# URLs pointing to their respective servers. RHEL and Amazon Linux do +# not configure a default server. +%configure CFLAGS="$RPM_OPT_FLAGS" \ +%if "%{?dist_debuginfod_url}" + --enable-debuginfod \ + --enable-debuginfod-urls="%{dist_debuginfod_url}" \ +%endif +%if %{enable_stacktrace} + --enable-stacktrace \ +%endif + --enable-debuginfod-ima-verification \ + --enable-debuginfod-ima-cert-path=%{_sysconfdir}/keys/ima trap '' EXIT %make_build @@ -264,8 +345,10 @@ trap '' EXIT %make_install chmod +x ${RPM_BUILD_ROOT}%{_prefix}/%{_lib}/lib*.so* +%if %{without static} # We don't want the static libraries rm ${RPM_BUILD_ROOT}%{_prefix}/%{_lib}/lib{elf,dw,asm}.a +%endif %find_lang %{name} @@ -278,14 +361,15 @@ install -Dm0644 config/debuginfod.sysconfig ${RPM_BUILD_ROOT}%{_sysconfdir}/sysc mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/cache/debuginfod touch ${RPM_BUILD_ROOT}%{_localstatedir}/cache/debuginfod/debuginfod.sqlite +%if %{with_sysusers} +install -Dm0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/elfutils-debuginfod.conf +%endif + %check # Record some build root versions in build.log uname -r; rpm -q binutils gcc glibc || true -# FIXME for 0.186 -# run-debuginfod-find.sh is a bad test -# %%make_build check || (cat tests/test-suite.log; false) -%make_build check || (cat tests/test-suite.log; true) +%make_build check || (cat tests/test-suite.log; false) # Only the latest Fedora and EPEL have these scriptlets, # older Fedora and plain RHEL don't. @@ -327,7 +411,11 @@ fi %{_bindir}/eu-ranlib %{_bindir}/eu-readelf %{_bindir}/eu-size +%{_bindir}/eu-srcfiles %{_bindir}/eu-stack +%if %{enable_stacktrace} +%{_bindir}/eu-stacktrace +%endif %{_bindir}/eu-strings %{_bindir}/eu-strip %{_bindir}/eu-unstrip @@ -350,10 +438,17 @@ fi %{_includedir}/elfutils/libdwfl.h %{_includedir}/elfutils/libdwelf.h %{_includedir}/elfutils/version.h +%{_includedir}/elfutils/libdwfl_stacktrace.h %{_libdir}/libasm.so %{_libdir}/libdw.so %{_libdir}/pkgconfig/libdw.pc +%if %{with static} +%files devel-static +%{_libdir}/libdw.a +%{_libdir}/libasm.a +%endif + %files -f %{name}.lang libelf %license COPYING-GPLV2 COPYING-LGPLV3 %{_libdir}/libelf-%{version}.so @@ -366,6 +461,15 @@ fi %{_libdir}/libelf.so %{_libdir}/pkgconfig/libelf.pc %{_mandir}/man3/elf_*.3* +%{_mandir}/man3/elf32_*.3* +%{_mandir}/man3/elf64_*.3* +%{_mandir}/man3/gelf_*.3* +%{_mandir}/man3/libelf.3* + +%if %{with static} +%files libelf-devel-static +%{_libdir}/libelf.a +%endif %if %{provide_yama_scope} %files default-yama-scope @@ -377,7 +481,12 @@ fi %{_libdir}/libdebuginfod.so.* %{_bindir}/debuginfod-find %{_mandir}/man1/debuginfod-find.1* +%{_mandir}/man7/debuginfod*.7* %config(noreplace) %{_sysconfdir}/profile.d/* +%if "%{?dist_debuginfod_url}" +%config(noreplace) %{_sysconfdir}/debuginfod/* +%config(noreplace) %{_datadir}/fish/vendor_conf.d/* +%endif %files debuginfod-client-devel %{_libdir}/pkgconfig/libdebuginfod.pc @@ -389,18 +498,25 @@ fi %{_bindir}/debuginfod %config(noreplace) %{_sysconfdir}/sysconfig/debuginfod %{_unitdir}/debuginfod.service -%{_sysconfdir}/sysconfig/debuginfod -%{_mandir}/man8/debuginfod.8* +%if %{with_sysusers} +%{_sysusersdir}/elfutils-debuginfod.conf +%endif +%{_mandir}/man8/debuginfod*.8* + %dir %attr(0700,debuginfod,debuginfod) %{_localstatedir}/cache/debuginfod %ghost %attr(0600,debuginfod,debuginfod) %{_localstatedir}/cache/debuginfod/debuginfod.sqlite %pre debuginfod +%if %{with_sysusers} +%sysusers_create_compat %{SOURCE1} +%else getent group debuginfod >/dev/null || groupadd -r debuginfod getent passwd debuginfod >/dev/null || \ useradd -r -g debuginfod -d /var/cache/debuginfod -s /sbin/nologin \ -c "elfutils debuginfo server" debuginfod exit 0 +%endif %post debuginfod %systemd_post debuginfod.service @@ -409,6 +525,240 @@ exit 0 %systemd_postun_with_restart debuginfod.service %changelog +* Tue Dec 09 2025 Aaron Merey - 0.194-2 +- Add elfutils-0.194-fix-const.patch + +* Tue Oct 28 2025 Aaron Merey - 0.194-1 +- Upgrade to upstream elfutils 0.194 +- Add elfutils-0.194-alloc-jobs.patch + +* Wed Jul 23 2025 Fedora Release Engineering - 0.193-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + +* Mon Apr 28 2025 Aaron Merey - 0.193-1 +- Upgrade to upstream elfutils 0.193 +- Drop upstreamed patches + elfutils-0.192-ATOMIC_VAR_INIT.patch + elfutils-0.192-libelf-static.patch + elfutils-0.192-fix-configure-conditional.patch + elfutils-0.192-more-dwarf5-lang.patch + elfutils-0.192-fix-zsh-profile.patch + elfutils-0.192-stacktrace-lto.patch + elfutils-0.192-imasig-fail-free.patch + elfutils-0.192-strip-ignore-non-ET_REL.patch + +* Sun Feb 23 2025 Mark Wielaard - 0.192-9 +- Add elfutils-0.192-imasig-fail-free.patch + +* Thu Jan 16 2025 Fedora Release Engineering - 0.192-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Mon Dec 2 2024 Mark Wielaard - 0.192-7 +- Add elfutils-0.192-ATOMIC_VAR_INIT.patch +- Add elfutils-0.192-more-dwarf5-lang.patch + +* Tue Nov 12 2024 Aaron Merey - 0.192-6 +- Add elfutils-0.192-strip-ignore-non-ET_REL.patch +- Set debuginfod IMA cert path + +* Tue Oct 29 2024 Aaron Merey - 0.192-5 +- Enable debuginfod IMA verification +- Add elfutils-0.192-fix-configure-conditional.patch +- Add elfutils-0.192-fix-zsh-profile.patch + +* Thu Oct 24 2024 Mark Wielaard - 0.192-4 +- Add elfutils-0.192-stacktrace-lto.patch +- Enable eu-stacktrace on x86_64 + +* Tue Oct 22 2024 Aaron Merey - 0.192-3 +- Add elfutils-0.192-libelf-static.patch + +* Mon Oct 21 2024 Aaron Merey - 0.192-2 +- Add BuildRequires for json-c + +* Mon Oct 21 2024 Aaron Merey - 0.192-1 +- Upgrade to upstream elfutils 0.192 +- Drop upstreamed patches + Add elfutils-0.190-profile-empty-urls.patch + Add elfutils-0.190-riscv-flatten.patch + +* Wed Jul 17 2024 Fedora Release Engineering - 0.191-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Mon Apr 22 2024 Aaron Merey - 0.191-7 +- Capitalize SPDX booleans. + +* Fri Apr 19 2024 Mark Wielaard - 0.191-6 +- eu-srcfiles directly links to libdebuginfod.so so explicitly + Require elfutils-debuginfod-client not just Recommends. + +* Wed Mar 27 2024 Mark Wielaard - 0.191-5 +- Add elfutils-0.190-profile-empty-urls.patch + +* Wed Mar 20 2024 Mark Wielaard - 0.191-4 +- Add elfutils-0.190-riscv-flatten.patch + +* Fri Mar 15 2024 Michel Lind - 0.191-3 +- Add feature flag for reenabling elfutils-libelf-devel-static and elfutils-devel-static +- Add dependency on libzstd-static for elfutils-libelf-devel-static + +* Mon Mar 4 2024 Aaron Merey - 0.191-2 +- Update SPDX license. + +* Mon Mar 4 2024 Aaron Merey - 0.191-1 +- Upgrade to upstream elfutils 0.191 +- Drop upstreamed patches + elfutils-0.190-fix-core-noncontig.patch + elfutils-0.190-gcc-14.patch + elfutils-0.190-remove-ET_REL-unstrip-test.patch +- Drop testcore-noncontig.bz2 + +* Wed Jan 24 2024 Fedora Release Engineering - 0.190-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jan 19 2024 Fedora Release Engineering - 0.190-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Tue Nov 28 2023 Aaron Merey - 0.190-4 +- Add elfutils-0.190-remove-ET_REL-unstrip-test.patch + +* Fri Nov 24 2023 Aaron Merey - 0.190-3 +- Add elfutils-0.190-fix-core-noncontig.patch + +* Fri Nov 3 2023 Mark Wielaard - 0.190-2 +- Update Fedora license tags to spdx license tags + +* Fri Nov 3 2023 Mark Wielaard - 0.190-1 +- Upgrade to upstream elfutils 0.190 +- Add eu-srcfiles +- Drop upstreamed patches + elfutils-0.189-relr.patch + elfutils-0.189-debuginfod_config_cache-double-close.patch + elfutils-0.189-elf_getdata_rawchunk.patch + elfutils-0.189-elfcompress.patch + elfutils-0.189-c99-compat.patch +- Only package debuginfod-client-config.7 manpage for debuginfod-client + +* Thu Aug 24 2023 Mark Wielaard - 0.189-6 +- Update elfutils-0.189-relr.patch + +* Wed Aug 23 2023 Mark Wielaard - 0.189-5 +- Add elfutils-0.189-relr.patch + +* Wed Jul 19 2023 Fedora Release Engineering - 0.189-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Thu Jun 22 2023 Mark Wielaard - 0.189-3 +- Add elfutils-0.189-elf_getdata_rawchunk.patch +- Add elfutils-0.189-debuginfod_config_cache-double-close.patch + +* Sat Apr 22 2023 Mark