elfutils/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/PURPOSE

PURPOSE of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
Author: Martin Cermak <mcermak@redhat.com>
Bug summary: 2 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file [rhel-7]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625260
Introduce CI gating setup for elfutils Set up CI gating. This will introduce new testcase called fedora-ci.koji-build.tier0.functional and will configure it as a mandatory CI gating testcase for elfutils fedora builds. The provided test coverage comes from RHEL. This commit "upstreams" it and makes it public. The test cases are executed by running ./runtest.sh. The main.fmf file keeps the testcase metadata. Makefiles and PURPOSE files are legacy and could be dropped. We keep them for backward compatibility though. The plans and .fmf folders contain configuration files needed for execution of provided testcases within the Fedora CI infrastructure. Rest of the provided files are reproducer or helper files. Provided tests use Flexible Metadata Format, as documented in https://fmf.readthedocs.io/ . plans/ci.fmf: Change how from beakerlib to tmt Removed tests that didn't run unprivileged with tmt run --all provision --how=local - tests/Regression/GNU-Property-notes-not-recognized Tries to install extra pacakger with yum. - tests/Regression/bz447416-segfaults Tries to do eu-stack -p 1 - tests/Regression/elfutils-default-yama-scope-scriptlet-failed Does not have permission to do: grep /var/log/anaconda/packaging.log - tests/Sanity/yama-scope su: user ptrace_scope_testuser does not exist or the user entry does not contain all the required fields - tests/testsuite yum-builddep -y /tmp/tmp.7gnbiIzrYg/SPECS/elfutils.spec - tests/Regression/rpmtests Tries to download and builddep src.rpm package from koji. Removed not enabled tests: - tests/Regression/bz652858-elfutils-prelink-stap-interaction - tests/Sanity/elfutils-debuginfod CVE reproducers are now public, so no longer confidential. Remove unused tests/Sanity/elfutils-debuginfod/typescript 2021-03-24 09:53:42 +00:00			`PURPOSE of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read`
			`Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read`
			`Author: Martin Cermak <mcermak@redhat.com>`
			`Bug summary: 2 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file [rhel-7]`
			`Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625260`