Compare commits
27 Commits
Author | SHA1 | Date |
---|---|---|
Martin Cermak | 66e41cec57 | |
Mark Wielaard | cb75800050 | |
Martin Cermak | ad7295b997 | |
Mark Wielaard | c468385a0e | |
Fedora Release Engineering | a1e6f5590c | |
Mark Wielaard | 0f93d8ded5 | |
Mark Wielaard | dae3515986 | |
Mark Wielaard | 8b711f9c71 | |
Mark Wielaard | 3d4d19222d | |
Amit Shah | 17c16efeeb | |
Debarshi Ray | 3e1f9c3f60 | |
Debarshi Ray | 21528c8512 | |
Amit Shah | 4f559f2740 | |
Fedora Release Engineering | 794d243754 | |
Mark Wielaard | 8675595d8f | |
Mark Wielaard | 0ccdef5280 | |
Mark Wielaard | 58242698fa | |
Mark Wielaard | 6a6ddccfb4 | |
Mark Wielaard | 5323c422e7 | |
Mark Wielaard | d00affffb1 | |
Mark Wielaard | c4a576eb45 | |
Mark Wielaard | 4a3ca6544c | |
Fedora Release Engineering | ebdf87f265 | |
Martin Cermak | bf0787573d | |
Martin Cermak | 47f425708e | |
Martin Cermak | 8a282727be | |
Mark Wielaard | fff536c2af |
|
@ -26,3 +26,7 @@
|
||||||
/elfutils-0.183.tar.bz2
|
/elfutils-0.183.tar.bz2
|
||||||
/elfutils-0.184.tar.bz2
|
/elfutils-0.184.tar.bz2
|
||||||
/elfutils-0.185.tar.bz2
|
/elfutils-0.185.tar.bz2
|
||||||
|
/elfutils-0.186.tar.bz2
|
||||||
|
/elfutils-0.187.tar.bz2
|
||||||
|
/elfutils-0.188.tar.bz2
|
||||||
|
/elfutils-0.189.tar.bz2
|
||||||
|
|
|
@ -1,125 +0,0 @@
|
||||||
commit 9aee0992d6e6ec4cce2c015d8da4b61022c6f6dd
|
|
||||||
Author: Mark Wielaard <mark@klomp.org>
|
|
||||||
Date: Wed Aug 4 21:01:27 2021 +0200
|
|
||||||
|
|
||||||
tests: Allow an extra pthread_kill frame in backtrace tests
|
|
||||||
|
|
||||||
glibc 2.34 calls pthread_kill from the raise function. Before raise
|
|
||||||
directly called the (tg)kill syscall. So allow pthread_kill to be the
|
|
||||||
first frame in a backtrace where raise is expected. Also change some
|
|
||||||
asserts to fprintf plus abort to make it more clear why the testcase
|
|
||||||
fails.
|
|
||||||
|
|
||||||
https://sourceware.org/bugzilla/show_bug.cgi?id=28190
|
|
||||||
|
|
||||||
Signed-off-by: Mark Wielaard <mark@klomp.org>
|
|
||||||
|
|
||||||
diff --git a/tests/backtrace.c b/tests/backtrace.c
|
|
||||||
index 36c8b8c4..afc12fb9 100644
|
|
||||||
--- a/tests/backtrace.c
|
|
||||||
+++ b/tests/backtrace.c
|
|
||||||
@@ -97,6 +97,9 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc,
|
|
||||||
static bool reduce_frameno = false;
|
|
||||||
if (reduce_frameno)
|
|
||||||
frameno--;
|
|
||||||
+ static bool pthread_kill_seen = false;
|
|
||||||
+ if (pthread_kill_seen)
|
|
||||||
+ frameno--;
|
|
||||||
if (! use_raise_jmp_patching && frameno >= 2)
|
|
||||||
frameno += 2;
|
|
||||||
const char *symname2 = NULL;
|
|
||||||
@@ -107,11 +110,26 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc,
|
|
||||||
&& (strcmp (symname, "__kernel_vsyscall") == 0
|
|
||||||
|| strcmp (symname, "__libc_do_syscall") == 0))
|
|
||||||
reduce_frameno = true;
|
|
||||||
+ else if (! pthread_kill_seen && symname
|
|
||||||
+ && strstr (symname, "pthread_kill") != NULL)
|
|
||||||
+ pthread_kill_seen = true;
|
|
||||||
else
|
|
||||||
- assert (symname && strcmp (symname, "raise") == 0);
|
|
||||||
+ {
|
|
||||||
+ if (!symname || strcmp (symname, "raise") != 0)
|
|
||||||
+ {
|
|
||||||
+ fprintf (stderr,
|
|
||||||
+ "case 0: expected symname 'raise' got '%s'\n", symname);
|
|
||||||
+ abort ();
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
break;
|
|
||||||
case 1:
|
|
||||||
- assert (symname != NULL && strcmp (symname, "sigusr2") == 0);
|
|
||||||
+ if (symname == NULL || strcmp (symname, "sigusr2") != 0)
|
|
||||||
+ {
|
|
||||||
+ fprintf (stderr,
|
|
||||||
+ "case 1: expected symname 'sigusr2' got '%s'\n", symname);
|
|
||||||
+ abort ();
|
|
||||||
+ }
|
|
||||||
break;
|
|
||||||
case 2: // x86_64 only
|
|
||||||
/* __restore_rt - glibc maybe does not have to have this symbol. */
|
|
||||||
@@ -120,11 +138,21 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc,
|
|
||||||
if (use_raise_jmp_patching)
|
|
||||||
{
|
|
||||||
/* Verify we trapped on the very first instruction of jmp. */
|
|
||||||
- assert (symname != NULL && strcmp (symname, "jmp") == 0);
|
|
||||||
+ if (symname == NULL || strcmp (symname, "jmp") != 0)
|
|
||||||
+ {
|
|
||||||
+ fprintf (stderr,
|
|
||||||
+ "case 3: expected symname 'raise' got '%s'\n", symname);
|
|
||||||
+ abort ();
|
|
||||||
+ }
|
|
||||||
mod = dwfl_addrmodule (dwfl, pc - 1);
|
|
||||||
if (mod)
|
|
||||||
symname2 = dwfl_module_addrname (mod, pc - 1);
|
|
||||||
- assert (symname2 == NULL || strcmp (symname2, "jmp") != 0);
|
|
||||||
+ if (symname2 == NULL || strcmp (symname2, "jmp") != 0)
|
|
||||||
+ {
|
|
||||||
+ fprintf (stderr,
|
|
||||||
+ "case 3: expected symname2 'jmp' got '%s'\n", symname2);
|
|
||||||
+ abort ();
|
|
||||||
+ }
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
FALLTHROUGH;
|
|
||||||
@@ -137,11 +165,22 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc,
|
|
||||||
duplicate_sigusr2 = true;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
- assert (symname != NULL && strcmp (symname, "stdarg") == 0);
|
|
||||||
+ if (symname == NULL || strcmp (symname, "stdarg") != 0)
|
|
||||||
+ {
|
|
||||||
+ fprintf (stderr,
|
|
||||||
+ "case 4: expected symname 'stdarg' got '%s'\n", symname);
|
|
||||||
+ abort ();
|
|
||||||
+ }
|
|
||||||
break;
|
|
||||||
case 5:
|
|
||||||
/* Verify we trapped on the very last instruction of child. */
|
|
||||||
- assert (symname != NULL && strcmp (symname, "backtracegen") == 0);
|
|
||||||
+ if (symname == NULL || strcmp (symname, "backtracegen") != 0)
|
|
||||||
+ {
|
|
||||||
+ fprintf (stderr,
|
|
||||||
+ "case 5: expected symname 'backtracegen' got '%s'\n",
|
|
||||||
+ symname);
|
|
||||||
+ abort ();
|
|
||||||
+ }
|
|
||||||
mod = dwfl_addrmodule (dwfl, pc);
|
|
||||||
if (mod)
|
|
||||||
symname2 = dwfl_module_addrname (mod, pc);
|
|
||||||
@@ -151,7 +190,15 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc,
|
|
||||||
// instructions or even inserts some padding instructions at the end
|
|
||||||
// (which apparently happens on ppc64).
|
|
||||||
if (use_raise_jmp_patching)
|
|
||||||
- assert (symname2 == NULL || strcmp (symname2, "backtracegen") != 0);
|
|
||||||
+ {
|
|
||||||
+ if (symname2 != NULL && strcmp (symname2, "backtracegen") == 0)
|
|
||||||
+ {
|
|
||||||
+ fprintf (stderr,
|
|
||||||
+ "use_raise_jmp_patching didn't expect symname2 "
|
|
||||||
+ "'backtracegen'\n");
|
|
||||||
+ abort ();
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -0,0 +1,35 @@
|
||||||
|
diff --git a/libelf/gelf_getnote.c b/libelf/gelf_getnote.c
|
||||||
|
index 0f7b9d68..6ef970c5 100644
|
||||||
|
--- a/libelf/gelf_getnote.c
|
||||||
|
+++ b/libelf/gelf_getnote.c
|
||||||
|
@@ -31,6 +31,7 @@
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#include <assert.h>
|
||||||
|
+#include <byteswap.h>
|
||||||
|
#include <gelf.h>
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
|
@@ -73,6 +74,22 @@ gelf_getnote (Elf_Data *data, size_t offset, GElf_Nhdr *result,
|
||||||
|
offset = 0;
|
||||||
|
else
|
||||||
|
{
|
||||||
|
+ /* Workaround FDO package notes on big-endian systems,
|
||||||
|
+ getting namesz and descsz wrong. Detect it by getting
|
||||||
|
+ a bad namesz, descsz and byte swapped n_type for
|
||||||
|
+ NT_FDO_PACKAGING_METADATA. */
|
||||||
|
+ if (unlikely (n->n_type == bswap_32 (NT_FDO_PACKAGING_METADATA)
|
||||||
|
+ && n->n_namesz > data->d_size
|
||||||
|
+ && n->n_descsz > data->d_size))
|
||||||
|
+ {
|
||||||
|
+ /* n might not be writable, use result and redirect n. */
|
||||||
|
+ *result = *n;
|
||||||
|
+ result->n_type = bswap_32 (n->n_type);
|
||||||
|
+ result->n_namesz = bswap_32 (n->n_namesz);
|
||||||
|
+ result->n_descsz = bswap_32 (n->n_descsz);
|
||||||
|
+ n = result;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
/* This is slightly tricky, offset is guaranteed to be 4
|
||||||
|
byte aligned, which is what we need for the name_offset.