Wielaard - 0.189-2 +- Add elfutils-0.189-c99-compat.patch +- Add elfutils-0.189-elfcompress.patch + +* Fri Mar 3 2023 Mark Wielaard - 0.189-1 +- Upgrade to upsteam elfutils 0.189. + +* Fri Jan 27 2023 Mark Wielaard - 0.188-5 +- Add elfutils-0.188-deprecated-CURLINFO.patch, + elfutils-0.188-CURL_AT_LEAST_VERSION.patch and + elfutils-0.188-CURLOPT_PROTOCOLS_STR.patch + +* Thu Jan 19 2023 Fedora Release Engineering - 0.188-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Mon Nov 7 2022 Mark Wielaard - 0.188-3 +- Add elfutils-0.188-compile-warnings.patch +- Add elfutils-0.188-debuginfod-client-lifetime.patch + +* Wed Nov 2 2022 Mark Wielaard - 0.188-2 +- Add elfutils-0.188-static-extract_section.patch. + +* Wed Nov 2 2022 Mark Wielaard - 0.188-1 +- Upgrade to upsteam elfutils 0.188. + +* Wed Oct 5 2022 Amit Shah - 0.187-9 +- Auto-configure debuginfod_url based on macros.dist + +* Wed Aug 24 2022 Debarshi Ray - 0.187-8 +- Use %%sysusers_requires_compat to match %%sysusers_create_compat + +* Wed Jul 27 2022 Amit Shah - 0.187-7 +- Allow building without default debuginfod URL + +* Thu Jul 21 2022 Fedora Release Engineering - 0.187-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Tue Jun 14 2022 Mark Wielaard - 0.187-5 +- Add sysuser support for creating the debuginfod user + +* Fri May 6 2022 Mark Wielaard - 0.187-4 +- Add elfutils-0.187-mhd_no_dual_stack.patch +- Add elfutils-0.187-mhd_epoll.patch + +* Thu May 5 2022 Mark Wielaard - 0.187-3 +- Add elfutils-0.187-debuginfod-client-fd-leak.patch + +* Tue May 3 2022 Mark Wielaard - 0.187-2 +- Add elfutils-0.187-csh-profile.patch + +* Tue Apr 26 2022 Mark Wielaard - 0.187-1 +- Upgrade to elfutils 0.187 + - debuginfod: Support -C option for connection thread pooling. + - debuginfod-client: Negative cache file are now zero sized instead + of no-permission files. + - addr2line: The -A, --absolute option, which shows file names + includingthe full compilation directory is now the + default. To get theold behavior use the new option --relative. + - readelf, elflint: Recognize FDO Packaging Metadata ELF notes + - libdw, debuginfo-client: Load libcurl lazily only when files need + to be fetched remotely. libcurl is now never loaded when + DEBUGINFOD_URLS is unset. And whenDEBUGINFOD_URLS is set, + libcurl is only loaded when the debuginfod_begin function is + called. + +* Tue Apr 12 2022 Mark Wielaard - 0.186-5 +- Add an explicit versioned requires from elfutils-debuginfod-client + on elfutils-libelf. + +* Thu Apr 7 2022 Mark Wielaard - 0.186-4 +- Add an explicit versioned requires from elfutils-debuginfod-client + on elfutils-libs. + +* Fri Mar 25 2022 Mark Wielaard - 0.186-3 +- Add elfutils-0.186-elf-glibc.patch +- Add elfutils-0.186-fdo-ebl.patch +- Add elfutils-0.186-fdo-efllint.patch +- Add elfutils-0.186-fdo-swap.patch +- Add elfutils-0.186-ppc64le-error-return-workaround.patch + +* Thu Jan 20 2022 Fedora Release Engineering - 0.186-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Wed Nov 10 2021 Mark Wielaard - 0.186-1 +- Upgrade to upstream 0.186 + - debuginfod-client: Default $DEBUGINFOD_URLS is computed from + drop-in files /etc/debuginfod/*.urls rather than + hardcoded into the /etc/profile.d/debuginfod* + scripts. + Add $DEBUGINFOD_MAXSIZE and $DEBUGINFOD_MAXTIME settings + for skipping large/slow transfers. + Add $DEBUGINFOD_RETRY for retrying aborted lookups. + - debuginfod: Supply extra HTTP response headers, describing + archive/file names that satisfy the requested buildid content. + Support -d :memory: option for in-memory databases. + Protect against loops in federated server configurations. + Add -r option to use -I/-X regexes for grooming stale files. + Protect against wasted CPU from duplicate concurrent requests. + Limit the duration of groom ops roughly to rescan (-t) times. + Add --passive mode for serving from read-only database. + Several other performance improvements & prometheus metrics. + - libdw: Support for the NVIDIA Cuda line map extensions. + DW_LNE_NVIDIA_inlined_call and DW_LNE_NVIDIA_set_function_name + are defined in dwarf.h. New functions dwarf_linecontext and + dwarf_linefunctionname. + - translations: Update Japanese translation. + * Thu Aug 5 2021 Mark Wielaard - 0.185-5 - Use autosetup - Add elfutils-0.185-raise-pthread_kill-backtrace.patch diff --git a/gating.yaml b/gating.yaml index 4fab4ec..f2f9f20 100644 --- a/gating.yaml +++ b/gating.yaml @@ -5,6 +5,7 @@ decision_context: bodhi_update_push_stable subject_type: koji_build rules: - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.rpminspect.static-analysis} --- !Policy product_versions: - rhel-9 diff --git a/sources b/sources index b564fdb..bd25645 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (elfutils-0.185.tar.bz2) = 34de0de1355b11740e036e0fc64f2fc063587c8eb121b19216ee5548d3f0f268d8fc3995176c47190466b9d881007cfa11a9d01e9a50e38af6119492bf8bb47f +SHA512 (elfutils-0.194.tar.bz2) = 5d00502f61b92643bf61dc61da4ddded36c423466388d992bcd388c5208761b8ed9db1a01492c085cd0984eef30c08f895a8e307e78e0df8df40b56ae35b78a5 diff --git a/tests/Regression/GNU-Attribute-notes-not-recognized/Makefile b/tests/Regression/GNU-Attribute-notes-not-recognized/Makefile index 03e071d..332e11f 100644 --- a/tests/Regression/GNU-Attribute-notes-not-recognized/Makefile +++ b/tests/Regression/GNU-Attribute-notes-not-recognized/Makefile @@ -54,7 +54,7 @@ $(METADATA): Makefile @echo "TestTime: 48h" >> $(METADATA) @echo "RunFor: elfutils" >> $(METADATA) @echo "Requires: elfutils" >> $(METADATA) - @echo "Requires: bash" >> $(METADATA) + @echo "Requires: bash bash-debuginfo" >> $(METADATA) @echo "Priority: Normal" >> $(METADATA) @echo "License: GPLv2+" >> $(METADATA) @echo "Confidential: no" >> $(METADATA) diff --git a/tests/Regression/GNU-Attribute-notes-not-recognized/main.fmf b/tests/Regression/GNU-Attribute-notes-not-recognized/main.fmf index 896cbd2..eb1809c 100644 --- a/tests/Regression/GNU-Attribute-notes-not-recognized/main.fmf +++ b/tests/Regression/GNU-Attribute-notes-not-recognized/main.fmf @@ -2,15 +2,15 @@ summary: GNU-Attribute-notes-not-recognized description: | Bug summary: elfutils doesn't recognize GNU Attribute notes Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1650125 -contact: -- Martin Cermak +contact: Martin Cermak component: -- elfutils + - elfutils test: ./runtest.sh framework: beakerlib recommend: -- elfutils -- bash + - elfutils + - bash + - bash-debuginfo duration: 48h extra-summary: /tools/elfutils/Regression/GNU-Attribute-notes-not-recognized extra-task: /tools/elfutils/Regression/GNU-Attribute-notes-not-recognized diff --git a/tests/Regression/GNU-Attribute-notes-not-recognized/runtest.sh b/tests/Regression/GNU-Attribute-notes-not-recognized/runtest.sh index d60f5ac..aaa6c89 100755 --- a/tests/Regression/GNU-Attribute-notes-not-recognized/runtest.sh +++ b/tests/Regression/GNU-Attribute-notes-not-recognized/runtest.sh @@ -32,12 +32,35 @@ PACKAGE="elfutils" rlJournalStart rlPhaseStartTest - # Rely on that /bin/bash is annobin-annotated per - # - https://fedoraproject.org/wiki/Toolchain/Watermark - # - https://fedoraproject.org/wiki/Changes/Annobin - # Seems to work fine with bash-4.4.19-6.el8 and elfutils-0.174-5.el8. - set -o pipefail - rlRun "eu-readelf -n /bin/bash | grep -2 '^ GA' | fgrep 'GNU Build Attribute' | tail -50" + # Rely on that /bin/bash is annobin-annotated per + # - https://fedoraproject.org/wiki/Toolchain/Watermark + # - https://fedoraproject.org/wiki/Changes/Annobin + # Seems to work fine with bash-4.4.19-6.el8 and elfutils-0.174-5.el8. + f="/bin/bash" + + # Annobin notes originally used to reside in the binary itself. + # Later on they moved to debuginfo. + # Let's see if we can chase down needed debuginfo somewhere... + + # Attempt getting the needed file using debuginfod + export DEBUGINFOD_URLS=https://debuginfod.fedoraproject.org/ + rlRun "f=\"$f $(debuginfod-find debuginfo /bin/bash)\"" + + # Attempt getting the needed file by traditional means + rlRun "debuginfo-install -y bash" + rlRun "buildid=$(eu-readelf -n /bin/bash | awk '/Build ID:/ {print $NF}')" + for i in $(rpm -ql bash-debuginfo); do + test -f $i || continue + if eu-readelf -n $i | fgrep $buildid; then + rlRun "f=\"$f $i\"" + fi + done + + set -o pipefail + export f + # Check if eu-readelf can read the notes from at least one of files + # that can possibly contain it... + rlRun "(for i in $f; do eu-readelf -n $i; done ) | grep -2 '^ GA' | fgrep 'GNU Build Attribute' | tail -50" rlPhaseEnd rlJournalPrintText rlJournalEnd diff --git a/tests/Regression/eu-elfcompress-breaks-hard-links/bubble.c b/tests/Regression/eu-elfcompress-breaks-hard-links/bubble.c new file mode 100644 index 0000000..f8b643a --- /dev/null +++ b/tests/Regression/eu-elfcompress-breaks-hard-links/bubble.c @@ -0,0 +1,4 @@ +int main() +{ + return 0; +} diff --git a/tests/Regression/eu-elfcompress-breaks-hard-links/main.fmf b/tests/Regression/eu-elfcompress-breaks-hard-links/main.fmf new file mode 100644 index 0000000..a34c573 --- /dev/null +++ b/tests/Regression/eu-elfcompress-breaks-hard-links/main.fmf @@ -0,0 +1,15 @@ +summary: eu-elfcompress-breaks-hard-links +description: '' +link: + - relates: https://bugzilla.redhat.com/show_bug.cgi?id=2188064 +contact: Martin Cermak +component: + - elfutils +test: ./runtest.sh +framework: beakerlib +recommend: + - elfutils + - gcc +duration: 1h +extra-summary: /tools/elfutils/Regression/eu-elfcompress-breaks-hard-links +extra-task: /tools/elfutils/Regression/eu-elfcompress-breaks-hard-links diff --git a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/runtest.sh b/tests/Regression/eu-elfcompress-breaks-hard-links/runtest.sh similarity index 64% rename from tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/runtest.sh rename to tests/Regression/eu-elfcompress-breaks-hard-links/runtest.sh index 09c885c..7709a74 100755 --- a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/runtest.sh +++ b/tests/Regression/eu-elfcompress-breaks-hard-links/runtest.sh @@ -2,13 +2,13 @@ # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # -# runtest.sh of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference -# Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference +# runtest.sh of /tools/elfutils/Regression/eu-elfcompress-breaks-hard-links +# Description: eu-elfcompress-breaks-hard-links # Author: Martin Cermak # # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # -# Copyright (c) 2019 Red Hat, Inc. +# Copyright (c) 2023 Red Hat, Inc. # # This program is free software: you can redistribute it and/or # modify it under the terms of the GNU General Public License as @@ -31,9 +31,25 @@ PACKAGE="elfutils" rlJournalStart + rlPhaseStartSetup + rlAssertRpm $PACKAGE + rlRun "TMP=$(mktemp -d)" + rlRun "cp bubble.c $TMP/" + rlRun "pushd $TMP" + rlPhaseEnd + rlPhaseStartTest - # Expect exitcode 2, unfixed package segfaults (139) - rlRun "eu-stack --core=POC-stack" 2 + rlRun "gcc -o a.out -g bubble.c" + rlRun "ln a.out a.lnk" + rlRun "eu-elfcompress -q -p -t none a.lnk" + rlRun "i0=$(stat -c '%i' a.out)" + rlRun "i1=$(stat -c '%i' a.lnk)" + rlRun "test $i0 -eq $i1" + rlPhaseEnd + + rlPhaseStartCleanup + rlRun "popd" + rlRun "rm -r $TMP" rlPhaseEnd rlJournalPrintText rlJournalEnd diff --git a/tests/Sanity/elfutils-debuginfod/body.sh b/tests/Sanity/elfutils-debuginfod/body.sh new file mode 100755 index 0000000..1f93014 --- /dev/null +++ b/tests/Sanity/elfutils-debuginfod/body.sh @@ -0,0 +1,81 @@ +#!/bin/bash + +set -xeo pipefail + + +export DEBUGINFOD_VERBOSE=1 +export DEBUGINFOD_CACHE_PATH=$HOME/.debuginfod_client_cache/ + +# Initial cleanup +systemctl stop debuginfod +rm -rf ~/.cache/debuginfod_client +rm -rf /usr/src/my_extra_rpms $DEBUGINFOD_CACHE_PATH +mkdir $DEBUGINFOD_CACHE_PATH +journalctl -g debuginfod -f & +logger=$! + +# Set up a delay. A delay of 3 worked for me reliably for manual testing. +DELAY=120 + +# Clean up after possible previous failed (=> unfinished) run of this testcase +rm -rf /usr/src/my_extra_rpms $HOME/.debuginfod_client_cache + +# Check the config file is there +cat /etc/sysconfig/debuginfod + +# Make sure the config file doesn't contain unwanted relicts +# from possible previous failed run of this testcase +fgrep DEBUGINFOD_PATHS /etc/sysconfig/debuginfod | (! fgrep /usr/src/my_extra_rpms) + +# Add some directory to the DEBUGINFOD_PATH and configure it +# within /etc/sysconfig/debuginfod +mkdir -p /usr/src/my_extra_rpms +sed -i 's/DEBUGINFOD_PATHS="[^"]*/\0\ \/usr\/src\/my_extra_rpms/' /etc/sysconfig/debuginfod +fgrep DEBUGINFOD_PATHS /etc/sysconfig/debuginfod | fgrep /usr/src/my_extra_rpms + +# Note the DEBUGINFOD_PORT in the sysconfig file +# and use it to export the server URL for the client to use +source /etc/sysconfig/debuginfod +export DEBUGINFOD_URLS="localhost:$DEBUGINFOD_PORT" + +# Get the build-id from some installed binary and make sure +# it isn't found +buildid=$(eu-unstrip -n -e /usr/bin/true | cut -f2 -d\ | cut -f1 -d@) +! debuginfod-find executable $buildid + +# Start the service +systemctl start debuginfod + +# Give it some time to index +sleep $DELAY + +# Now the binary should be found +debuginfod-find executable $buildid + +# Take a small debuginfo rpm and make sure you know the buildid of +# some .debug file in to the directory you created and added to +# the DEBUGINFO_PATH in the config file. +cp sshpass-debuginfo-1.09-2.fc35.x86_64.rpm /usr/src/my_extra_rpms + +# Make sure the denuginfo can't be found yet +# Related: +# - https://bugzilla.redhat.com/show_bug.cgi?id=2023454 +# - https://sourceware.org/bugzilla/show_bug.cgi?id=28240 +! debuginfod-find debuginfo 73952ed43c6edc82cc92186a581ec27f009c529c +echo 0 > $DEBUGINFOD_CACHE_PATH/cache_miss_s + +# Tell debuginfod to start indexing immediately +debuginfod_pid=$(systemctl status debuginfod | fgrep PID | grep -Po '\d+') +kill -SIGUSR1 $debuginfod_pid + +# Give it some time to index +sleep $DELAY + +# Try to find the debug file with the known buildid +debuginfod-find debuginfo 73952ed43c6edc82cc92186a581ec27f009c529c + +# Clean up +rm -rf /usr/src/my_extra_rpms $HOME/.debuginfod_client_cache + +# Kill the logger +kill $logger diff --git a/tests/Sanity/elfutils-debuginfod/main.fmf b/tests/Sanity/elfutils-debuginfod/main.fmf new file mode 100644 index 0000000..dcdc35d --- /dev/null +++ b/tests/Sanity/elfutils-debuginfod/main.fmf @@ -0,0 +1,14 @@ +summary: elfutils-debuginfod +description: '' +contact: Martin Cermak +component: +- elfutils +test: ./runtest.sh +framework: beakerlib +recommend: +- elfutils +- elfutils-debuginfod +- elfutils-debuginfod-client +duration: 48h +extra-summary: /tools/elfutils/Sanity/elfutils-debuginfod +extra-task: /tools/elfutils/Sanity/elfutils-debuginfod diff --git a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/runtest.sh b/tests/Sanity/elfutils-debuginfod/runtest.sh similarity index 68% rename from tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/runtest.sh rename to tests/Sanity/elfutils-debuginfod/runtest.sh index 06e697c..1ae097e 100755 --- a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/runtest.sh +++ b/tests/Sanity/elfutils-debuginfod/runtest.sh @@ -2,8 +2,8 @@ # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # -# runtest.sh of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom -# Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom +# runtest.sh of /tools/elfutils/Sanity/elfutils-debuginfod +# Description: elfutils-debuginfod # Author: Martin Cermak # # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -31,11 +31,24 @@ PACKAGE="elfutils" rlJournalStart + rlPhaseStartSetup + for p in elfutils-debuginfod elfutils-debuginfod-client; do + rlAssertRpm $p + done + rlRun "TMPD=$(mktemp -d)" + rlRun "cp body.sh sshpass-debuginfo-1.09-2.fc35.x86_64.rpm $TMPD" + rlRun "pushd $TMPD" + rlFileBackup /etc/sysconfig/debuginfod + rlPhaseEnd + rlPhaseStartTest - # We expect 1, but not 99 ... - # Reproduced with valgrind-3.13.0-13.el7 and elfutils-0.172-2.el7 - # Verified with valgrind-3.14.0-16.el7 and elfutils-0.176-1.el7 - rlRun "valgrind -q --error-exitcode=99 eu-readelf -a POC2" 1 + rlRun "./body.sh" + rlPhaseEnd + + rlPhaseStartCleanup + rlFileRestore + rlRun "popd" + rlRun "rm -r $TMPD" rlPhaseEnd rlJournalPrintText rlJournalEnd diff --git a/tests/Sanity/elfutils-debuginfod/sshpass-debuginfo-1.09-2.fc35.x86_64.rpm b/tests/Sanity/elfutils-debuginfod/sshpass-debuginfo-1.09-2.fc35.x86_64.rpm new file mode 100644 index 0000000..3ae7fe1 Binary files /dev/null and b/tests/Sanity/elfutils-debuginfod/sshpass-debuginfo-1.09-2.fc35.x86_64.rpm differ diff --git a/tests/Sanity/yama-scope/main.fmf b/tests/Sanity/yama-scope/main.fmf new file mode 100644 index 0000000..7b08cd2 --- /dev/null +++ b/tests/Sanity/yama-scope/main.fmf @@ -0,0 +1,16 @@ +summary: yama-scope +description: | + Bug summary: Enable provide_yama_scope for rhel >= 7.4 + Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1455514 +contact: Martin Cermak +component: +- elfutils +test: ./runtest.sh +framework: beakerlib +recommend: +- elfutils +duration: 48h +link: +- relates: https://bugzilla.redhat.com/show_bug.cgi?id=1455514 +extra-summary: /tools/elfutils/Sanity/yama-scope +extra-task: /tools/elfutils/Sanity/yama-scope diff --git a/tests/Sanity/yama-scope/ptrace-scope-test.sh b/tests/Sanity/yama-scope/ptrace-scope-test.sh new file mode 100644 index 0000000..6eb1ca4 --- /dev/null +++ b/tests/Sanity/yama-scope/ptrace-scope-test.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +RETVAL=0 +OUT=$(mktemp) +eu-stack -p $$ |& tee $OUT +grep -i 'operation not permitted' $OUT && RETVAL=1 +rm $OUT +exit $RETVAL diff --git a/tests/Sanity/yama-scope/runtest.sh b/tests/Sanity/yama-scope/runtest.sh new file mode 100755 index 0000000..8195b54 --- /dev/null +++ b/tests/Sanity/yama-scope/runtest.sh @@ -0,0 +1,108 @@ +#!/bin/bash +# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /tools/elfutils/Sanity/yama-scope +# Description: yama-scope +# Author: Martin Cermak +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2017 Red Hat, Inc. +# +# This program is free software: you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation, either version 2 of +# the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see http://www.gnu.org/licenses/. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include Beaker environment +. /usr/share/beakerlib/beakerlib.sh || exit 1 + +PACKAGE="elfutils" +MY_USER="ptrace_scope_testuser" +TESTCASE="/tmp/ptrace-scope-test.sh" +PROCFILE='/proc/sys/kernel/yama/ptrace_scope' + +test_root() +{ + $TESTCASE +} + +test_user() +{ + su - $MY_USER -c $TESTCASE +} + +rlJournalStart + rlPhaseStartTest + +# This can easily be tested with strace. Just cycle through the settings: + +# 0 - Default attach security permissions. +# 1 - Restricted attach. Only child processes plus normal permissions. +# 2 - Admin-only attach. Only executables with CAP_SYS_PTRACE. +# 3 - No attach. No process may call ptrace at all. Irrevocable. + +# echo 0 > /proc/sys/kernel/yama/ptrace_scope + +# With 0, strace works against any process with your uid. For example, strace -p 2190. +# With 1, strace errors when doing the same as in 0: strace: attach: ptrace(PTRACE_SEIZE, 3180): Operation not permitted. However, you can strace any program you run from strace, "strace /bin/ls" or example. +# With 2, you can only strace from the root account. You can no longer strace commands run from strace. +# With 3, even root cannot strace. + +# --- + +# possible related AVCs tracked as https://bugzilla.redhat.com/show_bug.cgi?id=1458999 + +# --- + + rlRun "useradd $MY_USER" 0,9 + + rlRun "cp ptrace-scope-test.sh /tmp/" + rlRun "chmod a+rx /tmp/ptrace-scope-test.sh" + + rlRun "ORIGVAL=$( cat $PROCFILE )" + + # First, test the default behaviour, which is "no restriction" + # from the ptrace perspective. Here we assume that + # elfutils-default-yama-scope.rpm is installed and so the default + # yama policy is set to 0 instead of 1 which would otherwise be set + # as a kernel default (security/yama/yama_lsm.c ---> YAMA_SCOPE_RELATIONAL) + rlRun test_root + rlRun test_user + + rlRun "echo 0 > $PROCFILE" + rlRun test_root + rlRun test_user + rlRun "echo 1 > $PROCFILE" + rlRun test_root + rlRun test_user 1 + rlRun "echo 2 > $PROCFILE" + rlRun test_root + rlRun test_user 1 + # Following subtest would be irrevertible (till next reboot) + # rlRun "echo 3 > $PROCFILE" + # rlRun test_root 1 + # rlRun test_user 1 + + rlRun "userdel -f $MY_USER" + +# This testcase could be more complex - using child and non-child processes and +# performing reboots. But let's keep this simple, since we are not testing the +# kernel facility, but merely an elfutils "plugin" for it, whose purpose is to +# set the default yama policy as such. + + rlRun "echo $ORIGVAL > $PROCFILE" + rlPhaseEnd +rlJournalPrintText +rlJournalEnd diff --git a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/Makefile b/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/Makefile deleted file mode 100644 index 09a9e16..0000000 --- a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read -# Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE addr2line-buffer-over-flow1 - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1625260" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/PURPOSE b/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/PURPOSE deleted file mode 100644 index 3281134..0000000 --- a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read -Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read -Author: Martin Cermak -Bug summary: 2 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file [rhel-7] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625260 diff --git a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/addr2line-buffer-over-flow1 b/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/addr2line-buffer-over-flow1 deleted file mode 100644 index 8db05cc..0000000 Binary files a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/addr2line-buffer-over-flow1 and /dev/null differ diff --git a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/main.fmf b/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/main.fmf deleted file mode 100644 index 4d5ddab..0000000 --- a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2018-16062-elfutils-Heap-based-buffer-over-read -description: | - Bug summary: 2 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file [rhel-7] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625260 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read -extra-task: /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read diff --git a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/runtest.sh b/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/runtest.sh deleted file mode 100755 index fa3fc0c..0000000 --- a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/runtest.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read -# Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - # Reproduced with elfutils-0.172-2.el7.x86_64 valgrind-3.13.0-13.el7.x86_64 - rlRun "valgrind -q --error-exitcode=99 eu-addr2line -e addr2line-buffer-over-flow1 -- 500 50 10 -1000" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/Double-free-libelf b/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/Double-free-libelf deleted file mode 100644 index da7ce21..0000000 Binary files a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/Double-free-libelf and /dev/null differ diff --git a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/Makefile b/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/Makefile deleted file mode 100644 index 3829217..0000000 --- a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/Makefile +++ /dev/null @@ -1,65 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression -# Description: CVE-2018-16402-double-free-due-to-double-decompression -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE Double-free-libelf - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-16402-double-free-due-to-double-decompression" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: nothing" >> $(METADATA) - @echo "Requires: elfutils" >> $(METADATA) - @echo "Requires: valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1625052" >> $(METADATA) - @echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/PURPOSE b/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/PURPOSE deleted file mode 100644 index 2b1d552..0000000 --- a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression -Description: CVE-2018-16402-double-free-due-to-double-decompression -Author: Martin Cermak -Bug summary: 2 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash [rhel-8] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625052 diff --git a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/main.fmf b/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/main.fmf deleted file mode 100644 index f7be31f..0000000 --- a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2018-16402-double-free-due-to-double-decompression -description: | - Bug summary: 2 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash [rhel-8] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625052 -contact: -- Martin Cermak -component: -- nothing -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression -extra-task: /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression diff --git a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/runtest.sh b/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/runtest.sh deleted file mode 100755 index 96e322b..0000000 --- a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/runtest.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression -# Description: CVE-2018-16402-double-free-due-to-double-decompression -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - TMP=$(mktemp) - rlRun "valgrind -q eu-readelf -S ./Double-free-libelf |& tee $TMP" - rlRun "fgrep 'Invalid free()' $TMP" 1 - rlRun "fgrep 'Section Headers:' $TMP" - rm -f $TMP - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/Buffer-over-readelf b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/Buffer-over-readelf deleted file mode 100644 index 4b214cd..0000000 Binary files a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/Buffer-over-readelf and /dev/null differ diff --git a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/Makefile b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/Makefile deleted file mode 100644 index de1c93a..0000000 --- a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/Makefile +++ /dev/null @@ -1,65 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -# Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE Buffer-over-readelf bz1532205.supp - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: nothing" >> $(METADATA) - @echo "Requires: elfutils" >> $(METADATA) - @echo "Requires: valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: yes" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1625057" >> $(METADATA) - @echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/PURPOSE b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/PURPOSE deleted file mode 100644 index 10589cc..0000000 --- a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -Author: Martin Cermak -Bug summary: 3 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash [rhel-8] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625057 diff --git a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/bz1532205.supp b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/bz1532205.supp deleted file mode 100644 index 70f0f80..0000000 --- a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/bz1532205.supp +++ /dev/null @@ -1,25 +0,0 @@ -{ - - Memcheck:Cond - fun:_nl_explode_name -} -{ - - Memcheck:Cond - fun:_nl_make_l10nflist -} -{ - - Memcheck:Addr4 - fun:_nl_make_l10nflist -} -{ - - Memcheck:Addr4 - fun:new_composite_name -} -{ - - Memcheck:Cond - fun:_nl_explode_name -} diff --git a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/main.fmf b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/main.fmf deleted file mode 100644 index e934d57..0000000 --- a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -description: | - Bug summary: 3 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash [rhel-8] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625057 -contact: -- Martin Cermak -component: -- nothing -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -extra-task: /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c diff --git a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/runtest.sh b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/runtest.sh deleted file mode 100755 index ffd6160..0000000 --- a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/runtest.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -# Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - arch | grep -q ppc64le && VGSUPP='--suppressions=bz1532205.supp' || VGSUPP='' - TMP=$(mktemp) - rlRun "valgrind $VGSUPP -q eu-readelf --debug-dump=abbrev ./Buffer-over-readelf |& tee $TMP" - rlRun "fgrep 'Invalid read of size' $TMP" 1 - rlRun "fgrep 'Abbreviation section at offset' $TMP" - rm -f $TMP - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/Makefile b/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/Makefile deleted file mode 100644 index de96661..0000000 --- a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference -# Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC-stack - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1651567" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/POC-stack b/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/POC-stack deleted file mode 100644 index 2b486e8..0000000 Binary files a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/POC-stack and /dev/null differ diff --git a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/PURPOSE b/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/PURPOSE deleted file mode 100644 index 6688efc..0000000 --- a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference -Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference -Author: Martin Cermak -Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhdts-8] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651567 diff --git a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/main.fmf b/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/main.fmf deleted file mode 100644 index 6ab4075..0000000 --- a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/main.fmf +++ /dev/null @@ -1,15 +0,0 @@ -summary: CVE-2018-18310-elfutils-invalid-memory-address-dereference -description: | - Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhdts-8] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651567 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference -extra-task: /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference diff --git a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/Makefile b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/Makefile deleted file mode 100644 index 6a50f8a..0000000 --- a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference -# Description: CVE-2018-18310-invalid-memory-address-dereference -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC-stack bz1532205.supp - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-18310-invalid-memory-address-dereference" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: nothing" >> $(METADATA) - @echo "Requires: elfutils valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1642606" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -RHEL6" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/POC-stack b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/POC-stack deleted file mode 100644 index 2b486e8..0000000 Binary files a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/POC-stack and /dev/null differ diff --git a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/PURPOSE b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/PURPOSE deleted file mode 100644 index eb0721d..0000000 --- a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference -Description: CVE-2018-18310-invalid-memory-address-dereference -Author: Martin Cermak -Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhel-8] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1642606 diff --git a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/bz1532205.supp b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/bz1532205.supp deleted file mode 100644 index 70f0f80..0000000 --- a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/bz1532205.supp +++ /dev/null @@ -1,25 +0,0 @@ -{ - - Memcheck:Cond - fun:_nl_explode_name -} -{ - - Memcheck:Cond - fun:_nl_make_l10nflist -} -{ - - Memcheck:Addr4 - fun:_nl_make_l10nflist -} -{ - - Memcheck:Addr4 - fun:new_composite_name -} -{ - - Memcheck:Cond - fun:_nl_explode_name -} diff --git a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/main.fmf b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/main.fmf deleted file mode 100644 index 86d6871..0000000 --- a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2018-18310-invalid-memory-address-dereference -description: | - Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhel-8] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1642606 -contact: -- Martin Cermak -component: -- nothing -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference -extra-task: /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference diff --git a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/runtest.sh b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/runtest.sh deleted file mode 100755 index ba44f8d..0000000 --- a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/runtest.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference -# Description: CVE-2018-18310-invalid-memory-address-dereference -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - arch | grep -q ppc64le && VGSUPP='--suppressions=bz1532205.supp' || VGSUPP='' - TMP=$(mktemp) - rlRun "valgrind $VGSUPP -q eu-stack --core=./POC-stack |& tee $TMP" - rlRun "fgrep 'Invalid read of size' $TMP" 1 - rm -f $TMP - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/Makefile b/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/Makefile deleted file mode 100644 index 1728cdc..0000000 --- a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -# Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC1 - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1651200" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/POC1 b/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/POC1 deleted file mode 100644 index 1f6c719..0000000 Binary files a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/POC1 and /dev/null differ diff --git a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/PURPOSE b/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/PURPOSE deleted file mode 100644 index 3c71880..0000000 --- a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/PURPOSE +++ /dev/null @@ -1,3 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -Author: Martin Cermak diff --git a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/main.fmf b/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/main.fmf deleted file mode 100644 index 417d678..0000000 --- a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/main.fmf +++ /dev/null @@ -1,13 +0,0 @@ -summary: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -description: '' -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -extra-task: /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files diff --git a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/runtest.sh b/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/runtest.sh deleted file mode 100755 index b29cf5b..0000000 --- a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/runtest.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -# Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - rlRun "eu-size POC1" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/Makefile b/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/Makefile deleted file mode 100644 index 8375a2c..0000000 --- a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -# Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2 - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1646479" >> $(METADATA) - @echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/POC2 b/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/POC2 deleted file mode 100644 index 2221cf4..0000000 Binary files a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/POC2 and /dev/null differ diff --git a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/PURPOSE b/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/PURPOSE deleted file mode 100644 index 4bc7058..0000000 --- a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -Author: Martin Cermak -Bug summary: 0 elfutils: eu-size cannot handle recursive ar files [rhel-8] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646479 diff --git a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/main.fmf b/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/main.fmf deleted file mode 100644 index 65de371..0000000 --- a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -description: | - Bug summary: 0 elfutils: eu-size cannot handle recursive ar files [rhel-8] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646479 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -extra-task: /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files diff --git a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/runtest.sh b/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/runtest.sh deleted file mode 100755 index ff22f65..0000000 --- a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/runtest.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -# Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - TMP=$(mktemp) - rlRun "valgrind -q eu-size ./POC2 |& tee $TMP" - rlRun "fgrep 'Process terminating with default action of signal 11' $TMP" 1 - rm -f $TMP - rlRun "eu-size ./POC2" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2018-18521-divide-by-zero/Makefile b/tests/Security/CVE-2018-18521-divide-by-zero/Makefile deleted file mode 100644 index 0f5c03e..0000000 --- a/tests/Security/CVE-2018-18521-divide-by-zero/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero -# Description: CVE-2018-18521-divide-by-zero -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-18521-divide-by-zero -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2 - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-18521-divide-by-zero" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1646484" >> $(METADATA) - @echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-18521-divide-by-zero/POC2 b/tests/Security/CVE-2018-18521-divide-by-zero/POC2 deleted file mode 100644 index f4edc40..0000000 Binary files a/tests/Security/CVE-2018-18521-divide-by-zero/POC2 and /dev/null differ diff --git a/tests/Security/CVE-2018-18521-divide-by-zero/PURPOSE b/tests/Security/CVE-2018-18521-divide-by-zero/PURPOSE deleted file mode 100644 index 06fa1fb..0000000 --- a/tests/Security/CVE-2018-18521-divide-by-zero/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero -Description: CVE-2018-18521-divide-by-zero -Author: Martin Cermak -Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhel-8] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646484 diff --git a/tests/Security/CVE-2018-18521-divide-by-zero/main.fmf b/tests/Security/CVE-2018-18521-divide-by-zero/main.fmf deleted file mode 100644 index f288788..0000000 --- a/tests/Security/CVE-2018-18521-divide-by-zero/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2018-18521-divide-by-zero -description: | - Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhel-8] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646484 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-18521-divide-by-zero -extra-task: /tools/elfutils/Security/CVE-2018-18521-divide-by-zero diff --git a/tests/Security/CVE-2018-18521-divide-by-zero/runtest.sh b/tests/Security/CVE-2018-18521-divide-by-zero/runtest.sh deleted file mode 100755 index 4f83999..0000000 --- a/tests/Security/CVE-2018-18521-divide-by-zero/runtest.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero -# Description: CVE-2018-18521-divide-by-zero -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - # This doesn't reproduce on ppach64 and ppc64le. - TMP=$(mktemp) - rlRun "valgrind -q eu-ranlib ./POC2 |& tee $TMP" - rlRun "fgrep 'Process terminating with default action of signal 8' $TMP" 1 - rm -f $TMP - rlRun "eu-ranlib ./POC2" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/Makefile b/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/Makefile deleted file mode 100644 index 075bcd7..0000000 --- a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -# Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2 - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1651203" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/POC2 b/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/POC2 deleted file mode 100644 index f4edc40..0000000 Binary files a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/POC2 and /dev/null differ diff --git a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/PURPOSE b/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/PURPOSE deleted file mode 100644 index 2a100e2..0000000 --- a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -Author: Martin Cermak -Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhdts-8] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651203 diff --git a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/main.fmf b/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/main.fmf deleted file mode 100644 index 645e9a6..0000000 --- a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/main.fmf +++ /dev/null @@ -1,15 +0,0 @@ -summary: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -description: | - Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhdts-8] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651203 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -extra-task: /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c diff --git a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/runtest.sh b/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/runtest.sh deleted file mode 100755 index aa345b7..0000000 --- a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/runtest.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -# Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - rlRun "eu-ranlib POC2" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2019-7146/Makefile b/tests/Security/CVE-2019-7146/Makefile deleted file mode 100644 index 1dd17ca..0000000 --- a/tests/Security/CVE-2019-7146/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2019-7146 -# Description: CVE-2019-7146 -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2019-7146 -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE poc - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2019-7146" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils" >> $(METADATA) - @echo "Requires: valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2019-7146/PURPOSE b/tests/Security/CVE-2019-7146/PURPOSE deleted file mode 100644 index 0770c49..0000000 --- a/tests/Security/CVE-2019-7146/PURPOSE +++ /dev/null @@ -1,3 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2019-7146 -Description: CVE-2019-7146 -Author: Martin Cermak diff --git a/tests/Security/CVE-2019-7146/main.fmf b/tests/Security/CVE-2019-7146/main.fmf deleted file mode 100644 index d690650..0000000 --- a/tests/Security/CVE-2019-7146/main.fmf +++ /dev/null @@ -1,14 +0,0 @@ -summary: CVE-2019-7146 -description: '' -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2019-7146 -extra-task: /tools/elfutils/Security/CVE-2019-7146 diff --git a/tests/Security/CVE-2019-7146/poc b/tests/Security/CVE-2019-7146/poc deleted file mode 100644 index a27f86b..0000000 Binary files a/tests/Security/CVE-2019-7146/poc and /dev/null differ diff --git a/tests/Security/CVE-2019-7146/runtest.sh b/tests/Security/CVE-2019-7146/runtest.sh deleted file mode 100755 index fb8cd3f..0000000 --- a/tests/Security/CVE-2019-7146/runtest.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2019-7146 -# Description: CVE-2019-7146 -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - # https://svn.devel.redhat.com/repos/srtvulns/trunk/components/elfutils/CVE-2019-7146/ - # Expected Output - # An error instead of segfault. - rlRun "valgrind -q --error-exitcode=99 eu-readelf -a ./poc" 1 - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/Makefile b/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/Makefile deleted file mode 100644 index b022ffa..0000000 --- a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read -# Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC1 - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1680056" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/POC1 b/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/POC1 deleted file mode 100644 index 63698a3..0000000 Binary files a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/POC1 and /dev/null differ diff --git a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/PURPOSE b/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/PURPOSE deleted file mode 100644 index f09b1b4..0000000 --- a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read -Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read -Author: Martin Cermak -Bug summary: elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw [rhdts-8] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680056 diff --git a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/main.fmf b/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/main.fmf deleted file mode 100644 index b598856..0000000 --- a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2019-7149-elfutils-heap-based-buffer-over-read -description: | - Bug summary: elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw [rhdts-8] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680056 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read -extra-task: /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read diff --git a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/runtest.sh b/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/runtest.sh deleted file mode 100755 index bac258f..0000000 --- a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/runtest.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read -# Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - rlRun "which valgrind eu-nm" - # With RHEL I saw the invalid read of size 1 on aarch64 and ppc64le - # using devtoolset-7-elfutils-0.170-5.el7. I also saw it on x86_64 - # with base rhel elfutils-0.172-2.el7.x86_64. - # IOW - It doesn't reproduce "everywhere". - rlRun "valgrind -q --error-exitcode=99 eu-nm -C POC1" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/Makefile b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/Makefile deleted file mode 100644 index 99a9c61..0000000 --- a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -# Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2 - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1680046" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/POC1 b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/POC1 deleted file mode 100644 index abd8c65..0000000 Binary files a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/POC1 and /dev/null differ diff --git a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/POC2 b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/POC2 deleted file mode 100644 index 0c1a4d0..0000000 Binary files a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/POC2 and /dev/null differ diff --git a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/PURPOSE b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/PURPOSE deleted file mode 100644 index c26e276..0000000 --- a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -Author: Martin Cermak -Bug summary: elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c [rhel-7] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680046 diff --git a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/main.fmf b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/main.fmf deleted file mode 100644 index e2f01bc..0000000 --- a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -description: | - Bug summary: elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c [rhel-7] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680046 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -extra-task: /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom diff --git a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/runtest.sh b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/runtest.sh deleted file mode 100755 index 3151176..0000000 --- a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/runtest.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -# Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - # An error is expected (2), but a SEGV is not (139). - # Reproduced with elfutils-0.172-2.el7, verified with elfutils-0.176-1.el7 - rlRun "valgrind -q --error-exitcode=99 eu-stack --core=POC2" 2 - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/Makefile b/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/Makefile deleted file mode 100644 index 352a559..0000000 --- a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -# Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1679071" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/POC b/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/POC deleted file mode 100644 index e449ac2..0000000 Binary files a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/POC and /dev/null differ diff --git a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/PURPOSE b/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/PURPOSE deleted file mode 100644 index dbdbfc3..0000000 --- a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -Author: Martin Cermak -Bug summary: elfutils: Out of bound write in elf_cvt_note in libelf/note_xlate.h [rhel-7] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679071 diff --git a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/main.fmf b/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/main.fmf deleted file mode 100644 index a8720df..0000000 --- a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -description: | - Bug summary: elfutils: Out of bound write in elf_cvt_note in libelf/note_xlate.h [rhel-7] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679071 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -extra-task: /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note diff --git a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/runtest.sh b/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/runtest.sh deleted file mode 100755 index 5b1c28e..0000000 --- a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/runtest.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -# Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - # Reproduced with elfutils-0.174-5.fc28.x86_64 - # This is expected to fail (1), but not to segfault (139). - rlRun "valgrind -q --error-exitcode=99 eu-elflint -d POC" 1 - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/Makefile b/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/Makefile deleted file mode 100644 index 6d2f4dc..0000000 --- a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom -# Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2 - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1679078" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/POC2 b/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/POC2 deleted file mode 100644 index 0776e61..0000000 Binary files a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/POC2 and /dev/null differ diff --git a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/PURPOSE b/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/PURPOSE deleted file mode 100644 index 7fc62cd..0000000 --- a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom -Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom -Author: Martin Cermak -Bug summary: elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c [rhel-7] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679078 diff --git a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/main.fmf b/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/main.fmf deleted file mode 100644 index 7883a64..0000000 --- a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom -description: | - Bug summary: elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c [rhel-7] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679078 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom -extra-task: /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom diff --git a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/Makefile b/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/Makefile deleted file mode 100644 index 47c2e7b..0000000 --- a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/Makefile +++ /dev/null @@ -1,63 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow -# Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw -# Author: Vaclav Kadlcik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2014 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE dwz-overflow.elf - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Vaclav Kadlcik " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 5m" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1139128" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/PURPOSE b/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/PURPOSE deleted file mode 100644 index 419b4a6..0000000 --- a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow -Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw -Author: Vaclav Kadlcik -Bug summary: elfutils: integer overflow, leading to a heap-based buffer overflow in libdw [rhel-6.6] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1139128 diff --git a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/dwz-overflow.elf b/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/dwz-overflow.elf deleted file mode 100644 index 98cdfb0..0000000 Binary files a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/dwz-overflow.elf and /dev/null differ diff --git a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/main.fmf b/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/main.fmf deleted file mode 100644 index a2e4032..0000000 --- a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: 'CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer - overflow in libdw' -description: | - Bug summary: elfutils: integer overflow, leading to a heap-based buffer overflow in libdw [rhel-6.6] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1139128 -contact: -- Vaclav Kadlcik -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -duration: 5m -extra-summary: /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow -extra-task: /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow diff --git a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/runtest.sh b/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/runtest.sh deleted file mode 100755 index 0f8e722..0000000 --- a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/runtest.sh +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow -# Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw -# Author: Vaclav Kadlcik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2014 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -# Reproducer by Florian Weimer -REPRODUCING_FILE=dwz-overflow.elf - -rlJournalStart - rlPhaseStartSetup - rlAssertRpm $PACKAGE - rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory" - rlRun "cp $REPRODUCING_FILE $TmpDir" 0 - rlRun "pushd $TmpDir" - rlPhaseEnd - - rlPhaseStartTest - # eu-readelf since 0.153 was vulnerable. - # The following crashed with "Segmentation fault" - # and exit value 139. - rlRun "eu-readelf -w $REPRODUCING_FILE" 0,1 'eu-readelf should not crash' - rlPhaseEnd - - rlPhaseStartCleanup - rlRun "popd" - rlRun "rm -r $TmpDir" 0 "Removing tmp directory" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd