diff --git a/.gitignore b/.gitignore index e99bda5..862ef94 100644 --- a/.gitignore +++ b/.gitignore @@ -26,3 +26,4 @@ /elfutils-0.183.tar.bz2 /elfutils-0.184.tar.bz2 /elfutils-0.185.tar.bz2 +/elfutils-0.186.tar.bz2 diff --git a/elfutils.spec b/elfutils.spec index 60d1b09..3dce6cc 100644 --- a/elfutils.spec +++ b/elfutils.spec @@ -1,5 +1,5 @@ Name: elfutils -Version: 0.185 +Version: 0.186 %global baserelease 1 Release: %{baserelease}%{?dist} URL: http://elfutils.org/ @@ -42,11 +42,11 @@ BuildRequires: pkgconfig(libarchive) >= 3.1.2 # For tests need to bunzip2 test files. BuildRequires: bzip2 BuildRequires: zstd -# For the run-debuginfod-find.sh test case in %%check for /usr/sbin/ss +# For the run-debuginfod-find.sh test case in %%check for /usr/sbin/ss etc. BuildRequires: iproute +BuildRequires: procps BuildRequires: bsdtar BuildRequires: curl -BuildRequires: procps BuildRequires: automake BuildRequires: autoconf @@ -228,9 +228,7 @@ The ELF/DWARF file searching functions in libdwfl can query such servers to download those files on demand. %prep -%setup -q - -# Apply patches +%autosetup -p1 autoreconf -f -v -i @@ -239,12 +237,8 @@ autoreconf -f -v -i find . -name \*.sh ! -perm -0100 -print | xargs chmod +x %build -# This package uses top level ASM constructs which are incompatible with LTO. -# Top level ASMs are often used to implement symbol versioning. gcc-10 -# introduces a new mechanism for symbol versioning which works with LTO. -# Converting packages to use that mechanism instead of toplevel ASMs is -# recommended. # Disable LTO +# See https://sourceware.org/pipermail/elfutils-devel/2021q4/004385.html %define _lto_cflags %{nil} # Remove -Wall from default flags. The makefiles enable enough warnings @@ -257,17 +251,21 @@ RPM_OPT_FLAGS="${RPM_OPT_FLAGS} -Wformat" trap 'cat config.log' EXIT -%configure CFLAGS="$RPM_OPT_FLAGS -fexceptions" --enable-debuginfod-urls=https://debuginfod.fedoraproject.org/ +%configure CFLAGS="$RPM_OPT_FLAGS -fexceptions" trap '' EXIT -%make_build -s +%make_build %install -%make_install -s +%make_install chmod +x ${RPM_BUILD_ROOT}%{_prefix}/%{_lib}/lib*.so* # We don't want the static libraries rm ${RPM_BUILD_ROOT}%{_prefix}/%{_lib}/lib{elf,dw,asm}.a +# We don't have standard DEBUGINFOD_URLS yet. +rm ${RPM_BUILD_ROOT}%{_sysconfdir}/profile.d/debuginfod.sh +rm ${RPM_BUILD_ROOT}%{_sysconfdir}/profile.d/debuginfod.csh + %find_lang %{name} %if %{provide_yama_scope} @@ -283,7 +281,7 @@ touch ${RPM_BUILD_ROOT}%{_localstatedir}/cache/debuginfod/debuginfod.sqlite # Record some build root versions in build.log uname -r; rpm -q binutils gcc glibc || true -%make_build -s check || (cat tests/test-suite.log; false) +%make_build check || (cat tests/test-suite.log; false) # Only the latest Fedora and EPEL have these scriptlets, # older Fedora and plain RHEL don't. @@ -375,7 +373,7 @@ fi %{_libdir}/libdebuginfod.so.* %{_bindir}/debuginfod-find %{_mandir}/man1/debuginfod-find.1* -%config(noreplace) %{_sysconfdir}/profile.d/* +%{_mandir}/man7/debuginfod*.7* %files debuginfod-client-devel %{_libdir}/pkgconfig/libdebuginfod.pc @@ -407,6 +405,33 @@ exit 0 %systemd_postun_with_restart debuginfod.service %changelog +* Thu Nov 25 2021 Mark Wielaard - 0.186-1 +- Upgrade to upstream 0.186 + - debuginfod-client: Default $DEBUGINFOD_URLS is computed from + drop-in files /etc/debuginfod/*.urls rather than + hardcoded into the /etc/profile.d/debuginfod* + scripts. + Add $DEBUGINFOD_MAXSIZE and $DEBUGINFOD_MAXTIME settings + for skipping large/slow transfers. + Add $DEBUGINFOD_RETRY for retrying aborted lookups. + - debuginfod: Supply extra HTTP response headers, describing + archive/file names that satisfy the requested buildid content. + Support -d :memory: option for in-memory databases. + Protect against loops in federated server configurations. + Add -r option to use -I/-X regexes for grooming stale files. + Protect against wasted CPU from duplicate concurrent requests. + Limit the duration of groom ops roughly to rescan (-t) times. + Add --passive mode for serving from read-only database. + Several other performance improvements & prometheus metrics. + - libdw: Support for the NVIDIA Cuda line map extensions. + DW_LNE_NVIDIA_inlined_call and DW_LNE_NVIDIA_set_function_name + are defined in dwarf.h. New functions dwarf_linecontext and + dwarf_linefunctionname. + - translations: Update Japanese translation. + +* Thu May 27 2021 Mark Wielaard - 0.185-2 +- Disable debuginfod client by default for f34. + * Wed May 26 2021 Mark Wielaard - 0.185-1 - Upgrade to upstream 0.185 - debuginfod-client: Simplify curl handle reuse so downloads which diff --git a/sources b/sources index b564fdb..9267009 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (elfutils-0.185.tar.bz2) = 34de0de1355b11740e036e0fc64f2fc063587c8eb121b19216ee5548d3f0f268d8fc3995176c47190466b9d881007cfa11a9d01e9a50e38af6119492bf8bb47f +SHA512 (elfutils-0.186.tar.bz2) = c9180b27ec62935f18b9431268d176f6023d1bb938731d2af6e7626ae460af6608a70ba68483aa1ec7e6cb0fa0528b661ca8b68bc4f58ea8e18af527c5950c78 diff --git a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/Makefile b/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/Makefile deleted file mode 100644 index 09a9e16..0000000 --- a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read -# Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE addr2line-buffer-over-flow1 - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1625260" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/PURPOSE b/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/PURPOSE deleted file mode 100644 index 3281134..0000000 --- a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read -Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read -Author: Martin Cermak -Bug summary: 2 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file [rhel-7] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625260 diff --git a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/addr2line-buffer-over-flow1 b/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/addr2line-buffer-over-flow1 deleted