|
||||||
|
And normally desc_offset is also 4 byte aligned, but not
|
|
@ -0,0 +1 @@
|
||||||
|
u debuginfod - "elfutils debuginfo server" /var/cache/debuginfod -
|
180
elfutils.spec
180
elfutils.spec
|
@ -1,11 +1,12 @@
|
||||||
Name: elfutils
|
Name: elfutils
|
||||||
Version: 0.185
|
Version: 0.189
|
||||||
%global baserelease 5
|
%global baserelease 1
|
||||||
Release: %{baserelease}%{?dist}
|
Release: %{baserelease}%{?dist}
|
||||||
URL: http://elfutils.org/
|
URL: http://elfutils.org/
|
||||||
%global source_url ftp://sourceware.org/pub/elfutils/%{version}/
|
%global source_url ftp://sourceware.org/pub/elfutils/%{version}/
|
||||||
License: GPLv3+ and (GPLv2+ or LGPLv3+) and GFDL
|
License: GPLv3+ and (GPLv2+ or LGPLv3+) and GFDL
|
||||||
Source: %{?source_url}%{name}-%{version}.tar.bz2
|
Source: %{?source_url}%{name}-%{version}.tar.bz2
|
||||||
|
Source1: elfutils-debuginfod.sysusers
|
||||||
Summary: A collection of utilities and DSOs to handle ELF files and DWARF data
|
Summary: A collection of utilities and DSOs to handle ELF files and DWARF data
|
||||||
|
|
||||||
# Needed for isa specific Provides and Requires.
|
# Needed for isa specific Provides and Requires.
|
||||||
|
@ -42,11 +43,13 @@ BuildRequires: pkgconfig(libarchive) >= 3.1.2
|
||||||
# For tests need to bunzip2 test files.
|
# For tests need to bunzip2 test files.
|
||||||
BuildRequires: bzip2
|
BuildRequires: bzip2
|
||||||
BuildRequires: zstd
|
BuildRequires: zstd
|
||||||
# For the run-debuginfod-find.sh test case in %%check for /usr/sbin/ss
|
# For the run-debuginfod-find.sh test case in %%check for /usr/sbin/ss etc.
|
||||||
BuildRequires: iproute
|
BuildRequires: iproute
|
||||||
|
BuildRequires: procps
|
||||||
BuildRequires: bsdtar
|
BuildRequires: bsdtar
|
||||||
BuildRequires: curl
|
BuildRequires: curl
|
||||||
BuildRequires: procps
|
# For run-debuginfod-response-headers.sh test case
|
||||||
|
BuildRequires: socat
|
||||||
|
|
||||||
BuildRequires: automake
|
BuildRequires: automake
|
||||||
BuildRequires: autoconf
|
BuildRequires: autoconf
|
||||||
|
@ -55,14 +58,22 @@ BuildRequires: gettext-devel
|
||||||
%global _gnu %{nil}
|
%global _gnu %{nil}
|
||||||
%global _program_prefix eu-
|
%global _program_prefix eu-
|
||||||
|
|
||||||
%global provide_yama_scope 0
|
%global provide_yama_scope 0
|
||||||
|
|
||||||
%if 0%{?fedora} >= 22 || 0%{?rhel} >= 7
|
%if 0%{?fedora} >= 22 || 0%{?rhel} >= 7
|
||||||
%global provide_yama_scope 1
|
%global provide_yama_scope 1
|
||||||
|
%endif
|
||||||
|
|
||||||
|
%global with_sysusers 0
|
||||||
|
|
||||||
|
%if 0%{?fedora} >= 32 || 0%{?rhel} >= 9
|
||||||
|
%global with_sysusers 1
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
# Patches
|
# Patches
|
||||||
Patch1: elfutils-0.185-raise-pthread_kill-backtrace.patch
|
|
||||||
|
# For s390x... FDO package notes are bogus.
|
||||||
|
Patch1: elfutils-0.186-fdo-swap.patch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Elfutils is a collection of utilities, including stack (to show
|
Elfutils is a collection of utilities, including stack (to show
|
||||||
|
@ -187,6 +198,9 @@ License: GPLv3+ and (GPLv2+ or LGPLv3+)
|
||||||
%if 0%{!?_isa:1}
|
%if 0%{!?_isa:1}
|
||||||
Provides: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release}
|
Provides: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release}
|
||||||
%endif
|
%endif
|
||||||
|
# For debuginfod-find binary
|
||||||
|
Requires: elfutils-libs%{depsuffix} = %{version}-%{release}
|
||||||
|
Requires: elfutils-libelf%{depsuffix} = %{version}-%{release}
|
||||||
|
|
||||||
%package debuginfod-client-devel
|
%package debuginfod-client-devel
|
||||||
Summary: Libraries and headers to build debuginfod client applications
|
Summary: Libraries and headers to build debuginfod client applications
|
||||||
|
@ -203,11 +217,18 @@ Requires: elfutils-libs%{depsuffix} = %{version}-%{release}
|
||||||
Requires: elfutils-libelf%{depsuffix} = %{version}-%{release}
|
Requires: elfutils-libelf%{depsuffix} = %{version}-%{release}
|
||||||
Requires: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release}
|
Requires: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release}
|
||||||
BuildRequires: systemd
|
BuildRequires: systemd
|
||||||
|
%if %{with_sysusers}
|
||||||
|
BuildRequires: systemd-rpm-macros
|
||||||
|
%endif
|
||||||
BuildRequires: make
|
BuildRequires: make
|
||||||
Requires(post): systemd
|
Requires(post): systemd
|
||||||
Requires(preun): systemd
|
Requires(preun): systemd
|
||||||
Requires(postun): systemd
|
Requires(postun): systemd
|
||||||
|
%if %{with_sysusers}
|
||||||
|
%{?sysusers_requires_compat}
|
||||||
|
%else
|
||||||
Requires(pre): shadow-utils
|
Requires(pre): shadow-utils
|
||||||
|
%endif
|
||||||
# To extract .deb files with a bsdtar (= libarchive) subshell
|
# To extract .deb files with a bsdtar (= libarchive) subshell
|
||||||
Requires: bsdtar
|
Requires: bsdtar
|
||||||
|
|
||||||
|
@ -238,14 +259,6 @@ autoreconf -f -v -i
|
||||||
find . -name \*.sh ! -perm -0100 -print | xargs chmod +x
|
find . -name \*.sh ! -perm -0100 -print | xargs chmod +x
|
||||||
|
|
||||||
%build
|
%build
|
||||||
# This package uses top level ASM constructs which are incompatible with LTO.
|
|
||||||
# Top level ASMs are often used to implement symbol versioning. gcc-10
|
|
||||||
# introduces a new mechanism for symbol versioning which works with LTO.
|
|
||||||
# Converting packages to use that mechanism instead of toplevel ASMs is
|
|
||||||
# recommended.
|
|
||||||
# Disable LTO
|
|
||||||
%define _lto_cflags %{nil}
|
|
||||||
|
|
||||||
# Remove -Wall from default flags. The makefiles enable enough warnings
|
# Remove -Wall from default flags. The makefiles enable enough warnings
|
||||||
# themselves, and they use -Werror. Appending -Wall defeats the cases where
|
# themselves, and they use -Werror. Appending -Wall defeats the cases where
|
||||||
# the makefiles disable some specific warnings for specific code.
|
# the makefiles disable some specific warnings for specific code.
|
||||||
|
@ -256,7 +269,14 @@ RPM_OPT_FLAGS="${RPM_OPT_FLAGS} -Wformat"
|
||||||
|
|
||||||
|
|
||||||
trap 'cat config.log' EXIT
|
trap 'cat config.log' EXIT
|
||||||
%configure CFLAGS="$RPM_OPT_FLAGS" --enable-debuginfod-urls=https://debuginfod.fedoraproject.org/
|
# dist_debuginfod_url is defined in macros.dist. Fedora and CentOS have
|
||||||
|
# URLs pointing to their respective servers. RHEL and Amazon Linux do
|
||||||
|
# not configure a default server.
|
||||||
|
%if "%{?dist_debuginfod_url}"
|
||||||
|
%configure CFLAGS="$RPM_OPT_FLAGS" --enable-debuginfod-urls=%{dist_debuginfod_url}
|
||||||
|
%else
|
||||||
|
%configure CFLAGS="$RPM_OPT_FLAGS"
|
||||||
|
%endif
|
||||||
trap '' EXIT
|
trap '' EXIT
|
||||||
%make_build
|
%make_build
|
||||||
|
|
||||||
|
@ -278,14 +298,15 @@ install -Dm0644 config/debuginfod.sysconfig ${RPM_BUILD_ROOT}%{_sysconfdir}/sysc
|
||||||
mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/cache/debuginfod
|
mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/cache/debuginfod
|
||||||
touch ${RPM_BUILD_ROOT}%{_localstatedir}/cache/debuginfod/debuginfod.sqlite
|
touch ${RPM_BUILD_ROOT}%{_localstatedir}/cache/debuginfod/debuginfod.sqlite
|
||||||
|
|
||||||
|
%if %{with_sysusers}
|
||||||
|
install -Dm0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/elfutils-debuginfod.conf
|
||||||
|
%endif
|
||||||
|
|
||||||
%check
|
%check
|
||||||
# Record some build root versions in build.log
|
# Record some build root versions in build.log
|
||||||
uname -r; rpm -q binutils gcc glibc || true
|
uname -r; rpm -q binutils gcc glibc || true
|
||||||
|
|
||||||
# FIXME for 0.186
|
%make_build check || (cat tests/test-suite.log; false)
|
||||||
# run-debuginfod-find.sh is a bad test
|
|
||||||
# %%make_build check || (cat tests/test-suite.log; false)
|
|
||||||
%make_build check || (cat tests/test-suite.log; true)
|
|
||||||
|
|
||||||
# Only the latest Fedora and EPEL have these scriptlets,
|
# Only the latest Fedora and EPEL have these scriptlets,
|
||||||
# older Fedora and plain RHEL don't.
|
# older Fedora and plain RHEL don't.
|
||||||
|
@ -377,7 +398,11 @@ fi
|
||||||
%{_libdir}/libdebuginfod.so.*
|
%{_libdir}/libdebuginfod.so.*
|
||||||
%{_bindir}/debuginfod-find
|
%{_bindir}/debuginfod-find
|
||||||
%{_mandir}/man1/debuginfod-find.1*
|
%{_mandir}/man1/debuginfod-find.1*
|
||||||
|
%{_mandir}/man7/debuginfod*.7*
|
||||||
%config(noreplace) %{_sysconfdir}/profile.d/*
|
%config(noreplace) %{_sysconfdir}/profile.d/*
|
||||||
|
%if "%{?dist_debuginfod_url}"
|
||||||
|
%config(noreplace) %{_sysconfdir}/debuginfod/*
|
||||||
|
%endif
|
||||||
|
|
||||||
%files debuginfod-client-devel
|
%files debuginfod-client-devel
|
||||||
%{_libdir}/pkgconfig/libdebuginfod.pc
|
%{_libdir}/pkgconfig/libdebuginfod.pc
|
||||||
|
@ -389,18 +414,26 @@ fi
|
||||||
%{_bindir}/debuginfod
|
%{_bindir}/debuginfod
|
||||||
%config(noreplace) %{_sysconfdir}/sysconfig/debuginfod
|
%config(noreplace) %{_sysconfdir}/sysconfig/debuginfod
|
||||||
%{_unitdir}/debuginfod.service
|
%{_unitdir}/debuginfod.service
|
||||||
%{_sysconfdir}/sysconfig/debuginfod
|
%if %{with_sysusers}
|
||||||
%{_mandir}/man8/debuginfod.8*
|
%{_sysusersdir}/elfutils-debuginfod.conf
|
||||||
|
%endif
|
||||||
|
%{_mandir}/man8/debuginfod*.8*
|
||||||
|
%{_mandir}/man7/debuginfod*.7*
|
||||||
|
|
||||||
|
|
||||||
%dir %attr(0700,debuginfod,debuginfod) %{_localstatedir}/cache/debuginfod
|
%dir %attr(0700,debuginfod,debuginfod) %{_localstatedir}/cache/debuginfod
|
||||||
%ghost %attr(0600,debuginfod,debuginfod) %{_localstatedir}/cache/debuginfod/debuginfod.sqlite
|
%ghost %attr(0600,debuginfod,debuginfod) %{_localstatedir}/cache/debuginfod/debuginfod.sqlite
|
||||||
|
|
||||||
%pre debuginfod
|
%pre debuginfod
|
||||||
|
%if %{with_sysusers}
|
||||||
|
%sysusers_create_compat %{SOURCE1}
|
||||||
|
%else
|
||||||
getent group debuginfod >/dev/null || groupadd -r debuginfod
|
getent group debuginfod >/dev/null || groupadd -r debuginfod
|
||||||
getent passwd debuginfod >/dev/null || \
|
getent passwd debuginfod >/dev/null || \
|
||||||
useradd -r -g debuginfod -d /var/cache/debuginfod -s /sbin/nologin \
|
useradd -r -g debuginfod -d /var/cache/debuginfod -s /sbin/nologin \
|
||||||
-c "elfutils debuginfo server" debuginfod
|
-c "elfutils debuginfo server" debuginfod
|
||||||
exit 0
|
exit 0
|
||||||
|
%endif
|
||||||
|
|
||||||
%post debuginfod
|
%post debuginfod
|
||||||
%systemd_post debuginfod.service
|
%systemd_post debuginfod.service
|
||||||
|
@ -409,6 +442,109 @@ exit 0
|
||||||
%systemd_postun_with_restart debuginfod.service
|
%systemd_postun_with_restart debuginfod.service
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Mar 3 2023 Mark Wielaard <mjw@fedoraproject.org> - 0.189-1
|
||||||
|
- Upgrade to upsteam elfutils 0.189.
|
||||||
|
|
||||||
|
* Fri Jan 27 2023 Mark Wielaard <mjw@fedoraproject.org> - 0.188-5
|
||||||
|
- Add elfutils-0.188-deprecated-CURLINFO.patch,
|
||||||
|
elfutils-0.188-CURL_AT_LEAST_VERSION.patch and
|
||||||
|
elfutils-0.188-CURLOPT_PROTOCOLS_STR.patch
|
||||||
|
|
||||||
|
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.188-4
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
|
||||||
|
|
||||||
|
* Mon Nov 7 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.188-3
|
||||||
|
- Add elfutils-0.188-compile-warnings.patch
|
||||||
|
- Add elfutils-0.188-debuginfod-client-lifetime.patch
|
||||||
|
|
||||||
|
* Wed Nov 2 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.188-2
|
||||||
|
- Add elfutils-0.188-static-extract_section.patch.
|
||||||
|
|
||||||
|
* Wed Nov 2 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.188-1
|
||||||
|
- Upgrade to upsteam elfutils 0.188.
|
||||||
|
|
||||||
|
* Wed Oct 5 2022 Amit Shah <amitshah@fedoraproject.org> - 0.187-9
|
||||||
|
- Auto-configure debuginfod_url based on macros.dist
|
||||||
|
|
||||||
|
* Wed Aug 24 2022 Debarshi Ray <rishi@fedoraproject.org> - 0.187-8
|
||||||
|
- Use %%sysusers_requires_compat to match %%sysusers_create_compat
|
||||||
|
|
||||||
|
* Wed Jul 27 2022 Amit Shah <amitshah@fedoraproject.org> - 0.187-7
|
||||||
|
- Allow building without default debuginfod URL
|
||||||
|
|
||||||
|
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.187-6
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
|
||||||
|
|
||||||
|
* Tue Jun 14 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.187-5
|
||||||
|
- Add sysuser support for creating the debuginfod user
|
||||||
|
|
||||||
|
* Fri May 6 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.187-4
|
||||||
|
- Add elfutils-0.187-mhd_no_dual_stack.patch
|
||||||
|
- Add elfutils-0.187-mhd_epoll.patch
|
||||||
|
|
||||||
|
* Thu May 5 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.187-3
|
||||||
|
- Add elfutils-0.187-debuginfod-client-fd-leak.patch
|
||||||
|
|
||||||
|
* Tue May 3 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.187-2
|
||||||
|
- Add elfutils-0.187-csh-profile.patch
|
||||||
|
|
||||||
|
* Tue Apr 26 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.187-1
|
||||||
|
- Upgrade to elfutils 0.187
|
||||||
|
- debuginfod: Support -C option for connection thread pooling.
|
||||||
|
- debuginfod-client: Negative cache file are now zero sized instead
|
||||||
|
of no-permission files.
|
||||||
|
- addr2line: The -A, --absolute option, which shows file names
|
||||||
|
includingthe full compilation directory is now the
|
||||||
|
default. To get theold behavior use the new option --relative.
|
||||||
|
- readelf, elflint: Recognize FDO Packaging Metadata ELF notes
|
||||||
|
- libdw, debuginfo-client: Load libcurl lazily only when files need
|
||||||
|
to be fetched remotely. libcurl is now never loaded when
|
||||||
|
DEBUGINFOD_URLS is unset. And whenDEBUGINFOD_URLS is set,
|
||||||
|
libcurl is only loaded when the debuginfod_begin function is
|
||||||
|
called.
|
||||||
|
|
||||||
|
* Tue Apr 12 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.186-5
|
||||||
|
- Add an explicit versioned requires from elfutils-debuginfod-client
|
||||||
|
on elfutils-libelf.
|
||||||
|
|
||||||
|
* Thu Apr 7 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.186-4
|
||||||
|
- Add an explicit versioned requires from elfutils-debuginfod-client
|
||||||
|
on elfutils-libs.
|
||||||
|
|
||||||
|
* Fri Mar 25 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.186-3
|
||||||
|
- Add elfutils-0.186-elf-glibc.patch
|
||||||
|
- Add elfutils-0.186-fdo-ebl.patch
|
||||||
|
- Add elfutils-0.186-fdo-efllint.patch
|
||||||
|
- Add elfutils-0.186-fdo-swap.patch
|
||||||
|
- Add elfutils-0.186-ppc64le-error-return-workaround.patch
|
||||||
|
|
||||||
|
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.186-2
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Nov 10 2021 Mark Wielaard <mjw@fedoraproject.org> - 0.186-1
|
||||||
|
- Upgrade to upstream 0.186
|
||||||
|
- debuginfod-client: Default $DEBUGINFOD_URLS is computed from
|
||||||
|
drop-in files /etc/debuginfod/*.urls rather than
|
||||||
|
hardcoded into the /etc/profile.d/debuginfod*
|
||||||
|
scripts.
|
||||||
|
Add $DEBUGINFOD_MAXSIZE and $DEBUGINFOD_MAXTIME settings
|
||||||
|
for skipping large/slow transfers.
|
||||||
|
Add $DEBUGINFOD_RETRY for retrying aborted lookups.
|
||||||
|
- debuginfod: Supply extra HTTP response headers, describing
|
||||||
|
archive/file names that satisfy the requested buildid content.
|
||||||
|
Support -d :memory: option for in-memory databases.
|
||||||
|
Protect against loops in federated server configurations.
|
||||||
|
Add -r option to use -I/-X regexes for grooming stale files.
|
||||||
|
Protect against wasted CPU from duplicate concurrent requests.
|
||||||
|
Limit the duration of groom ops roughly to rescan (-t) times.
|
||||||
|
Add --passive mode for serving from read-only database.
|
||||||
|
Several other performance improvements & prometheus metrics.
|
||||||
|
- libdw: Support for the NVIDIA Cuda line map extensions.
|
||||||
|
DW_LNE_NVIDIA_inlined_call and DW_LNE_NVIDIA_set_function_name
|
||||||
|
are defined in dwarf.h. New functions dwarf_linecontext and
|
||||||
|
dwarf_linefunctionname.
|
||||||
|
- translations: Update Japanese translation.
|
||||||
|
|
||||||
* Thu Aug 5 2021 Mark Wielaard <mjw@fedoraproject.org> - 0.185-5
|
* Thu Aug 5 2021 Mark Wielaard <mjw@fedoraproject.org> - 0.185-5
|
||||||
- Use autosetup
|
- Use autosetup
|
||||||
- Add elfutils-0.185-raise-pthread_kill-backtrace.patch
|
- Add elfutils-0.185-raise-pthread_kill-backtrace.patch
|
||||||
|
|
|
@ -5,6 +5,7 @@ decision_context: bodhi_update_push_stable
|
||||||
subject_type: koji_build
|
subject_type: koji_build
|
||||||
rules:
|
rules:
|
||||||
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
|
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
|
||||||
|
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.rpminspect.static-analysis}
|
||||||
--- !Policy
|
--- !Policy
|
||||||
product_versions:
|
product_versions:
|
||||||
- rhel-9
|
- rhel-9
|
||||||
|
|
2
sources
2
sources
|
@ -1 +1 @@
|
||||||
SHA512 (elfutils-0.185.tar.bz2) = 34de0de1355b11740e036e0fc64f2fc063587c8eb121b19216ee5548d3f0f268d8fc3995176c47190466b9d881007cfa11a9d01e9a50e38af6119492bf8bb47f
|
SHA512 (elfutils-0.189.tar.bz2) = 93a877e34db93e5498581d0ab2d702b08c0d87e4cafd9cec9d6636dfa85a168095c305c11583a5b0fb79374dd93bc8d0e9ce6016e6c172764bcea12861605b71
|
||||||
|
|
|
@ -54,7 +54,7 @@ $(METADATA): Makefile
|
||||||
@echo "TestTime: 48h" >> $(METADATA)
|
@echo "TestTime: 48h" >> $(METADATA)
|
||||||
@echo "RunFor: elfutils" >> $(METADATA)
|
@echo "RunFor: elfutils" >> $(METADATA)
|
||||||
@echo "Requires: elfutils" >> $(METADATA)
|
@echo "Requires: elfutils" >> $(METADATA)
|
||||||
@echo "Requires: bash" >> $(METADATA)
|
@echo "Requires: bash bash-debuginfo" >> $(METADATA)
|
||||||
@echo "Priority: Normal" >> $(METADATA)
|
@echo "Priority: Normal" >> $(METADATA)
|
||||||
@echo "License: GPLv2+" >> $(METADATA)
|
@echo "License: GPLv2+" >> $(METADATA)
|
||||||
@echo "Confidential: no" >> $(METADATA)
|
@echo "Confidential: no" >> $(METADATA)
|
||||||
|
|
|
@ -2,15 +2,15 @@ summary: GNU-Attribute-notes-not-recognized
|
||||||
description: |
|
description: |
|
||||||
Bug summary: elfutils doesn't recognize GNU Attribute notes
|
Bug summary: elfutils doesn't recognize GNU Attribute notes
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1650125
|
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1650125
|
||||||
contact:
|
contact: Martin Cermak <mcermak@redhat.com>
|
||||||
- Martin Cermak <mcermak@redhat.com>
|
|
||||||
component:
|
component:
|
||||||
- elfutils
|
- elfutils
|
||||||
test: ./runtest.sh
|
test: ./runtest.sh
|
||||||
framework: beakerlib
|
framework: beakerlib
|
||||||
recommend:
|
recommend:
|
||||||
- elfutils
|
- elfutils
|
||||||
- bash
|
- bash
|
||||||
|
- bash-debuginfo
|
||||||
duration: 48h
|
duration: 48h
|
||||||
extra-summary: /tools/elfutils/Regression/GNU-Attribute-notes-not-recognized
|
extra-summary: /tools/elfutils/Regression/GNU-Attribute-notes-not-recognized
|
||||||
extra-task: /tools/elfutils/Regression/GNU-Attribute-notes-not-recognized
|
extra-task: /tools/elfutils/Regression/GNU-Attribute-notes-not-recognized
|
||||||
|
|
|
@ -32,12 +32,35 @@ PACKAGE="elfutils"
|
||||||
|
|
||||||
rlJournalStart
|
rlJournalStart
|
||||||
rlPhaseStartTest
|
rlPhaseStartTest
|
||||||
# Rely on that /bin/bash is annobin-annotated per
|
# Rely on that /bin/bash is annobin-annotated per
|
||||||
# - https://fedoraproject.org/wiki/Toolchain/Watermark
|
# - https://fedoraproject.org/wiki/Toolchain/Watermark
|
||||||
# - https://fedoraproject.org/wiki/Changes/Annobin
|
# - https://fedoraproject.org/wiki/Changes/Annobin
|
||||||
# Seems to work fine with bash-4.4.19-6.el8 and elfutils-0.174-5.el8.
|
# Seems to work fine with bash-4.4.19-6.el8 and elfutils-0.174-5.el8.
|
||||||
set -o pipefail
|
f="/bin/bash"
|
||||||
rlRun "eu-readelf -n /bin/bash | grep -2 '^ GA' | fgrep 'GNU Build Attribute' | tail -50"
|
|
||||||
|
# Annobin notes originally used to reside in the binary itself.
|
||||||
|
# Later on they moved to debuginfo.
|
||||||
|
# Let's see if we can chase down needed debuginfo somewhere...
|
||||||
|
|
||||||
|
# Attempt getting the needed file using debuginfod
|
||||||
|
export DEBUGINFOD_URLS=https://debuginfod.fedoraproject.org/
|
||||||
|
rlRun "f=\"$f $(debuginfod-find debuginfo /bin/bash)\""
|
||||||
|
|
||||||
|
# Attempt getting the needed file by traditional means
|
||||||
|
rlRun "debuginfo-install -y bash"
|
||||||
|
rlRun "buildid=$(eu-readelf -n /bin/bash | awk '/Build ID:/ {print $NF}')"
|
||||||
|
for i in $(rpm -ql bash-debuginfo); do
|
||||||
|
test -f $i || continue
|
||||||
|
if eu-readelf -n $i | fgrep $buildid; then
|
||||||
|
rlRun "f=\"$f $i\""
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
set -o pipefail
|
||||||
|
export f
|
||||||
|
# Check if eu-readelf can read the notes from at least one of files
|
||||||
|
# that can possibly contain it...
|
||||||
|
rlRun "(for i in $f; do eu-readelf -n $i; done ) | grep -2 '^ GA' | fgrep 'GNU Build Attribute' | tail -50"
|
||||||
rlPhaseEnd
|
rlPhaseEnd
|
||||||
rlJournalPrintText
|
rlJournalPrintText
|
||||||
rlJournalEnd
|
rlJournalEnd
|
||||||
|
|
|
@ -0,0 +1,81 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -xeo pipefail
|
||||||
|
|
||||||
|
|
||||||
|
export DEBUGINFOD_VERBOSE=1
|
||||||
|
export DEBUGINFOD_CACHE_PATH=$HOME/.debuginfod_client_cache/
|
||||||
|
|
||||||
|
# Initial cleanup
|
||||||
|
systemctl stop debuginfod
|
||||||
|
rm -rf ~/.cache/debuginfod_client
|
||||||
|
rm -rf /usr/src/my_extra_rpms $DEBUGINFOD_CACHE_PATH
|
||||||
|
mkdir $DEBUGINFOD_CACHE_PATH
|
||||||
|
journalctl -g debuginfod -f &
|
||||||
|
logger=$!
|
||||||
|
|
||||||
|
# Set up a delay. A delay of 3 worked for me reliably for manual testing.
|
||||||
|
DELAY=120
|
||||||
|
|
||||||
|
# Clean up after possible previous failed (=> unfinished) run of this testcase
|
||||||
|
rm -rf /usr/src/my_extra_rpms $HOME/.debuginfod_client_cache
|
||||||
|
|
||||||
|
# Check the config file is there
|
||||||
|
cat /etc/sysconfig/debuginfod
|
||||||
|
|
||||||
|
# Make sure the config file doesn't contain unwanted relicts
|
||||||
|
# from possible previous failed run of this testcase
|
||||||
|
fgrep DEBUGINFOD_PATHS /etc/sysconfig/debuginfod | (! fgrep /usr/src/my_extra_rpms)
|
||||||
|
|
||||||
|
# Add some directory to the DEBUGINFOD_PATH and configure it
|
||||||
|
# within /etc/sysconfig/debuginfod
|
||||||
|
mkdir -p /usr/src/my_extra_rpms
|
||||||
|
sed -i 's/DEBUGINFOD_PATHS="[^"]*/\0\ \/usr\/src\/my_extra_rpms/' /etc/sysconfig/debuginfod
|
||||||
|
fgrep DEBUGINFOD_PATHS /etc/sysconfig/debuginfod | fgrep /usr/src/my_extra_rpms
|
||||||
|
|
||||||
|
# Note the DEBUGINFOD_PORT in the sysconfig file
|
||||||
|
# and use it to export the server URL for the client to use
|
||||||
|
source /etc/sysconfig/debuginfod
|
||||||
|
export DEBUGINFOD_URLS="localhost:$DEBUGINFOD_PORT"
|
||||||
|
|
||||||
|
# Get the build-id from some installed binary and make sure
|
||||||
|
# it isn't found
|
||||||
|
buildid=$(eu-unstrip -n -e /usr/bin/true | cut -f2 -d\ | cut -f1 -d@)
|
||||||
|
! debuginfod-find executable $buildid
|
||||||
|
|
||||||
|
# Start the service
|
||||||
|
systemctl start debuginfod
|
||||||
|
|
||||||
|
# Give it some time to index
|
||||||
|
sleep $DELAY
|
||||||
|
|
||||||
|
# Now the binary should be found
|
||||||
|
debuginfod-find executable $buildid
|
||||||
|
|
||||||
|
# Take a small debuginfo rpm and make sure you know the buildid of
|
||||||
|
# some .debug file in to the directory you created and added to
|
||||||
|
# the DEBUGINFO_PATH in the config file.
|
||||||
|
cp sshpass-debuginfo-1.09-2.fc35.x86_64.rpm /usr/src/my_extra_rpms
|
||||||
|
|
||||||
|
# Make sure the denuginfo can't be found yet
|
||||||
|
# Related:
|
||||||
|
# - https://bugzilla.redhat.com/show_bug.cgi?id=2023454
|
||||||
|
# - https://sourceware.org/bugzilla/show_bug.cgi?id=28240
|
||||||
|
! debuginfod-find debuginfo 73952ed43c6edc82cc92186a581ec27f009c529c
|
||||||
|
echo 0 > $DEBUGINFOD_CACHE_PATH/cache_miss_s
|
||||||
|
|
||||||
|
# Tell debuginfod to start indexing immediately
|
||||||
|
debuginfod_pid=$(systemctl status debuginfod | fgrep PID | grep -Po '\d+')
|
||||||
|
kill -SIGUSR1 $debuginfod_pid
|
||||||
|
|
||||||
|
# Give it some time to index
|
||||||
|
sleep $DELAY
|
||||||
|
|
||||||
|
# Try to find the debug file with the known buildid
|
||||||
|
debuginfod-find debuginfo 73952ed43c6edc82cc92186a581ec27f009c529c
|
||||||
|
|
||||||
|
# Clean up
|
||||||
|
rm -rf /usr/src/my_extra_rpms $HOME/.debuginfod_client_cache
|
||||||
|
|
||||||
|
# Kill the logger
|
||||||
|
kill $logger
|
|
@ -0,0 +1,14 @@
|
||||||
|
summary: elfutils-debuginfod
|
||||||
|
description: ''
|
||||||
|
contact: Martin Cermak <mcermak@redhat.com>
|
||||||
|
component:
|
||||||
|
- elfutils
|
||||||
|
test: ./runtest.sh
|
||||||
|
framework: beakerlib
|
||||||
|
recommend:
|
||||||
|
- elfutils
|
||||||
|
- elfutils-debuginfod
|
||||||
|
- elfutils-debuginfod-client
|
||||||
|
duration: 48h
|
||||||
|
extra-summary: /tools/elfutils/Sanity/elfutils-debuginfod
|
||||||
|
extra-task: /tools/elfutils/Sanity/elfutils-debuginfod
|
|
@ -2,8 +2,8 @@
|
||||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
#
|
#
|
||||||
# runtest.sh of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
# runtest.sh of /tools/elfutils/Sanity/elfutils-debuginfod
|
||||||
# Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
# Description: elfutils-debuginfod
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
# Author: Martin Cermak <mcermak@redhat.com>
|
||||||
#
|
#
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
@ -31,11 +31,24 @@
|
||||||
PACKAGE="elfutils"
|
PACKAGE="elfutils"
|
||||||
|
|
||||||
rlJournalStart
|
rlJournalStart
|
||||||
|
rlPhaseStartSetup
|
||||||
|
for p in elfutils-debuginfod elfutils-debuginfod-client; do
|
||||||
|
rlAssertRpm $p
|
||||||
|
done
|
||||||
|
rlRun "TMPD=$(mktemp -d)"
|
||||||
|
rlRun "cp body.sh sshpass-debuginfo-1.09-2.fc35.x86_64.rpm $TMPD"
|
||||||
|
rlRun "pushd $TMPD"
|
||||||
|
rlFileBackup /etc/sysconfig/debuginfod
|
||||||
|
rlPhaseEnd
|
||||||
|
|
||||||
rlPhaseStartTest
|
rlPhaseStartTest
|
||||||
# We expect 1, but not 99 ...
|
rlRun "./body.sh"
|
||||||
# Reproduced with valgrind-3.13.0-13.el7 and elfutils-0.172-2.el7
|
rlPhaseEnd
|
||||||
# Verified with valgrind-3.14.0-16.el7 and elfutils-0.176-1.el7
|
|
||||||
rlRun "valgrind -q --error-exitcode=99 eu-readelf -a POC2" 1
|
rlPhaseStartCleanup
|
||||||
|
rlFileRestore
|
||||||
|
rlRun "popd"
|
||||||
|
rlRun "rm -r $TMPD"
|
||||||
rlPhaseEnd
|
rlPhaseEnd
|
||||||
rlJournalPrintText
|
rlJournalPrintText
|
||||||
rlJournalEnd
|
rlJournalEnd
|
Binary file not shown.
|
@ -0,0 +1,16 @@
|
||||||
|
summary: yama-scope
|
||||||
|
description: |
|
||||||
|
Bug summary: Enable provide_yama_scope for rhel >= 7.4
|
||||||
|
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1455514
|
||||||
|
contact: Martin Cermak <mcermak@redhat.com>
|
||||||
|
component:
|
||||||
|
- elfutils
|
||||||
|
test: ./runtest.sh
|
||||||
|
framework: beakerlib
|
||||||
|
recommend:
|
||||||
|
- elfutils
|
||||||
|
duration: 48h
|
||||||
|
link:
|
||||||
|
- relates: https://bugzilla.redhat.com/show_bug.cgi?id=1455514
|
||||||
|
extra-summary: /tools/elfutils/Sanity/yama-scope
|
||||||
|
extra-task: /tools/elfutils/Sanity/yama-scope
|
|
@ -0,0 +1,8 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
RETVAL=0
|
||||||
|
OUT=$(mktemp)
|
||||||
|
eu-stack -p $$ |& tee $OUT
|
||||||
|
grep -i 'operation not permitted' $OUT && RETVAL=1
|
||||||
|
rm $OUT
|
||||||
|
exit $RETVAL
|
|
@ -0,0 +1,108 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
#
|
||||||
|
# runtest.sh of /tools/elfutils/Sanity/yama-scope
|
||||||
|
# Description: yama-scope
|
||||||
|
# Author: Martin Cermak <mcermak@redhat.com>
|
||||||
|
#
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
#
|
||||||
|
# Copyright (c) 2017 Red Hat, Inc.
|
||||||
|
#
|
||||||
|
# This program is free software: you can redistribute it and/or
|
||||||
|
# modify it under the terms of the GNU General Public License as
|
||||||
|
# published by the Free Software Foundation, either version 2 of
|
||||||
|
# the License, or (at your option) any later version.
|
||||||
|
#
|
||||||
|
# This program is distributed in the hope that it will be
|
||||||
|
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||||
|
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||||
|
# PURPOSE. See the GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||||
|
#
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
# Include Beaker environment
|
||||||
|
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||||
|
|
||||||
|
PACKAGE="elfutils"
|
||||||
|
MY_USER="ptrace_scope_testuser"
|
||||||
|
TESTCASE="/tmp/ptrace-scope-test.sh"
|
||||||
|
PROCFILE='/proc/sys/kernel/yama/ptrace_scope'
|
||||||
|
|
||||||
|
test_root()
|
||||||
|
{
|
||||||
|
$TESTCASE
|
||||||
|
}
|
||||||
|
|
||||||
|
test_user()
|
||||||
|
{
|
||||||
|
su - $MY_USER -c $TESTCASE
|
||||||
|
}
|
||||||
|
|
||||||
|
rlJournalStart
|
||||||
|
rlPhaseStartTest
|
||||||
|
|
||||||
|
# This can easily be tested with strace. Just cycle through the settings:
|
||||||
|
|
||||||
|
# 0 - Default attach security permissions.
|
||||||
|
# 1 - Restricted attach. Only child processes plus normal permissions.
|
||||||
|
# 2 - Admin-only attach. Only executables with CAP_SYS_PTRACE.
|
||||||
|
# 3 - No attach. No process may call ptrace at all. Irrevocable.
|
||||||
|
|
||||||
|
# echo 0 > /proc/sys/kernel/yama/ptrace_scope
|
||||||
|
|
||||||
|
# With 0, strace works against any process with your uid. For example, strace -p 2190.
|
||||||
|
# With 1, strace errors when doing the same as in 0: strace: attach: ptrace(PTRACE_SEIZE, 3180): Operation not permitted. However, you can strace any program you run from strace, "strace /bin/ls" or example.
|
||||||
|
# With 2, you can only strace from the root account. You can no longer strace commands run from strace.
|
||||||
|
# With 3, even root cannot strace.
|
||||||
|
|
||||||
|
# ---
|
||||||
|
|
||||||
|
# possible related AVCs tracked as https://bugzilla.redhat.com/show_bug.cgi?id=1458999
|
||||||
|
|
||||||
|
# ---
|
||||||
|
|
||||||
|
rlRun "useradd $MY_USER" 0,9
|
||||||
|
|
||||||
|
rlRun "cp ptrace-scope-test.sh /tmp/"
|
||||||
|
rlRun "chmod a+rx /tmp/ptrace-scope-test.sh"
|
||||||
|
|
||||||
|
rlRun "ORIGVAL=$( cat $PROCFILE )"
|
||||||
|
|
||||||
|
# First, test the default behaviour, which is "no restriction"
|
||||||
|
# from the ptrace perspective. Here we assume that
|
||||||
|
# elfutils-default-yama-scope.rpm is installed and so the default
|
||||||
|
# yama policy is set to 0 instead of 1 which would otherwise be set
|
||||||
|
# as a kernel default (security/yama/yama_lsm.c ---> YAMA_SCOPE_RELATIONAL)
|
||||||
|
rlRun test_root
|
||||||
|
rlRun test_user
|
||||||
|
|
||||||
|
rlRun "echo 0 > $PROCFILE"
|
||||||
|
rlRun test_root
|
||||||
|
rlRun test_user
|
||||||
|
rlRun "echo 1 > $PROCFILE"
|
||||||
|
rlRun test_root
|
||||||
|
rlRun test_user 1
|
||||||
|
rlRun "echo 2 > $PROCFILE"
|
||||||
|
rlRun test_root
|
||||||
|
rlRun test_user 1
|
||||||
|
# Following subtest would be irrevertible (till next reboot)
|
||||||
|
# rlRun "echo 3 > $PROCFILE"
|
||||||
|
# rlRun test_root 1
|
||||||
|
# rlRun test_user 1
|
||||||
|
|
||||||
|
rlRun "userdel -f $MY_USER"
|
||||||
|
|
||||||
|
# This testcase could be more complex - using child and non-child processes and
|
||||||
|
# performing reboots. But let's keep this simple, since we are not testing the
|
||||||
|
# kernel facility, but merely an elfutils "plugin" for it, whose purpose is to
|
||||||
|
# set the default yama policy as such.
|
||||||
|
|
||||||
|
rlRun "echo $ORIGVAL > $PROCFILE"
|
||||||
|
rlPhaseEnd
|
||||||
|
rlJournalPrintText
|
||||||
|
rlJournalEnd
|
|
@ -1,64 +0,0 @@
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Makefile of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
|
||||||
# Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
export TEST=/tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
|
||||||
export TESTVERSION=1.0
|
|
||||||
|
|
||||||
BUILT_FILES=
|
|
||||||
|
|
||||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE addr2line-buffer-over-flow1
|
|
||||||
|
|
||||||
.PHONY: all install download clean
|
|
||||||
|
|
||||||
run: $(FILES) build
|
|
||||||
./runtest.sh
|
|
||||||
|
|
||||||
build: $(BUILT_FILES)
|
|
||||||
test -x runtest.sh || chmod a+x runtest.sh
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f *~ $(BUILT_FILES)
|
|
||||||
|
|
||||||
|
|
||||||
include /usr/share/rhts/lib/rhts-make.include
|
|
||||||
|
|
||||||
$(METADATA): Makefile
|
|
||||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
|
||||||
@echo "Name: $(TEST)" >> $(METADATA)
|
|
||||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
|
||||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
|
||||||
@echo "Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read" >> $(METADATA)
|
|
||||||
@echo "Type: Security" >> $(METADATA)
|
|
||||||
@echo "TestTime: 48h" >> $(METADATA)
|
|
||||||
@echo "RunFor: elfutils" >> $(METADATA)
|
|
||||||
@echo "Requires: elfutils valgrind" >> $(METADATA)
|
|
||||||
@echo "Priority: Normal" >> $(METADATA)
|
|
||||||
@echo "License: GPLv2+" >> $(METADATA)
|
|
||||||
@echo "Confidential: no" >> $(METADATA)
|
|
||||||
@echo "Destructive: no" >> $(METADATA)
|
|
||||||
@echo "Bug: 1625260" >> $(METADATA)
|
|
||||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
|
||||||
|
|
||||||
rhts-lint $(METADATA)
|
|
|
@ -1,5 +0,0 @@
|
||||||
PURPOSE of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
|
||||||
Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
|
||||||
Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
Bug summary: 2 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file [rhel-7]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625260
|
|
Binary file not shown.
|
@ -1,16 +0,0 @@
|
||||||
summary: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
|
||||||
description: |
|
|
||||||
Bug summary: 2 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file [rhel-7]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625260
|
|
||||||
contact:
|
|
||||||
- Martin Cermak <mcermak@redhat.com>
|
|
||||||
component:
|
|
||||||
- elfutils
|
|
||||||
test: ./runtest.sh
|
|
||||||
framework: beakerlib
|
|
||||||
recommend:
|
|
||||||
- elfutils
|
|
||||||
- valgrind
|
|
||||||
duration: 48h
|
|
||||||
extra-summary: /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
|
||||||
extra-task: /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
|
|
@ -1,39 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
|
||||||
# Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
# Include Beaker environment
|
|
||||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
||||||
|
|
||||||
PACKAGE="elfutils"
|
|
||||||
|
|
||||||
rlJournalStart
|
|
||||||
rlPhaseStartTest
|
|
||||||
# Reproduced with elfutils-0.172-2.el7.x86_64 valgrind-3.13.0-13.el7.x86_64
|
|
||||||
rlRun "valgrind -q --error-exitcode=99 eu-addr2line -e addr2line-buffer-over-flow1 -- 500 50 10 -1000"
|
|
||||||
rlPhaseEnd
|
|
||||||
rlJournalPrintText
|
|
||||||
rlJournalEnd
|
|
Binary file not shown.
|
@ -1,65 +0,0 @@
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Makefile of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
|
|
||||||
# Description: CVE-2018-16402-double-free-due-to-double-decompression
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2018 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
export TEST=/tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
|
|
||||||
export TESTVERSION=1.0
|
|
||||||
|
|
||||||
BUILT_FILES=
|
|
||||||
|
|
||||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE Double-free-libelf
|
|
||||||
|
|
||||||
.PHONY: all install download clean
|
|
||||||
|
|
||||||
run: $(FILES) build
|
|
||||||
./runtest.sh
|
|
||||||
|
|
||||||
build: $(BUILT_FILES)
|
|
||||||
test -x runtest.sh || chmod a+x runtest.sh
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f *~ $(BUILT_FILES)
|
|
||||||
|
|
||||||
|
|
||||||
include /usr/share/rhts/lib/rhts-make.include
|
|
||||||
|
|
||||||
$(METADATA): Makefile
|
|
||||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
|
||||||
@echo "Name: $(TEST)" >> $(METADATA)
|
|
||||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
|
||||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
|
||||||
@echo "Description: CVE-2018-16402-double-free-due-to-double-decompression" >> $(METADATA)
|
|
||||||
@echo "Type: Security" >> $(METADATA)
|
|
||||||
@echo "TestTime: 48h" >> $(METADATA)
|
|
||||||
@echo "RunFor: nothing" >> $(METADATA)
|
|
||||||
@echo "Requires: elfutils" >> $(METADATA)
|
|
||||||
@echo "Requires: valgrind" >> $(METADATA)
|
|
||||||
@echo "Priority: Normal" >> $(METADATA)
|
|
||||||
@echo "License: GPLv2+" >> $(METADATA)
|
|
||||||
@echo "Confidential: no" >> $(METADATA)
|
|
||||||
@echo "Destructive: no" >> $(METADATA)
|
|
||||||
@echo "Bug: 1625052" >> $(METADATA)
|
|
||||||
@echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
|
|
||||||
|
|
||||||
rhts-lint $(METADATA)
|
|
|
@ -1,5 +0,0 @@
|
||||||
PURPOSE of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
|
|
||||||
Description: CVE-2018-16402-double-free-due-to-double-decompression
|
|
||||||
Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
Bug summary: 2 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash [rhel-8]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625052
|
|
|
@ -1,16 +0,0 @@
|
||||||
summary: CVE-2018-16402-double-free-due-to-double-decompression
|
|
||||||
description: |
|
|
||||||
Bug summary: 2 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash [rhel-8]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625052
|
|
||||||
contact:
|
|
||||||
- Martin Cermak <mcermak@redhat.com>
|
|
||||||
component:
|
|
||||||
- nothing
|
|
||||||
test: ./runtest.sh
|
|
||||||
framework: beakerlib
|
|
||||||
recommend:
|
|
||||||
- elfutils
|
|
||||||
- valgrind
|
|
||||||
duration: 48h
|
|
||||||
extra-summary: /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
|
|
||||||
extra-task: /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
|
|
|
@ -1,42 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
|
|
||||||
# Description: CVE-2018-16402-double-free-due-to-double-decompression
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2018 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
# Include Beaker environment
|
|
||||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
||||||
|
|
||||||
PACKAGE="elfutils"
|
|
||||||
|
|
||||||
rlJournalStart
|
|
||||||
rlPhaseStartTest
|
|
||||||
TMP=$(mktemp)
|
|
||||||
rlRun "valgrind -q eu-readelf -S ./Double-free-libelf |& tee $TMP"
|
|
||||||
rlRun "fgrep 'Invalid free()' $TMP" 1
|
|
||||||
rlRun "fgrep 'Section Headers:' $TMP"
|
|
||||||
rm -f $TMP
|
|
||||||
rlPhaseEnd
|
|
||||||
rlJournalPrintText
|
|
||||||
rlJournalEnd
|
|
Binary file not shown.
|
@ -1,65 +0,0 @@
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Makefile of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
|
||||||
# Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2018 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
export TEST=/tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
|
||||||
export TESTVERSION=1.0
|
|
||||||
|
|
||||||
BUILT_FILES=
|
|
||||||
|
|
||||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE Buffer-over-readelf bz1532205.supp
|
|
||||||
|
|
||||||
.PHONY: all install download clean
|
|
||||||
|
|
||||||
run: $(FILES) build
|
|
||||||
./runtest.sh
|
|
||||||
|
|
||||||
build: $(BUILT_FILES)
|
|
||||||
test -x runtest.sh || chmod a+x runtest.sh
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f *~ $(BUILT_FILES)
|
|
||||||
|
|
||||||
|
|
||||||
include /usr/share/rhts/lib/rhts-make.include
|
|
||||||
|
|
||||||
$(METADATA): Makefile
|
|
||||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
|
||||||
@echo "Name: $(TEST)" >> $(METADATA)
|
|
||||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
|
||||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
|
||||||
@echo "Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c" >> $(METADATA)
|
|
||||||
@echo "Type: Security" >> $(METADATA)
|
|
||||||
@echo "TestTime: 48h" >> $(METADATA)
|
|
||||||
@echo "RunFor: nothing" >> $(METADATA)
|
|
||||||
@echo "Requires: elfutils" >> $(METADATA)
|
|
||||||
@echo "Requires: valgrind" >> $(METADATA)
|
|
||||||
@echo "Priority: Normal" >> $(METADATA)
|
|
||||||
@echo "License: GPLv2+" >> $(METADATA)
|
|
||||||
@echo "Confidential: yes" >> $(METADATA)
|
|
||||||
@echo "Destructive: no" >> $(METADATA)
|
|
||||||
@echo "Bug: 1625057" >> $(METADATA)
|
|
||||||
@echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
|
|
||||||
|
|
||||||
rhts-lint $(METADATA)
|
|
|
@ -1,5 +0,0 @@
|
||||||
PURPOSE of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
|
||||||
Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
|
||||||
Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
Bug summary: 3 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash [rhel-8]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625057
|
|
|
@ -1,25 +0,0 @@
|
||||||
{
|
|
||||||
<insert_a_suppression_name_here>
|
|
||||||
Memcheck:Cond
|
|
||||||
fun:_nl_explode_name
|
|
||||||
}
|
|
||||||
{
|
|
||||||
<insert_a_suppression_name_here>
|
|
||||||
Memcheck:Cond
|
|
||||||
fun:_nl_make_l10nflist
|
|
||||||
}
|
|
||||||
{
|
|
||||||
<insert_a_suppression_name_here>
|
|
||||||
Memcheck:Addr4
|
|
||||||
fun:_nl_make_l10nflist
|
|
||||||
}
|
|
||||||
{
|
|
||||||
<insert_a_suppression_name_here>
|
|
||||||
Memcheck:Addr4
|
|
||||||
fun:new_composite_name
|
|
||||||
}
|
|
||||||
{
|
|
||||||
<insert_a_suppression_name_here>
|
|
||||||
Memcheck:Cond
|
|
||||||
fun:_nl_explode_name
|
|
||||||
}
|
|
|
@ -1,16 +0,0 @@
|
||||||
summary: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
|
||||||
description: |
|
|
||||||
Bug summary: 3 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash [rhel-8]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625057
|
|
||||||
contact:
|
|
||||||
- Martin Cermak <mcermak@redhat.com>
|
|
||||||
component:
|
|
||||||
- nothing
|
|
||||||
test: ./runtest.sh
|
|
||||||
framework: beakerlib
|
|
||||||
recommend:
|
|
||||||
- elfutils
|
|
||||||
- valgrind
|
|
||||||
duration: 48h
|
|
||||||
extra-summary: /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
|
||||||
extra-task: /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
|
|
@ -1,43 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
|
||||||
# Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2018 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
# Include Beaker environment
|
|
||||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
||||||
|
|
||||||
PACKAGE="elfutils"
|
|
||||||
|
|
||||||
rlJournalStart
|
|
||||||
rlPhaseStartTest
|
|
||||||
arch | grep -q ppc64le && VGSUPP='--suppressions=bz1532205.supp' || VGSUPP=''
|
|
||||||
TMP=$(mktemp)
|
|
||||||
rlRun "valgrind $VGSUPP -q eu-readelf --debug-dump=abbrev ./Buffer-over-readelf |& tee $TMP"
|
|
||||||
rlRun "fgrep 'Invalid read of size' $TMP" 1
|
|
||||||
rlRun "fgrep 'Abbreviation section at offset' $TMP"
|
|
||||||
rm -f $TMP
|
|
||||||
rlPhaseEnd
|
|
||||||
rlJournalPrintText
|
|
||||||
rlJournalEnd
|
|
|
@ -1,64 +0,0 @@
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Makefile of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
|
||||||
# Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
export TEST=/tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
|
||||||
export TESTVERSION=1.0
|
|
||||||
|
|
||||||
BUILT_FILES=
|
|
||||||
|
|
||||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC-stack
|
|
||||||
|
|
||||||
.PHONY: all install download clean
|
|
||||||
|
|
||||||
run: $(FILES) build
|
|
||||||
./runtest.sh
|
|
||||||
|
|
||||||
build: $(BUILT_FILES)
|
|
||||||
test -x runtest.sh || chmod a+x runtest.sh
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f *~ $(BUILT_FILES)
|
|
||||||
|
|
||||||
|
|
||||||
include /usr/share/rhts/lib/rhts-make.include
|
|
||||||
|
|
||||||
$(METADATA): Makefile
|
|
||||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
|
||||||
@echo "Name: $(TEST)" >> $(METADATA)
|
|
||||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
|
||||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
|
||||||
@echo "Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference" >> $(METADATA)
|
|
||||||
@echo "Type: Security" >> $(METADATA)
|
|
||||||
@echo "TestTime: 48h" >> $(METADATA)
|
|
||||||
@echo "RunFor: elfutils" >> $(METADATA)
|
|
||||||
@echo "Requires: elfutils" >> $(METADATA)
|
|
||||||
@echo "Priority: Normal" >> $(METADATA)
|
|
||||||
@echo "License: GPLv2+" >> $(METADATA)
|
|
||||||
@echo "Confidential: no" >> $(METADATA)
|
|
||||||
@echo "Destructive: no" >> $(METADATA)
|
|
||||||
@echo "Bug: 1651567" >> $(METADATA)
|
|
||||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
|
||||||
|
|
||||||
rhts-lint $(METADATA)
|
|
Binary file not shown.
|
@ -1,5 +0,0 @@
|
||||||
PURPOSE of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
|
||||||
Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
|
||||||
Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhdts-8]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651567
|
|
|
@ -1,15 +0,0 @@
|
||||||
summary: CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
|
||||||
description: |
|
|
||||||
Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhdts-8]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651567
|
|
||||||
contact:
|
|
||||||
- Martin Cermak <mcermak@redhat.com>
|
|
||||||
component:
|
|
||||||
- elfutils
|
|
||||||
test: ./runtest.sh
|
|
||||||
framework: beakerlib
|
|
||||||
recommend:
|
|
||||||
- elfutils
|
|
||||||
duration: 48h
|
|
||||||
extra-summary: /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
|
||||||
extra-task: /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
|
|
@ -1,39 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
|
||||||
# Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
# Include Beaker environment
|
|
||||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
||||||
|
|
||||||
PACKAGE="elfutils"
|
|
||||||
|
|
||||||
rlJournalStart
|
|
||||||
rlPhaseStartTest
|
|
||||||
# Expect exitcode 2, unfixed package segfaults (139)
|
|
||||||
rlRun "eu-stack --core=POC-stack" 2
|
|
||||||
rlPhaseEnd
|
|
||||||
rlJournalPrintText
|
|
||||||
rlJournalEnd
|
|
|
@ -1,64 +0,0 @@
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Makefile of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
|
|
||||||
# Description: CVE-2018-18310-invalid-memory-address-dereference
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2018 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
export TEST=/tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
|
|
||||||
export TESTVERSION=1.0
|
|
||||||
|
|
||||||
BUILT_FILES=
|
|
||||||
|
|
||||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC-stack bz1532205.supp
|
|
||||||
|
|
||||||
.PHONY: all install download clean
|
|
||||||
|
|
||||||
run: $(FILES) build
|
|
||||||
./runtest.sh
|
|
||||||
|
|
||||||
build: $(BUILT_FILES)
|
|
||||||
test -x runtest.sh || chmod a+x runtest.sh
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f *~ $(BUILT_FILES)
|
|
||||||
|
|
||||||
|
|
||||||
include /usr/share/rhts/lib/rhts-make.include
|
|
||||||
|
|
||||||
$(METADATA): Makefile
|
|
||||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
|
||||||
@echo "Name: $(TEST)" >> $(METADATA)
|
|
||||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
|
||||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
|
||||||
@echo "Description: CVE-2018-18310-invalid-memory-address-dereference" >> $(METADATA)
|
|
||||||
@echo "Type: Security" >> $(METADATA)
|
|
||||||
@echo "TestTime: 48h" >> $(METADATA)
|
|
||||||
@echo "RunFor: nothing" >> $(METADATA)
|
|
||||||
@echo "Requires: elfutils valgrind" >> $(METADATA)
|
|
||||||
@echo "Priority: Normal" >> $(METADATA)
|
|
||||||
@echo "License: GPLv2+" >> $(METADATA)
|
|
||||||
@echo "Confidential: no" >> $(METADATA)
|
|
||||||
@echo "Destructive: no" >> $(METADATA)
|
|
||||||
@echo "Bug: 1642606" >> $(METADATA)
|
|
||||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -RHEL6" >> $(METADATA)
|
|
||||||
|
|
||||||
rhts-lint $(METADATA)
|
|
Binary file not shown.
|
@ -1,5 +0,0 @@
|
||||||
PURPOSE of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
|
|
||||||
Description: CVE-2018-18310-invalid-memory-address-dereference
|
|
||||||
Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhel-8]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1642606
|
|
|
@ -1,25 +0,0 @@
|
||||||
{
|
|
||||||
<insert_a_suppression_name_here>
|
|
||||||
Memcheck:Cond
|
|
||||||
fun:_nl_explode_name
|
|
||||||
}
|
|
||||||
{
|
|
||||||
<insert_a_suppression_name_here>
|
|
||||||
Memcheck:Cond
|
|
||||||
fun:_nl_make_l10nflist
|
|
||||||
}
|
|
||||||
{
|
|
||||||
<insert_a_suppression_name_here>
|
|
||||||
Memcheck:Addr4
|
|
||||||
fun:_nl_make_l10nflist
|
|
||||||
}
|
|
||||||
{
|
|
||||||
<insert_a_suppression_name_here>
|
|
||||||
Memcheck:Addr4
|
|
||||||
fun:new_composite_name
|
|
||||||
}
|
|
||||||
{
|
|
||||||
<insert_a_suppression_name_here>
|
|
||||||
Memcheck:Cond
|
|
||||||
fun:_nl_explode_name
|
|
||||||
}
|
|
|
@ -1,16 +0,0 @@
|
||||||
summary: CVE-2018-18310-invalid-memory-address-dereference
|
|
||||||
description: |
|
|
||||||
Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhel-8]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1642606
|
|
||||||
contact:
|
|
||||||
- Martin Cermak <mcermak@redhat.com>
|
|
||||||
component:
|
|
||||||
- nothing
|
|
||||||
test: ./runtest.sh
|
|
||||||
framework: beakerlib
|
|
||||||
recommend:
|
|
||||||
- elfutils
|
|
||||||
- valgrind
|
|
||||||
duration: 48h
|
|
||||||
extra-summary: /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
|
|
||||||
extra-task: /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
|
|
|
@ -1,42 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
|
|
||||||
# Description: CVE-2018-18310-invalid-memory-address-dereference
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2018 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
# Include Beaker environment
|
|
||||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
||||||
|
|
||||||
PACKAGE="elfutils"
|
|
||||||
|
|
||||||
rlJournalStart
|
|
||||||
rlPhaseStartTest
|
|
||||||
arch | grep -q ppc64le && VGSUPP='--suppressions=bz1532205.supp' || VGSUPP=''
|
|
||||||
TMP=$(mktemp)
|
|
||||||
rlRun "valgrind $VGSUPP -q eu-stack --core=./POC-stack |& tee $TMP"
|
|
||||||
rlRun "fgrep 'Invalid read of size' $TMP" 1
|
|
||||||
rm -f $TMP
|
|
||||||
rlPhaseEnd
|
|
||||||
rlJournalPrintText
|
|
||||||
rlJournalEnd
|
|
|
@ -1,64 +0,0 @@
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Makefile of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
# Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
export TEST=/tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
export TESTVERSION=1.0
|
|
||||||
|
|
||||||
BUILT_FILES=
|
|
||||||
|
|
||||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC1
|
|
||||||
|
|
||||||
.PHONY: all install download clean
|
|
||||||
|
|
||||||
run: $(FILES) build
|
|
||||||
./runtest.sh
|
|
||||||
|
|
||||||
build: $(BUILT_FILES)
|
|
||||||
test -x runtest.sh || chmod a+x runtest.sh
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f *~ $(BUILT_FILES)
|
|
||||||
|
|
||||||
|
|
||||||
include /usr/share/rhts/lib/rhts-make.include
|
|
||||||
|
|
||||||
$(METADATA): Makefile
|
|
||||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
|
||||||
@echo "Name: $(TEST)" >> $(METADATA)
|
|
||||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
|
||||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
|
||||||
@echo "Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files" >> $(METADATA)
|
|
||||||
@echo "Type: Security" >> $(METADATA)
|
|
||||||
@echo "TestTime: 48h" >> $(METADATA)
|
|
||||||
@echo "RunFor: elfutils" >> $(METADATA)
|
|
||||||
@echo "Requires: elfutils" >> $(METADATA)
|
|
||||||
@echo "Priority: Normal" >> $(METADATA)
|
|
||||||
@echo "License: GPLv2+" >> $(METADATA)
|
|
||||||
@echo "Confidential: no" >> $(METADATA)
|
|
||||||
@echo "Destructive: no" >> $(METADATA)
|
|
||||||
@echo "Bug: 1651200" >> $(METADATA)
|
|
||||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
|
||||||
|
|
||||||
rhts-lint $(METADATA)
|
|
Binary file not shown.
|
@ -1,3 +0,0 @@
|
||||||
PURPOSE of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
Author: Martin Cermak <mcermak@redhat.com>
|
|
|
@ -1,13 +0,0 @@
|
||||||
summary: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
description: ''
|
|
||||||
contact:
|
|
||||||
- Martin Cermak <mcermak@redhat.com>
|
|
||||||
component:
|
|
||||||
- elfutils
|
|
||||||
test: ./runtest.sh
|
|
||||||
framework: beakerlib
|
|
||||||
recommend:
|
|
||||||
- elfutils
|
|
||||||
duration: 48h
|
|
||||||
extra-summary: /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
extra-task: /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
|
|
@ -1,38 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
# Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
# Include Beaker environment
|
|
||||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
||||||
|
|
||||||
PACKAGE="elfutils"
|
|
||||||
|
|
||||||
rlJournalStart
|
|
||||||
rlPhaseStartTest
|
|
||||||
rlRun "eu-size POC1"
|
|
||||||
rlPhaseEnd
|
|
||||||
rlJournalPrintText
|
|
||||||
rlJournalEnd
|
|
|
@ -1,64 +0,0 @@
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Makefile of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
# Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2018 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
export TEST=/tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
export TESTVERSION=1.0
|
|
||||||
|
|
||||||
BUILT_FILES=
|
|
||||||
|
|
||||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
|
|
||||||
|
|
||||||
.PHONY: all install download clean
|
|
||||||
|
|
||||||
run: $(FILES) build
|
|
||||||
./runtest.sh
|
|
||||||
|
|
||||||
build: $(BUILT_FILES)
|
|
||||||
test -x runtest.sh || chmod a+x runtest.sh
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f *~ $(BUILT_FILES)
|
|
||||||
|
|
||||||
|
|
||||||
include /usr/share/rhts/lib/rhts-make.include
|
|
||||||
|
|
||||||
$(METADATA): Makefile
|
|
||||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
|
||||||
@echo "Name: $(TEST)" >> $(METADATA)
|
|
||||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
|
||||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
|
||||||
@echo "Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files" >> $(METADATA)
|
|
||||||
@echo "Type: Security" >> $(METADATA)
|
|
||||||
@echo "TestTime: 48h" >> $(METADATA)
|
|
||||||
@echo "RunFor: elfutils" >> $(METADATA)
|
|
||||||
@echo "Requires: elfutils valgrind" >> $(METADATA)
|
|
||||||
@echo "Priority: Normal" >> $(METADATA)
|
|
||||||
@echo "License: GPLv2+" >> $(METADATA)
|
|
||||||
@echo "Confidential: no" >> $(METADATA)
|
|
||||||
@echo "Destructive: no" >> $(METADATA)
|
|
||||||
@echo "Bug: 1646479" >> $(METADATA)
|
|
||||||
@echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
|
|
||||||
|
|
||||||
rhts-lint $(METADATA)
|
|
Binary file not shown.
|
@ -1,5 +0,0 @@
|
||||||
PURPOSE of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
Bug summary: 0 elfutils: eu-size cannot handle recursive ar files [rhel-8]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646479
|
|
|
@ -1,16 +0,0 @@
|
||||||
summary: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
description: |
|
|
||||||
Bug summary: 0 elfutils: eu-size cannot handle recursive ar files [rhel-8]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646479
|
|
||||||
contact:
|
|
||||||
- Martin Cermak <mcermak@redhat.com>
|
|
||||||
component:
|
|
||||||
- elfutils
|
|
||||||
test: ./runtest.sh
|
|
||||||
framework: beakerlib
|
|
||||||
recommend:
|
|
||||||
- elfutils
|
|
||||||
- valgrind
|
|
||||||
duration: 48h
|
|
||||||
extra-summary: /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
extra-task: /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
|
|
@ -1,42 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
# Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2018 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
# Include Beaker environment
|
|
||||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
||||||
|
|
||||||
PACKAGE="elfutils"
|
|
||||||
|
|
||||||
rlJournalStart
|
|
||||||
rlPhaseStartTest
|
|
||||||
TMP=$(mktemp)
|
|
||||||
rlRun "valgrind -q eu-size ./POC2 |& tee $TMP"
|
|
||||||
rlRun "fgrep 'Process terminating with default action of signal 11' $TMP" 1
|
|
||||||
rm -f $TMP
|
|
||||||
rlRun "eu-size ./POC2"
|
|
||||||
rlPhaseEnd
|
|
||||||
rlJournalPrintText
|
|
||||||
rlJournalEnd
|
|
|
@ -1,64 +0,0 @@
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Makefile of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
|
|
||||||
# Description: CVE-2018-18521-divide-by-zero
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2018 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
export TEST=/tools/elfutils/Security/CVE-2018-18521-divide-by-zero
|
|
||||||
export TESTVERSION=1.0
|
|
||||||
|
|
||||||
BUILT_FILES=
|
|
||||||
|
|
||||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
|
|
||||||
|
|
||||||
.PHONY: all install download clean
|
|
||||||
|
|
||||||
run: $(FILES) build
|
|
||||||
./runtest.sh
|
|
||||||
|
|
||||||
build: $(BUILT_FILES)
|
|
||||||
test -x runtest.sh || chmod a+x runtest.sh
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f *~ $(BUILT_FILES)
|
|
||||||
|
|
||||||
|
|
||||||
include /usr/share/rhts/lib/rhts-make.include
|
|
||||||
|
|
||||||
$(METADATA): Makefile
|
|
||||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
|
||||||
@echo "Name: $(TEST)" >> $(METADATA)
|
|
||||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
|
||||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
|
||||||
@echo "Description: CVE-2018-18521-divide-by-zero" >> $(METADATA)
|
|
||||||
@echo "Type: Security" >> $(METADATA)
|
|
||||||
@echo "TestTime: 48h" >> $(METADATA)
|
|
||||||
@echo "RunFor: elfutils" >> $(METADATA)
|
|
||||||
@echo "Requires: elfutils valgrind" >> $(METADATA)
|
|
||||||
@echo "Priority: Normal" >> $(METADATA)
|
|
||||||
@echo "License: GPLv2+" >> $(METADATA)
|
|
||||||
@echo "Confidential: no" >> $(METADATA)
|
|
||||||
@echo "Destructive: no" >> $(METADATA)
|
|
||||||
@echo "Bug: 1646484" >> $(METADATA)
|
|
||||||
@echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
|
|
||||||
|
|
||||||
rhts-lint $(METADATA)
|
|
Binary file not shown.
|
@ -1,5 +0,0 @@
|
||||||
PURPOSE of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
|
|
||||||
Description: CVE-2018-18521-divide-by-zero
|
|
||||||
Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhel-8]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646484
|
|
|
@ -1,16 +0,0 @@
|
||||||
summary: CVE-2018-18521-divide-by-zero
|
|
||||||
description: |
|
|
||||||
Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhel-8]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646484
|
|
||||||
contact:
|
|
||||||
- Martin Cermak <mcermak@redhat.com>
|
|
||||||
component:
|
|
||||||
- elfutils
|
|
||||||
test: ./runtest.sh
|
|
||||||
framework: beakerlib
|
|
||||||
recommend:
|
|
||||||
- elfutils
|
|
||||||
- valgrind
|
|
||||||
duration: 48h
|
|
||||||
extra-summary: /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
|
|
||||||
extra-task: /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
|
|
|
@ -1,43 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
|
|
||||||
# Description: CVE-2018-18521-divide-by-zero
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2018 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
# Include Beaker environment
|
|
||||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
||||||
|
|
||||||
PACKAGE="elfutils"
|
|
||||||
|
|
||||||
rlJournalStart
|
|
||||||
rlPhaseStartTest
|
|
||||||
# This doesn't reproduce on ppach64 and ppc64le.
|
|
||||||
TMP=$(mktemp)
|
|
||||||
rlRun "valgrind -q eu-ranlib ./POC2 |& tee $TMP"
|
|
||||||
rlRun "fgrep 'Process terminating with default action of signal 8' $TMP" 1
|
|
||||||
rm -f $TMP
|
|
||||||
rlRun "eu-ranlib ./POC2"
|
|
||||||
rlPhaseEnd
|
|
||||||
rlJournalPrintText
|
|
||||||
rlJournalEnd
|
|
|
@ -1,64 +0,0 @@
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Makefile of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
|
||||||
# Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
export TEST=/tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
|
||||||
export TESTVERSION=1.0
|
|
||||||
|
|
||||||
BUILT_FILES=
|
|
||||||
|
|
||||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
|
|
||||||
|
|
||||||
.PHONY: all install download clean
|
|
||||||
|
|
||||||
run: $(FILES) build
|
|
||||||
./runtest.sh
|
|
||||||
|
|
||||||
build: $(BUILT_FILES)
|
|
||||||
test -x runtest.sh || chmod a+x runtest.sh
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f *~ $(BUILT_FILES)
|
|
||||||
|
|
||||||
|
|
||||||
include /usr/share/rhts/lib/rhts-make.include
|
|
||||||
|
|
||||||
$(METADATA): Makefile
|
|
||||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
|
||||||
@echo "Name: $(TEST)" >> $(METADATA)
|
|
||||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
|
||||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
|
||||||
@echo "Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c" >> $(METADATA)
|
|
||||||
@echo "Type: Security" >> $(METADATA)
|
|
||||||
@echo "TestTime: 48h" >> $(METADATA)
|
|
||||||
@echo "RunFor: elfutils" >> $(METADATA)
|
|
||||||
@echo "Requires: elfutils" >> $(METADATA)
|
|
||||||
@echo "Priority: Normal" >> $(METADATA)
|
|
||||||
@echo "License: GPLv2+" >> $(METADATA)
|
|
||||||
@echo "Confidential: no" >> $(METADATA)
|
|
||||||
@echo "Destructive: no" >> $(METADATA)
|
|
||||||
@echo "Bug: 1651203" >> $(METADATA)
|
|
||||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
|
||||||
|
|
||||||
rhts-lint $(METADATA)
|
|
Binary file not shown.
|
@ -1,5 +0,0 @@
|
||||||
PURPOSE of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
|
||||||
Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
|
||||||
Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhdts-8]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651203
|
|
|
@ -1,15 +0,0 @@
|
||||||
summary: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
|
||||||
description: |
|
|
||||||
Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhdts-8]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651203
|
|
||||||
contact:
|
|
||||||
- Martin Cermak <mcermak@redhat.com>
|
|
||||||
component:
|
|
||||||
- elfutils
|
|
||||||
test: ./runtest.sh
|
|
||||||
framework: beakerlib
|
|
||||||
recommend:
|
|
||||||
- elfutils
|
|
||||||
duration: 48h
|
|
||||||
extra-summary: /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
|
||||||
extra-task: /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
|
|
@ -1,38 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
|
||||||
# Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
# Include Beaker environment
|
|
||||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
||||||
|
|
||||||
PACKAGE="elfutils"
|
|
||||||
|
|
||||||
rlJournalStart
|
|
||||||
rlPhaseStartTest
|
|
||||||
rlRun "eu-ranlib POC2"
|
|
||||||
rlPhaseEnd
|
|
||||||
rlJournalPrintText
|
|
||||||
rlJournalEnd
|
|
|
@ -1,64 +0,0 @@
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Makefile of /tools/elfutils/Security/CVE-2019-7146
|
|
||||||
# Description: CVE-2019-7146
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
export TEST=/tools/elfutils/Security/CVE-2019-7146
|
|
||||||
export TESTVERSION=1.0
|
|
||||||
|
|
||||||
BUILT_FILES=
|
|
||||||
|
|
||||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE poc
|
|
||||||
|
|
||||||
.PHONY: all install download clean
|
|
||||||
|
|
||||||
run: $(FILES) build
|
|
||||||
./runtest.sh
|
|
||||||
|
|
||||||
build: $(BUILT_FILES)
|
|
||||||
test -x runtest.sh || chmod a+x runtest.sh
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f *~ $(BUILT_FILES)
|
|
||||||
|
|
||||||
|
|
||||||
include /usr/share/rhts/lib/rhts-make.include
|
|
||||||
|
|
||||||
$(METADATA): Makefile
|
|
||||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
|
||||||
@echo "Name: $(TEST)" >> $(METADATA)
|
|
||||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
|
||||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
|
||||||
@echo "Description: CVE-2019-7146" >> $(METADATA)
|
|
||||||
@echo "Type: Security" >> $(METADATA)
|
|
||||||
@echo "TestTime: 48h" >> $(METADATA)
|
|
||||||
@echo "RunFor: elfutils" >> $(METADATA)
|
|
||||||
@echo "Requires: elfutils" >> $(METADATA)
|
|
||||||
@echo "Requires: valgrind" >> $(METADATA)
|
|
||||||
@echo "Priority: Normal" >> $(METADATA)
|
|
||||||
@echo "License: GPLv2+" >> $(METADATA)
|
|
||||||
@echo "Confidential: no" >> $(METADATA)
|
|
||||||
@echo "Destructive: no" >> $(METADATA)
|
|
||||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
|
||||||
|
|
||||||
rhts-lint $(METADATA)
|
|
|
@ -1,3 +0,0 @@
|
||||||
PURPOSE of /tools/elfutils/Security/CVE-2019-7146
|
|
||||||
Description: CVE-2019-7146
|
|
||||||
Author: Martin Cermak <mcermak@redhat.com>
|
|
|
@ -1,14 +0,0 @@
|
||||||
summary: CVE-2019-7146
|
|
||||||
description: ''
|
|
||||||
contact:
|
|
||||||
- Martin Cermak <mcermak@redhat.com>
|
|
||||||
component:
|
|
||||||
- elfutils
|
|
||||||
test: ./runtest.sh
|
|
||||||
framework: beakerlib
|
|
||||||
recommend:
|
|
||||||
- elfutils
|
|
||||||
- valgrind
|
|
||||||
duration: 48h
|
|
||||||
extra-summary: /tools/elfutils/Security/CVE-2019-7146
|
|
||||||
extra-task: /tools/elfutils/Security/CVE-2019-7146
|
|
Binary file not shown.
|
@ -1,41 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# runtest.sh of /tools/elfutils/Security/CVE-2019-7146
|
|
||||||
# Description: CVE-2019-7146
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
# Include Beaker environment
|
|
||||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
||||||
|
|
||||||
PACKAGE="elfutils"
|
|
||||||
|
|
||||||
rlJournalStart
|
|
||||||
rlPhaseStartTest
|
|
||||||
# https://svn.devel.redhat.com/repos/srtvulns/trunk/components/elfutils/CVE-2019-7146/
|
|
||||||
# Expected Output
|
|
||||||
# An error instead of segfault.
|
|
||||||
rlRun "valgrind -q --error-exitcode=99 eu-readelf -a ./poc" 1
|
|
||||||
rlPhaseEnd
|
|
||||||
rlJournalPrintText
|
|
||||||
rlJournalEnd
|
|
|
@ -1,64 +0,0 @@
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Makefile of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
|
||||||
# Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
export TEST=/tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
|
||||||
export TESTVERSION=1.0
|
|
||||||
|
|
||||||
BUILT_FILES=
|
|
||||||
|
|
||||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC1
|
|
||||||
|
|
||||||
.PHONY: all install download clean
|
|
||||||
|
|
||||||
run: $(FILES) build
|
|
||||||
./runtest.sh
|
|
||||||
|
|
||||||
build: $(BUILT_FILES)
|
|
||||||
test -x runtest.sh || chmod a+x runtest.sh
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f *~ $(BUILT_FILES)
|
|
||||||
|
|
||||||
|
|
||||||
include /usr/share/rhts/lib/rhts-make.include
|
|
||||||
|
|
||||||
$(METADATA): Makefile
|
|
||||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
|
||||||
@echo "Name: $(TEST)" >> $(METADATA)
|
|
||||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
|
||||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
|
||||||
@echo "Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read" >> $(METADATA)
|
|
||||||
@echo "Type: Security" >> $(METADATA)
|
|
||||||
@echo "TestTime: 48h" >> $(METADATA)
|
|
||||||
@echo "RunFor: elfutils" >> $(METADATA)
|
|
||||||
@echo "Requires: elfutils valgrind" >> $(METADATA)
|
|
||||||
@echo "Priority: Normal" >> $(METADATA)
|
|
||||||
@echo "License: GPLv2+" >> $(METADATA)
|
|
||||||
@echo "Confidential: no" >> $(METADATA)
|
|
||||||
@echo "Destructive: no" >> $(METADATA)
|
|
||||||
@echo "Bug: 1680056" >> $(METADATA)
|
|
||||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
|
||||||
|
|
||||||
rhts-lint $(METADATA)
|
|
Binary file not shown.
|
@ -1,5 +0,0 @@
|
||||||
PURPOSE of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
|
||||||
Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
|
||||||
Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
Bug summary: elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw [rhdts-8]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680056
|
|
|
@ -1,16 +0,0 @@
|
||||||
summary: CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
|
||||||
description: |
|
|
||||||
Bug summary: elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw [rhdts-8]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680056
|
|
||||||
contact:
|
|
||||||
- Martin Cermak <mcermak@redhat.com>
|
|
||||||
component:
|
|
||||||
- elfutils
|
|
||||||
test: ./runtest.sh
|
|
||||||
framework: beakerlib
|
|
||||||
recommend:
|
|
||||||
- elfutils
|
|
||||||
- valgrind
|
|
||||||
duration: 48h
|
|
||||||
extra-summary: /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
|
||||||
extra-task: /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
|
|
@ -1,43 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# runtest.sh of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
|
||||||
# Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
# Include Beaker environment
|
|
||||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
||||||
|
|
||||||
PACKAGE="elfutils"
|
|
||||||
|
|
||||||
rlJournalStart
|
|
||||||
rlPhaseStartTest
|
|
||||||
rlRun "which valgrind eu-nm"
|
|
||||||
# With RHEL I saw the invalid read of size 1 on aarch64 and ppc64le
|
|
||||||
# using devtoolset-7-elfutils-0.170-5.el7. I also saw it on x86_64
|
|
||||||
# with base rhel elfutils-0.172-2.el7.x86_64.
|
|
||||||
# IOW - It doesn't reproduce "everywhere".
|
|
||||||
rlRun "valgrind -q --error-exitcode=99 eu-nm -C POC1"
|
|
||||||
rlPhaseEnd
|
|
||||||
rlJournalPrintText
|
|
||||||
rlJournalEnd
|
|
|
@ -1,64 +0,0 @@
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Makefile of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
|
||||||
# Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
export TEST=/tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
|
||||||
export TESTVERSION=1.0
|
|
||||||
|
|
||||||
BUILT_FILES=
|
|
||||||
|
|
||||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
|
|
||||||
|
|
||||||
.PHONY: all install download clean
|
|
||||||
|
|
||||||
run: $(FILES) build
|
|
||||||
./runtest.sh
|
|
||||||
|
|
||||||
build: $(BUILT_FILES)
|
|
||||||
test -x runtest.sh || chmod a+x runtest.sh
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f *~ $(BUILT_FILES)
|
|
||||||
|
|
||||||
|
|
||||||
include /usr/share/rhts/lib/rhts-make.include
|
|
||||||
|
|
||||||
$(METADATA): Makefile
|
|
||||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
|
||||||
@echo "Name: $(TEST)" >> $(METADATA)
|
|
||||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
|
||||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
|
||||||
@echo "Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom" >> $(METADATA)
|
|
||||||
@echo "Type: Security" >> $(METADATA)
|
|
||||||
@echo "TestTime: 48h" >> $(METADATA)
|
|
||||||
@echo "RunFor: elfutils" >> $(METADATA)
|
|
||||||
@echo "Requires: elfutils valgrind" >> $(METADATA)
|
|
||||||
@echo "Priority: Normal" >> $(METADATA)
|
|
||||||
@echo "License: GPLv2+" >> $(METADATA)
|
|
||||||
@echo "Confidential: no" >> $(METADATA)
|
|
||||||
@echo "Destructive: no" >> $(METADATA)
|
|
||||||
@echo "Bug: 1680046" >> $(METADATA)
|
|
||||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
|
||||||
|
|
||||||
rhts-lint $(METADATA)
|
|
Binary file not shown.
Binary file not shown.
|
@ -1,5 +0,0 @@
|
||||||
PURPOSE of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
|
||||||
Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
|
||||||
Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
Bug summary: elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c [rhel-7]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680046
|
|
|
@ -1,16 +0,0 @@
|
||||||
summary: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
|
||||||
description: |
|
|
||||||
Bug summary: elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c [rhel-7]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680046
|
|
||||||
contact:
|
|
||||||
- Martin Cermak <mcermak@redhat.com>
|
|
||||||
component:
|
|
||||||
- elfutils
|
|
||||||
test: ./runtest.sh
|
|
||||||
framework: beakerlib
|
|
||||||
recommend:
|
|
||||||
- elfutils
|
|
||||||
- valgrind
|
|
||||||
duration: 48h
|
|
||||||
extra-summary: /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
|
||||||
extra-task: /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
|
|
@ -1,40 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# runtest.sh of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
|
||||||
# Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
# Include Beaker environment
|
|
||||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
||||||
|
|
||||||
PACKAGE="elfutils"
|
|
||||||
|
|
||||||
rlJournalStart
|
|
||||||
rlPhaseStartTest
|
|
||||||
# An error is expected (2), but a SEGV is not (139).
|
|
||||||
# Reproduced with elfutils-0.172-2.el7, verified with elfutils-0.176-1.el7
|
|
||||||
rlRun "valgrind -q --error-exitcode=99 eu-stack --core=POC2" 2
|
|
||||||
rlPhaseEnd
|
|
||||||
rlJournalPrintText
|
|
||||||
rlJournalEnd
|
|
|
@ -1,64 +0,0 @@
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Makefile of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
|
||||||
# Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
export TEST=/tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
|
||||||
export TESTVERSION=1.0
|
|
||||||
|
|
||||||
BUILT_FILES=
|
|
||||||
|
|
||||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC
|
|
||||||
|
|
||||||
.PHONY: all install download clean
|
|
||||||
|
|
||||||
run: $(FILES) build
|
|
||||||
./runtest.sh
|
|
||||||
|
|
||||||
build: $(BUILT_FILES)
|
|
||||||
test -x runtest.sh || chmod a+x runtest.sh
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f *~ $(BUILT_FILES)
|
|
||||||
|
|
||||||
|
|
||||||
include /usr/share/rhts/lib/rhts-make.include
|
|
||||||
|
|
||||||
$(METADATA): Makefile
|
|
||||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
|
||||||
@echo "Name: $(TEST)" >> $(METADATA)
|
|
||||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
|
||||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
|
||||||
@echo "Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note" >> $(METADATA)
|
|
||||||
@echo "Type: Security" >> $(METADATA)
|
|
||||||
@echo "TestTime: 48h" >> $(METADATA)
|
|
||||||
@echo "RunFor: elfutils" >> $(METADATA)
|
|
||||||
@echo "Requires: elfutils valgrind" >> $(METADATA)
|
|
||||||
@echo "Priority: Normal" >> $(METADATA)
|
|
||||||
@echo "License: GPLv2+" >> $(METADATA)
|
|
||||||
@echo "Confidential: no" >> $(METADATA)
|
|
||||||
@echo "Destructive: no" >> $(METADATA)
|
|
||||||
@echo "Bug: 1679071" >> $(METADATA)
|
|
||||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
|
||||||
|
|
||||||
rhts-lint $(METADATA)
|
|
Binary file not shown.
|
@ -1,5 +0,0 @@
|
||||||
PURPOSE of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
|
||||||
Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
|
||||||
Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
Bug summary: elfutils: Out of bound write in elf_cvt_note in libelf/note_xlate.h [rhel-7]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679071
|
|
|
@ -1,16 +0,0 @@
|
||||||
summary: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
|
||||||
description: |
|
|
||||||
Bug summary: elfutils: Out of bound write in elf_cvt_note in libelf/note_xlate.h [rhel-7]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679071
|
|
||||||
contact:
|
|
||||||
- Martin Cermak <mcermak@redhat.com>
|
|
||||||
component:
|
|
||||||
- elfutils
|
|
||||||
test: ./runtest.sh
|
|
||||||
framework: beakerlib
|
|
||||||
recommend:
|
|
||||||
- elfutils
|
|
||||||
- valgrind
|
|
||||||
duration: 48h
|
|
||||||
extra-summary: /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
|
||||||
extra-task: /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
|
|
@ -1,40 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# runtest.sh of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
|
||||||
# Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
# Include Beaker environment
|
|
||||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
||||||
|
|
||||||
PACKAGE="elfutils"
|
|
||||||
|
|
||||||
rlJournalStart
|
|
||||||
rlPhaseStartTest
|
|
||||||
# Reproduced with elfutils-0.174-5.fc28.x86_64
|
|
||||||
# This is expected to fail (1), but not to segfault (139).
|
|
||||||
rlRun "valgrind -q --error-exitcode=99 eu-elflint -d POC" 1
|
|
||||||
rlPhaseEnd
|
|
||||||
rlJournalPrintText
|
|
||||||
rlJournalEnd
|
|
|
@ -1,64 +0,0 @@
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Makefile of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
|
||||||
# Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
export TEST=/tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
|
||||||
export TESTVERSION=1.0
|
|
||||||
|
|
||||||
BUILT_FILES=
|
|
||||||
|
|
||||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
|
|
||||||
|
|
||||||
.PHONY: all install download clean
|
|
||||||
|
|
||||||
run: $(FILES) build
|
|
||||||
./runtest.sh
|
|
||||||
|
|
||||||
build: $(BUILT_FILES)
|
|
||||||
test -x runtest.sh || chmod a+x runtest.sh
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f *~ $(BUILT_FILES)
|
|
||||||
|
|
||||||
|
|
||||||
include /usr/share/rhts/lib/rhts-make.include
|
|
||||||
|
|
||||||
$(METADATA): Makefile
|
|
||||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
|
||||||
@echo "Name: $(TEST)" >> $(METADATA)
|
|
||||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
|
||||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
|
||||||
@echo "Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom" >> $(METADATA)
|
|
||||||
@echo "Type: Security" >> $(METADATA)
|
|
||||||
@echo "TestTime: 48h" >> $(METADATA)
|
|
||||||
@echo "RunFor: elfutils" >> $(METADATA)
|
|
||||||
@echo "Requires: elfutils valgrind" >> $(METADATA)
|
|
||||||
@echo "Priority: Normal" >> $(METADATA)
|
|
||||||
@echo "License: GPLv2+" >> $(METADATA)
|
|
||||||
@echo "Confidential: no" >> $(METADATA)
|
|
||||||
@echo "Destructive: no" >> $(METADATA)
|
|
||||||
@echo "Bug: 1679078" >> $(METADATA)
|
|
||||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
|
||||||
|
|
||||||
rhts-lint $(METADATA)
|
|
Binary file not shown.
|
@ -1,5 +0,0 @@
|
||||||
PURPOSE of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
|
||||||
Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
|
||||||
Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
Bug summary: elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c [rhel-7]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679078
|
|
|
@ -1,16 +0,0 @@
|
||||||
summary: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
|
||||||
description: |
|
|
||||||
Bug summary: elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c [rhel-7]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679078
|
|
||||||
contact:
|
|
||||||
- Martin Cermak <mcermak@redhat.com>
|
|
||||||
component:
|
|
||||||
- elfutils
|
|
||||||
test: ./runtest.sh
|
|
||||||
framework: beakerlib
|
|
||||||
recommend:
|
|
||||||
- elfutils
|
|
||||||
- valgrind
|
|
||||||
duration: 48h
|
|
||||||
extra-summary: /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
|
||||||
extra-task: /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
|
|
@ -1,63 +0,0 @@
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Makefile of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
|
|
||||||
# Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
|
|
||||||
# Author: Vaclav Kadlcik <vkadlcik@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2014 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
export TEST=/tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
|
|
||||||
export TESTVERSION=1.0
|
|
||||||
|
|
||||||
BUILT_FILES=
|
|
||||||
|
|
||||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE dwz-overflow.elf
|
|
||||||
|
|
||||||
.PHONY: all install download clean
|
|
||||||
|
|
||||||
run: $(FILES) build
|
|
||||||
./runtest.sh
|
|
||||||
|
|
||||||
build: $(BUILT_FILES)
|
|
||||||
test -x runtest.sh || chmod a+x runtest.sh
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f *~ $(BUILT_FILES)
|
|
||||||
|
|
||||||
|
|
||||||
include /usr/share/rhts/lib/rhts-make.include
|
|
||||||
|
|
||||||
$(METADATA): Makefile
|
|
||||||
@echo "Owner: Vaclav Kadlcik <vkadlcik@redhat.com>" > $(METADATA)
|
|
||||||
@echo "Name: $(TEST)" >> $(METADATA)
|
|
||||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
|
||||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
|
||||||
@echo "Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw" >> $(METADATA)
|
|
||||||
@echo "Type: Security" >> $(METADATA)
|
|
||||||
@echo "TestTime: 5m" >> $(METADATA)
|
|
||||||
@echo "RunFor: elfutils" >> $(METADATA)
|
|
||||||
@echo "Requires: elfutils" >> $(METADATA)
|
|
||||||
@echo "Priority: Normal" >> $(METADATA)
|
|
||||||
@echo "License: GPLv2+" >> $(METADATA)
|
|
||||||
@echo "Confidential: no" >> $(METADATA)
|
|
||||||
@echo "Destructive: no" >> $(METADATA)
|
|
||||||
@echo "Bug: 1139128" >> $(METADATA)
|
|
||||||
|
|
||||||
rhts-lint $(METADATA)
|
|
|
@ -1,5 +0,0 @@
|
||||||
PURPOSE of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
|
|
||||||
Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
|
|
||||||
Author: Vaclav Kadlcik <vkadlcik@redhat.com>
|
|
||||||
Bug summary: elfutils: integer overflow, leading to a heap-based buffer overflow in libdw [rhel-6.6]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1139128
|
|
Binary file not shown.
|
@ -1,16 +0,0 @@
|
||||||
summary: 'CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer
|
|
||||||
overflow in libdw'
|
|
||||||
description: |
|
|
||||||
Bug summary: elfutils: integer overflow, leading to a heap-based buffer overflow in libdw [rhel-6.6]
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1139128
|
|
||||||
contact:
|
|
||||||
- Vaclav Kadlcik <vkadlcik@redhat.com>
|
|
||||||
component:
|
|
||||||
- elfutils
|
|
||||||
test: ./runtest.sh
|
|
||||||
framework: beakerlib
|
|
||||||
recommend:
|
|
||||||
- elfutils
|
|
||||||
duration: 5m
|
|
||||||
extra-summary: /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
|
|
||||||
extra-task: /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
|
|
|
@ -1,56 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# runtest.sh of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
|
|
||||||
# Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
|
|
||||||
# Author: Vaclav Kadlcik <vkadlcik@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2014 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
# Include Beaker environment
|
|
||||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
||||||
|
|
||||||
PACKAGE="elfutils"
|
|
||||||
|
|
||||||
# Reproducer by Florian Weimer
|
|
||||||
REPRODUCING_FILE=dwz-overflow.elf
|
|
||||||
|
|
||||||
rlJournalStart
|
|
||||||
rlPhaseStartSetup
|
|
||||||
rlAssertRpm $PACKAGE
|
|
||||||
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
|
|
||||||
rlRun "cp $REPRODUCING_FILE $TmpDir" 0
|
|
||||||
rlRun "pushd $TmpDir"
|
|
||||||
rlPhaseEnd
|
|
||||||
|
|
||||||
rlPhaseStartTest
|
|
||||||
# eu-readelf since 0.153 was vulnerable.
|
|
||||||
# The following crashed with "Segmentation fault"
|
|
||||||
# and exit value 139.
|
|
||||||
rlRun "eu-readelf -w $REPRODUCING_FILE" 0,1 'eu-readelf should not crash'
|
|
||||||
rlPhaseEnd
|
|
||||||
|
|
||||||
rlPhaseStartCleanup
|
|
||||||
rlRun "popd"
|
|
||||||
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
|
|
||||||
rlPhaseEnd
|
|
||||||
rlJournalPrintText
|
|
||||||
rlJournalEnd
|
|
Loading…
Reference in New Issue