file mode 100644 index 8db05cc..0000000 Binary files a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/addr2line-buffer-over-flow1 and /dev/null differ diff --git a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/main.fmf b/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/main.fmf deleted file mode 100644 index 4d5ddab..0000000 --- a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2018-16062-elfutils-Heap-based-buffer-over-read -description: | - Bug summary: 2 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file [rhel-7] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625260 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read -extra-task: /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read diff --git a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/runtest.sh b/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/runtest.sh deleted file mode 100755 index fa3fc0c..0000000 --- a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/runtest.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read -# Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - # Reproduced with elfutils-0.172-2.el7.x86_64 valgrind-3.13.0-13.el7.x86_64 - rlRun "valgrind -q --error-exitcode=99 eu-addr2line -e addr2line-buffer-over-flow1 -- 500 50 10 -1000" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/Double-free-libelf b/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/Double-free-libelf deleted file mode 100644 index da7ce21..0000000 Binary files a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/Double-free-libelf and /dev/null differ diff --git a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/Makefile b/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/Makefile deleted file mode 100644 index 3829217..0000000 --- a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/Makefile +++ /dev/null @@ -1,65 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression -# Description: CVE-2018-16402-double-free-due-to-double-decompression -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE Double-free-libelf - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-16402-double-free-due-to-double-decompression" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: nothing" >> $(METADATA) - @echo "Requires: elfutils" >> $(METADATA) - @echo "Requires: valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1625052" >> $(METADATA) - @echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/PURPOSE b/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/PURPOSE deleted file mode 100644 index 2b1d552..0000000 --- a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression -Description: CVE-2018-16402-double-free-due-to-double-decompression -Author: Martin Cermak -Bug summary: 2 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash [rhel-8] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625052 diff --git a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/main.fmf b/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/main.fmf deleted file mode 100644 index f7be31f..0000000 --- a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2018-16402-double-free-due-to-double-decompression -description: | - Bug summary: 2 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash [rhel-8] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625052 -contact: -- Martin Cermak -component: -- nothing -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression -extra-task: /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression diff --git a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/runtest.sh b/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/runtest.sh deleted file mode 100755 index 96e322b..0000000 --- a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/runtest.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression -# Description: CVE-2018-16402-double-free-due-to-double-decompression -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - TMP=$(mktemp) - rlRun "valgrind -q eu-readelf -S ./Double-free-libelf |& tee $TMP" - rlRun "fgrep 'Invalid free()' $TMP" 1 - rlRun "fgrep 'Section Headers:' $TMP" - rm -f $TMP - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/Buffer-over-readelf b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/Buffer-over-readelf deleted file mode 100644 index 4b214cd..0000000 Binary files a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/Buffer-over-readelf and /dev/null differ diff --git a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/Makefile b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/Makefile deleted file mode 100644 index de1c93a..0000000 --- a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/Makefile +++ /dev/null @@ -1,65 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -# Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE Buffer-over-readelf bz1532205.supp - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: nothing" >> $(METADATA) - @echo "Requires: elfutils" >> $(METADATA) - @echo "Requires: valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: yes" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1625057" >> $(METADATA) - @echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/PURPOSE b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/PURPOSE deleted file mode 100644 index 10589cc..0000000 --- a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -Author: Martin Cermak -Bug summary: 3 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash [rhel-8] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625057 diff --git a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/bz1532205.supp b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/bz1532205.supp deleted file mode 100644 index 70f0f80..0000000 --- a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/bz1532205.supp +++ /dev/null @@ -1,25 +0,0 @@ -{ - - Memcheck:Cond - fun:_nl_explode_name -} -{ - - Memcheck:Cond - fun:_nl_make_l10nflist -} -{ - - Memcheck:Addr4 - fun:_nl_make_l10nflist -} -{ - - Memcheck:Addr4 - fun:new_composite_name -} -{ - - Memcheck:Cond - fun:_nl_explode_name -} diff --git a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/main.fmf b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/main.fmf deleted file mode 100644 index e934d57..0000000 --- a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -description: | - Bug summary: 3 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash [rhel-8] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625057 -contact: -- Martin Cermak -component: -- nothing -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -extra-task: /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c diff --git a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/runtest.sh b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/runtest.sh deleted file mode 100755 index ffd6160..0000000 --- a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/runtest.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -# Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - arch | grep -q ppc64le && VGSUPP='--suppressions=bz1532205.supp' || VGSUPP='' - TMP=$(mktemp) - rlRun "valgrind $VGSUPP -q eu-readelf --debug-dump=abbrev ./Buffer-over-readelf |& tee $TMP" - rlRun "fgrep 'Invalid read of size' $TMP" 1 - rlRun "fgrep 'Abbreviation section at offset' $TMP" - rm -f $TMP - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/Makefile b/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/Makefile deleted file mode 100644 index de96661..0000000 --- a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference -# Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC-stack - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1651567" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/POC-stack b/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/POC-stack deleted file mode 100644 index 2b486e8..0000000 Binary files a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/POC-stack and /dev/null differ diff --git a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/PURPOSE b/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/PURPOSE deleted file mode 100644 index 6688efc..0000000 --- a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference -Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference -Author: Martin Cermak -Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhdts-8] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651567 diff --git a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/main.fmf b/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/main.fmf deleted file mode 100644 index 6ab4075..0000000 --- a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/main.fmf +++ /dev/null @@ -1,15 +0,0 @@ -summary: CVE-2018-18310-elfutils-invalid-memory-address-dereference -description: | - Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhdts-8] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651567 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference -extra-task: /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference diff --git a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/runtest.sh b/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/runtest.sh deleted file mode 100755 index 09c885c..0000000 --- a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/runtest.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference -# Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - # Expect exitcode 2, unfixed package segfaults (139) - rlRun "eu-stack --core=POC-stack" 2 - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/Makefile b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/Makefile deleted file mode 100644 index 6a50f8a..0000000 --- a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference -# Description: CVE-2018-18310-invalid-memory-address-dereference -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC-stack bz1532205.supp - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-18310-invalid-memory-address-dereference" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: nothing" >> $(METADATA) - @echo "Requires: elfutils valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1642606" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -RHEL6" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/POC-stack b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/POC-stack deleted file mode 100644 index 2b486e8..0000000 Binary files a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/POC-stack and /dev/null differ diff --git a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/PURPOSE b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/PURPOSE deleted file mode 100644 index eb0721d..0000000 --- a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference -Description: CVE-2018-18310-invalid-memory-address-dereference -Author: Martin Cermak -Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhel-8] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1642606 diff --git a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/bz1532205.supp b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/bz1532205.supp deleted file mode 100644 index 70f0f80..0000000 --- a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/bz1532205.supp +++ /dev/null @@ -1,25 +0,0 @@ -{ - - Memcheck:Cond - fun:_nl_explode_name -} -{ - - Memcheck:Cond - fun:_nl_make_l10nflist -} -{ - - Memcheck:Addr4 - fun:_nl_make_l10nflist -} -{ - - Memcheck:Addr4 - fun:new_composite_name -} -{ - - Memcheck:Cond - fun:_nl_explode_name -} diff --git a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/main.fmf b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/main.fmf deleted file mode 100644 index 86d6871..0000000 --- a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2018-18310-invalid-memory-address-dereference -description: | - Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhel-8] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1642606 -contact: -- Martin Cermak -component: -- nothing -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference -extra-task: /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference diff --git a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/runtest.sh b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/runtest.sh deleted file mode 100755 index ba44f8d..0000000 --- a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/runtest.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference -# Description: CVE-2018-18310-invalid-memory-address-dereference -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - arch | grep -q ppc64le && VGSUPP='--suppressions=bz1532205.supp' || VGSUPP='' - TMP=$(mktemp) - rlRun "valgrind $VGSUPP -q eu-stack --core=./POC-stack |& tee $TMP" - rlRun "fgrep 'Invalid read of size' $TMP" 1 - rm -f $TMP - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/Makefile b/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/Makefile deleted file mode 100644 index 1728cdc..0000000 --- a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -# Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC1 - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1651200" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/POC1 b/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/POC1 deleted file mode 100644 index 1f6c719..0000000 Binary files a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/POC1 and /dev/null differ diff --git a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/PURPOSE b/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/PURPOSE deleted file mode 100644 index 3c71880..0000000 --- a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/PURPOSE +++ /dev/null @@ -1,3 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -Author: Martin Cermak diff --git a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/main.fmf b/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/main.fmf deleted file mode 100644 index 417d678..0000000 --- a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/main.fmf +++ /dev/null @@ -1,13 +0,0 @@ -summary: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -description: '' -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -extra-task: /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files diff --git a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/runtest.sh b/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/runtest.sh deleted file mode 100755 index b29cf5b..0000000 --- a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/runtest.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -# Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - rlRun "eu-size POC1" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/Makefile b/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/Makefile deleted file mode 100644 index 8375a2c..0000000 --- a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -# Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2 - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1646479" >> $(METADATA) - @echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/POC2 b/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/POC2 deleted file mode 100644 index 2221cf4..0000000 Binary files a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/POC2 and /dev/null differ diff --git a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/PURPOSE b/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/PURPOSE deleted file mode 100644 index 4bc7058..0000000 --- a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -Author: Martin Cermak -Bug summary: 0 elfutils: eu-size cannot handle recursive ar files [rhel-8] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646479 diff --git a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/main.fmf b/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/main.fmf deleted file mode 100644 index 65de371..0000000 --- a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -description: | - Bug summary: 0 elfutils: eu-size cannot handle recursive ar files [rhel-8] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646479 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -extra-task: /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files diff --git a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/runtest.sh b/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/runtest.sh deleted file mode 100755 index ff22f65..0000000 --- a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/runtest.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -# Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - TMP=$(mktemp) - rlRun "valgrind -q eu-size ./POC2 |& tee $TMP" - rlRun "fgrep 'Process terminating with default action of signal 11' $TMP" 1 - rm -f $TMP - rlRun "eu-size ./POC2" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2018-18521-divide-by-zero/Makefile b/tests/Security/CVE-2018-18521-divide-by-zero/Makefile deleted file mode 100644 index 0f5c03e..0000000 --- a/tests/Security/CVE-2018-18521-divide-by-zero/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero -# Description: CVE-2018-18521-divide-by-zero -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-18521-divide-by-zero -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2 - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-18521-divide-by-zero" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1646484" >> $(METADATA) - @echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-18521-divide-by-zero/POC2 b/tests/Security/CVE-2018-18521-divide-by-zero/POC2 deleted file mode 100644 index f4edc40..0000000 Binary files a/tests/Security/CVE-2018-18521-divide-by-zero/POC2 and /dev/null differ diff --git a/tests/Security/CVE-2018-18521-divide-by-zero/PURPOSE b/tests/Security/CVE-2018-18521-divide-by-zero/PURPOSE deleted file mode 100644 index 06fa1fb..0000000 --- a/tests/Security/CVE-2018-18521-divide-by-zero/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero -Description: CVE-2018-18521-divide-by-zero -Author: Martin Cermak -Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhel-8] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646484 diff --git a/tests/Security/CVE-2018-18521-divide-by-zero/main.fmf b/tests/Security/CVE-2018-18521-divide-by-zero/main.fmf deleted file mode 100644 index f288788..0000000 --- a/tests/Security/CVE-2018-18521-divide-by-zero/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2018-18521-divide-by-zero -description: | - Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhel-8] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646484 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-18521-divide-by-zero -extra-task: /tools/elfutils/Security/CVE-2018-18521-divide-by-zero diff --git a/tests/Security/CVE-2018-18521-divide-by-zero/runtest.sh b/tests/Security/CVE-2018-18521-divide-by-zero/runtest.sh deleted file mode 100755 index 4f83999..0000000 --- a/tests/Security/CVE-2018-18521-divide-by-zero/runtest.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero -# Description: CVE-2018-18521-divide-by-zero -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - # This doesn't reproduce on ppach64 and ppc64le. - TMP=$(mktemp) - rlRun "valgrind -q eu-ranlib ./POC2 |& tee $TMP" - rlRun "fgrep 'Process terminating with default action of signal 8' $TMP" 1 - rm -f $TMP - rlRun "eu-ranlib ./POC2" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/Makefile b/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/Makefile deleted file mode 100644 index 075bcd7..0000000 --- a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -# Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2 - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1651203" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/POC2 b/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/POC2 deleted file mode 100644 index f4edc40..0000000 Binary files a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/POC2 and /dev/null differ diff --git a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/PURPOSE b/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/PURPOSE deleted file mode 100644 index 2a100e2..0000000 --- a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -Author: Martin Cermak -Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhdts-8] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651203 diff --git a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/main.fmf b/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/main.fmf deleted file mode 100644 index 645e9a6..0000000 --- a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/main.fmf +++ /dev/null @@ -1,15 +0,0 @@ -summary: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -description: | - Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhdts-8] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651203 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -extra-task: /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c diff --git a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/runtest.sh b/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/runtest.sh deleted file mode 100755 index aa345b7..0000000 --- a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/runtest.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -# Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - rlRun "eu-ranlib POC2" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2019-7146/Makefile b/tests/Security/CVE-2019-7146/Makefile deleted file mode 100644 index 1dd17ca..0000000 --- a/tests/Security/CVE-2019-7146/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2019-7146 -# Description: CVE-2019-7146 -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2019-7146 -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE poc - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2019-7146" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils" >> $(METADATA) - @echo "Requires: valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2019-7146/PURPOSE b/tests/Security/CVE-2019-7146/PURPOSE deleted file mode 100644 index 0770c49..0000000 --- a/tests/Security/CVE-2019-7146/PURPOSE +++ /dev/null @@ -1,3 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2019-7146 -Description: CVE-2019-7146 -Author: Martin Cermak diff --git a/tests/Security/CVE-2019-7146/main.fmf b/tests/Security/CVE-2019-7146/main.fmf deleted file mode 100644 index d690650..0000000 --- a/tests/Security/CVE-2019-7146/main.fmf +++ /dev/null @@ -1,14 +0,0 @@ -summary: CVE-2019-7146 -description: '' -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2019-7146 -extra-task: /tools/elfutils/Security/CVE-2019-7146 diff --git a/tests/Security/CVE-2019-7146/poc b/tests/Security/CVE-2019-7146/poc deleted file mode 100644 index a27f86b..0000000 Binary files a/tests/Security/CVE-2019-7146/poc and /dev/null differ diff --git a/tests/Security/CVE-2019-7146/runtest.sh b/tests/Security/CVE-2019-7146/runtest.sh deleted file mode 100755 index fb8cd3f..0000000 --- a/tests/Security/CVE-2019-7146/runtest.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2019-7146 -# Description: CVE-2019-7146 -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - # https://svn.devel.redhat.com/repos/srtvulns/trunk/components/elfutils/CVE-2019-7146/ - # Expected Output - # An error instead of segfault. - rlRun "valgrind -q --error-exitcode=99 eu-readelf -a ./poc" 1 - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/Makefile b/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/Makefile deleted file mode 100644 index b022ffa..0000000 --- a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read -# Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC1 - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1680056" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/POC1 b/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/POC1 deleted file mode 100644 index 63698a3..0000000 Binary files a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/POC1 and /dev/null differ diff --git a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/PURPOSE b/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/PURPOSE deleted file mode 100644 index f09b1b4..0000000 --- a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read -Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read -Author: Martin Cermak -Bug summary: elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw [rhdts-8] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680056 diff --git a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/main.fmf b/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/main.fmf deleted file mode 100644 index b598856..0000000 --- a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2019-7149-elfutils-heap-based-buffer-over-read -description: | - Bug summary: elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw [rhdts-8] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680056 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read -extra-task: /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read diff --git a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/runtest.sh b/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/runtest.sh deleted file mode 100755 index bac258f..0000000 --- a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/runtest.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read -# Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - rlRun "which valgrind eu-nm" - # With RHEL I saw the invalid read of size 1 on aarch64 and ppc64le - # using devtoolset-7-elfutils-0.170-5.el7. I also saw it on x86_64 - # with base rhel elfutils-0.172-2.el7.x86_64. - # IOW - It doesn't reproduce "everywhere". - rlRun "valgrind -q --error-exitcode=99 eu-nm -C POC1" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/Makefile b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/Makefile deleted file mode 100644 index 99a9c61..0000000 --- a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -# Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2 - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1680046" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/POC1 b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/POC1 deleted file mode 100644 index abd8c65..0000000 Binary files a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/POC1 and /dev/null differ diff --git a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/POC2 b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/POC2 deleted file mode 100644 index 0c1a4d0..0000000 Binary files a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/POC2 and /dev/null differ diff --git a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/PURPOSE b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/PURPOSE deleted file mode 100644 index c26e276..0000000 --- a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -Author: Martin Cermak -Bug summary: elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c [rhel-7] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680046 diff --git a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/main.fmf b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/main.fmf deleted file mode 100644 index e2f01bc..0000000 --- a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -description: | - Bug summary: elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c [rhel-7] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680046 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -extra-task: /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom diff --git a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/runtest.sh b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/runtest.sh deleted file mode 100755 index 3151176..0000000 --- a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/runtest.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -# Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - # An error is expected (2), but a SEGV is not (139). - # Reproduced with elfutils-0.172-2.el7, verified with elfutils-0.176-1.el7 - rlRun "valgrind -q --error-exitcode=99 eu-stack --core=POC2" 2 - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/Makefile b/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/Makefile deleted file mode 100644 index 352a559..0000000 --- a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -# Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1679071" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/POC b/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/POC deleted file mode 100644 index e449ac2..0000000 Binary files a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/POC and /dev/null differ diff --git a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/PURPOSE b/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/PURPOSE deleted file mode 100644 index dbdbfc3..0000000 --- a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -Author: Martin Cermak -Bug summary: elfutils: Out of bound write in elf_cvt_note in libelf/note_xlate.h [rhel-7] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679071 diff --git a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/main.fmf b/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/main.fmf deleted file mode 100644 index a8720df..0000000 --- a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -description: | - Bug summary: elfutils: Out of bound write in elf_cvt_note in libelf/note_xlate.h [rhel-7] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679071 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -extra-task: /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note diff --git a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/runtest.sh b/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/runtest.sh deleted file mode 100755 index 5b1c28e..0000000 --- a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/runtest.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -# Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - # Reproduced with elfutils-0.174-5.fc28.x86_64 - # This is expected to fail (1), but not to segfault (139). - rlRun "valgrind -q --error-exitcode=99 eu-elflint -d POC" 1 - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/Makefile b/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/Makefile deleted file mode 100644 index 6d2f4dc..0000000 --- a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom -# Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2 - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Martin Cermak " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 48h" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils valgrind" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1679078" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/POC2 b/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/POC2 deleted file mode 100644 index 0776e61..0000000 Binary files a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/POC2 and /dev/null differ diff --git a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/PURPOSE b/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/PURPOSE deleted file mode 100644 index 7fc62cd..0000000 --- a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom -Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom -Author: Martin Cermak -Bug summary: elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c [rhel-7] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679078 diff --git a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/main.fmf b/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/main.fmf deleted file mode 100644 index 7883a64..0000000 --- a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom -description: | - Bug summary: elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c [rhel-7] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679078 -contact: -- Martin Cermak -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -- valgrind -duration: 48h -extra-summary: /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom -extra-task: /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom diff --git a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/runtest.sh b/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/runtest.sh deleted file mode 100755 index 06e697c..0000000 --- a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/runtest.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom -# Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom -# Author: Martin Cermak -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2019 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -rlJournalStart - rlPhaseStartTest - # We expect 1, but not 99 ... - # Reproduced with valgrind-3.13.0-13.el7 and elfutils-0.172-2.el7 - # Verified with valgrind-3.14.0-16.el7 and elfutils-0.176-1.el7 - rlRun "valgrind -q --error-exitcode=99 eu-readelf -a POC2" 1 - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/Makefile b/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/Makefile deleted file mode 100644 index 47c2e7b..0000000 --- a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/Makefile +++ /dev/null @@ -1,63 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow -# Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw -# Author: Vaclav Kadlcik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2014 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE dwz-overflow.elf - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Vaclav Kadlcik " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw" >> $(METADATA) - @echo "Type: Security" >> $(METADATA) - @echo "TestTime: 5m" >> $(METADATA) - @echo "RunFor: elfutils" >> $(METADATA) - @echo "Requires: elfutils" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Bug: 1139128" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/PURPOSE b/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/PURPOSE deleted file mode 100644 index 419b4a6..0000000 --- a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow -Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw -Author: Vaclav Kadlcik -Bug summary: elfutils: integer overflow, leading to a heap-based buffer overflow in libdw [rhel-6.6] -Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1139128 diff --git a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/dwz-overflow.elf b/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/dwz-overflow.elf deleted file mode 100644 index 98cdfb0..0000000 Binary files a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/dwz-overflow.elf and /dev/null differ diff --git a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/main.fmf b/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/main.fmf deleted file mode 100644 index a2e4032..0000000 --- a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/main.fmf +++ /dev/null @@ -1,16 +0,0 @@ -summary: 'CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer - overflow in libdw' -description: | - Bug summary: elfutils: integer overflow, leading to a heap-based buffer overflow in libdw [rhel-6.6] - Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1139128 -contact: -- Vaclav Kadlcik -component: -- elfutils -test: ./runtest.sh -framework: beakerlib -recommend: -- elfutils -duration: 5m -extra-summary: /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow -extra-task: /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow diff --git a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/runtest.sh b/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/runtest.sh deleted file mode 100755 index 0f8e722..0000000 --- a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/runtest.sh +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow -# Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw -# Author: Vaclav Kadlcik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2014 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="elfutils" - -# Reproducer by Florian Weimer -REPRODUCING_FILE=dwz-overflow.elf - -rlJournalStart - rlPhaseStartSetup - rlAssertRpm $PACKAGE - rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory" - rlRun "cp $REPRODUCING_FILE $TmpDir" 0 - rlRun "pushd $TmpDir" - rlPhaseEnd - - rlPhaseStartTest - # eu-readelf since 0.153 was vulnerable. - # The following crashed with "Segmentation fault" - # and exit value 139. - rlRun "eu-readelf -w $REPRODUCING_FILE" 0,1 'eu-readelf should not crash' - rlPhaseEnd - - rlPhaseStartCleanup - rlRun "popd" - rlRun "rm -r $TmpDir" 0 "Removing tmp directory" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd