CI Gating: Use Regression and Sanity tests in automated runs

0.185-2 - Disable debuginfod client by default for f34
2021-11-16 12:00:15 +01:00 · 2021-05-27 10:42:58 +02:00
79 changed files with 9 additions and 1945 deletions
--- a/elfutils.spec
+++ b/elfutils.spec
@ -1,6 +1,6 @@
 Name: elfutils
 Version: 0.185
-%global baserelease 1
+%global baserelease 2
 Release: %{baserelease}%{?dist}
 URL: http://elfutils.org/
 %global source_url ftp://sourceware.org/pub/elfutils/%{version}/
@ -257,7 +257,7 @@ RPM_OPT_FLAGS="${RPM_OPT_FLAGS} -Wformat"
 trap 'cat config.log' EXIT
-%configure CFLAGS="$RPM_OPT_FLAGS -fexceptions" --enable-debuginfod-urls=https://debuginfod.fedoraproject.org/
+%configure CFLAGS="$RPM_OPT_FLAGS -fexceptions"
 trap '' EXIT
 %make_build -s
@ -268,6 +268,10 @@ chmod +x ${RPM_BUILD_ROOT}%{_prefix}/%{_lib}/lib*.so*
 # We don't want the static libraries
 rm ${RPM_BUILD_ROOT}%{_prefix}/%{_lib}/lib{elf,dw,asm}.a
 # We don't have standard DEBUGINFOD_URLS yet.
 rm ${RPM_BUILD_ROOT}%{_sysconfdir}/profile.d/debuginfod.sh
 rm ${RPM_BUILD_ROOT}%{_sysconfdir}/profile.d/debuginfod.csh
 %find_lang %{name}
 %if %{provide_yama_scope}
@ -375,7 +379,6 @@ fi
 %{_libdir}/libdebuginfod.so.*
 %{_bindir}/debuginfod-find
 %{_mandir}/man1/debuginfod-find.1*
 %config(noreplace) %{_sysconfdir}/profile.d/*
 %files debuginfod-client-devel
 %{_libdir}/pkgconfig/libdebuginfod.pc
@ -407,6 +410,9 @@ exit 0
 %systemd_postun_with_restart debuginfod.service
 %changelog
 * Thu May 27 2021 Mark Wielaard <mjw@fedoraproject.org> - 0.185-2
 - Disable debuginfod client by default for f34.
 * Wed May 26 2021 Mark Wielaard <mjw@fedoraproject.org> - 0.185-1
 - Upgrade to upstream 0.185
  - debuginfod-client: Simplify curl handle reuse so downloads which
--- a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/Makefile
+++ b/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/Makefile
@ -1,64 +0,0 @@
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Makefile of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
 #   Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 export TEST=/tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
 export TESTVERSION=1.0
 BUILT_FILES=
 FILES=$(METADATA) runtest.sh Makefile PURPOSE addr2line-buffer-over-flow1
 .PHONY: all install download clean
 run: $(FILES) build
 	./runtest.sh
 build: $(BUILT_FILES)
 	test -x runtest.sh || chmod a+x runtest.sh
 clean:
 	rm -f *~ $(BUILT_FILES)
 include /usr/share/rhts/lib/rhts-make.include
 $(METADATA): Makefile
 	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
 	@echo "Name:            $(TEST)" >> $(METADATA)
 	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
 	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
 	@echo "Description:     CVE-2018-16062-elfutils-Heap-based-buffer-over-read" >> $(METADATA)
 	@echo "Type:            Security" >> $(METADATA)
 	@echo "TestTime:        48h" >> $(METADATA)
 	@echo "RunFor:          elfutils" >> $(METADATA)
 	@echo "Requires:        elfutils valgrind" >> $(METADATA)
 	@echo "Priority:        Normal" >> $(METADATA)
 	@echo "License:         GPLv2+" >> $(METADATA)
 	@echo "Confidential:    no" >> $(METADATA)
 	@echo "Destructive:     no" >> $(METADATA)
 	@echo "Bug:             1625260" >> $(METADATA)
 	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
 	rhts-lint $(METADATA)
--- a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/PURPOSE
+++ b/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/PURPOSE
@ -1,5 +0,0 @@
 PURPOSE of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
 Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
 Author: Martin Cermak <mcermak@redhat.com>
 Bug summary: 2 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file [rhel-7]
 Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625260
--- a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/addr2line-buffer-over-flow1
+++ b/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/addr2line-buffer-over-flow1
--- a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/main.fmf
+++ b/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/main.fmf
@ -1,16 +0,0 @@
 summary: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
 description: |
    Bug summary: 2 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file [rhel-7]
    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625260
 contact:
 - Martin Cermak <mcermak@redhat.com>
 component:
 - elfutils
 test: ./runtest.sh
 framework: beakerlib
 recommend:
 - elfutils
 - valgrind
 duration: 48h
 extra-summary: /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
 extra-task: /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
--- a/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/runtest.sh
+++ b/tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/runtest.sh
@ -1,39 +0,0 @@
 #!/bin/bash
 # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   runtest.sh of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
 #   Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Include Beaker environment
 . /usr/share/beakerlib/beakerlib.sh || exit 1
 PACKAGE="elfutils"
 rlJournalStart
    rlPhaseStartTest
 	# Reproduced with elfutils-0.172-2.el7.x86_64 valgrind-3.13.0-13.el7.x86_64
 	rlRun "valgrind -q --error-exitcode=99 eu-addr2line -e addr2line-buffer-over-flow1 -- 500 50 10 -1000"
    rlPhaseEnd
 rlJournalPrintText
 rlJournalEnd
--- a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/Double-free-libelf
+++ b/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/Double-free-libelf
--- a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/Makefile
+++ b/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/Makefile
@ -1,65 +0,0 @@
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Makefile of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
 #   Description: CVE-2018-16402-double-free-due-to-double-decompression
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2018 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 export TEST=/tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
 export TESTVERSION=1.0
 BUILT_FILES=
 FILES=$(METADATA) runtest.sh Makefile PURPOSE Double-free-libelf
 .PHONY: all install download clean
 run: $(FILES) build
 	./runtest.sh
 build: $(BUILT_FILES)
 	test -x runtest.sh || chmod a+x runtest.sh
 clean:
 	rm -f *~ $(BUILT_FILES)
 include /usr/share/rhts/lib/rhts-make.include
 $(METADATA): Makefile
 	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
 	@echo "Name:            $(TEST)" >> $(METADATA)
 	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
 	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
 	@echo "Description:     CVE-2018-16402-double-free-due-to-double-decompression" >> $(METADATA)
 	@echo "Type:            Security" >> $(METADATA)
 	@echo "TestTime:        48h" >> $(METADATA)
 	@echo "RunFor:          nothing" >> $(METADATA)
 	@echo "Requires:        elfutils" >> $(METADATA)
 	@echo "Requires:        valgrind" >> $(METADATA)
 	@echo "Priority:        Normal" >> $(METADATA)
 	@echo "License:         GPLv2+" >> $(METADATA)
 	@echo "Confidential:    no" >> $(METADATA)
 	@echo "Destructive:     no" >> $(METADATA)
 	@echo "Bug:             1625052" >> $(METADATA)
 	@echo "Releases:        -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
 	rhts-lint $(METADATA)
--- a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/PURPOSE
+++ b/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/PURPOSE
@ -1,5 +0,0 @@
 PURPOSE of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
 Description: CVE-2018-16402-double-free-due-to-double-decompression
 Author: Martin Cermak <mcermak@redhat.com>
 Bug summary: 2 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash [rhel-8]
 Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625052
--- a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/main.fmf
+++ b/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/main.fmf
@ -1,16 +0,0 @@
 summary: CVE-2018-16402-double-free-due-to-double-decompression
 description: |
    Bug summary: 2 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash [rhel-8]
    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625052
 contact:
 - Martin Cermak <mcermak@redhat.com>
 component:
 - nothing
 test: ./runtest.sh
 framework: beakerlib
 recommend:
 - elfutils
 - valgrind
 duration: 48h
 extra-summary: /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
 extra-task: /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
--- a/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/runtest.sh
+++ b/tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/runtest.sh
@ -1,42 +0,0 @@
 #!/bin/bash
 # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   runtest.sh of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
 #   Description: CVE-2018-16402-double-free-due-to-double-decompression
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2018 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Include Beaker environment
 . /usr/share/beakerlib/beakerlib.sh || exit 1
 PACKAGE="elfutils"
 rlJournalStart
    rlPhaseStartTest
 	TMP=$(mktemp)
 	rlRun "valgrind -q eu-readelf -S ./Double-free-libelf |& tee $TMP"
 	rlRun "fgrep 'Invalid free()' $TMP" 1
 	rlRun "fgrep 'Section Headers:' $TMP"
 	rm -f $TMP
    rlPhaseEnd
 rlJournalPrintText
 rlJournalEnd
--- a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/Buffer-over-readelf
+++ b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/Buffer-over-readelf
--- a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/Makefile
+++ b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/Makefile
@ -1,65 +0,0 @@
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Makefile of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
 #   Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2018 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 export TEST=/tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
 export TESTVERSION=1.0
 BUILT_FILES=
 FILES=$(METADATA) runtest.sh Makefile PURPOSE Buffer-over-readelf bz1532205.supp
 .PHONY: all install download clean
 run: $(FILES) build
 	./runtest.sh
 build: $(BUILT_FILES)
 	test -x runtest.sh || chmod a+x runtest.sh
 clean:
 	rm -f *~ $(BUILT_FILES)
 include /usr/share/rhts/lib/rhts-make.include
 $(METADATA): Makefile
 	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
 	@echo "Name:            $(TEST)" >> $(METADATA)
 	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
 	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
 	@echo "Description:     CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c" >> $(METADATA)
 	@echo "Type:            Security" >> $(METADATA)
 	@echo "TestTime:        48h" >> $(METADATA)
 	@echo "RunFor:          nothing" >> $(METADATA)
 	@echo "Requires:        elfutils" >> $(METADATA)
 	@echo "Requires:        valgrind" >> $(METADATA)
 	@echo "Priority:        Normal" >> $(METADATA)
 	@echo "License:         GPLv2+" >> $(METADATA)
 	@echo "Confidential:    yes" >> $(METADATA)
 	@echo "Destructive:     no" >> $(METADATA)
 	@echo "Bug:             1625057" >> $(METADATA)
 	@echo "Releases:        -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
 	rhts-lint $(METADATA)
--- a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/PURPOSE
+++ b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/PURPOSE
@ -1,5 +0,0 @@
 PURPOSE of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
 Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
 Author: Martin Cermak <mcermak@redhat.com>
 Bug summary: 3 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash [rhel-8]
 Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625057
--- a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/bz1532205.supp
+++ b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/bz1532205.supp
@ -1,25 +0,0 @@
 {
   <insert_a_suppression_name_here>
   Memcheck:Cond
   fun:_nl_explode_name
 }
 {
   <insert_a_suppression_name_here>
   Memcheck:Cond
   fun:_nl_make_l10nflist
 }
 {
   <insert_a_suppression_name_here>
   Memcheck:Addr4
   fun:_nl_make_l10nflist
 }
 {
   <insert_a_suppression_name_here>
   Memcheck:Addr4
   fun:new_composite_name
 }
 {
   <insert_a_suppression_name_here>
   Memcheck:Cond
   fun:_nl_explode_name
 }
--- a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/main.fmf
+++ b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/main.fmf
@ -1,16 +0,0 @@
 summary: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
 description: |
    Bug summary: 3 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash [rhel-8]
    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625057
 contact:
 - Martin Cermak <mcermak@redhat.com>
 component:
 - nothing
 test: ./runtest.sh
 framework: beakerlib
 recommend:
 - elfutils
 - valgrind
 duration: 48h
 extra-summary: /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
 extra-task: /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
--- a/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/runtest.sh
+++ b/tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/runtest.sh
@ -1,43 +0,0 @@
 #!/bin/bash
 # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   runtest.sh of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
 #   Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2018 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Include Beaker environment
 . /usr/share/beakerlib/beakerlib.sh || exit 1
 PACKAGE="elfutils"
 rlJournalStart
    rlPhaseStartTest
 	arch | grep -q ppc64le && VGSUPP='--suppressions=bz1532205.supp' || VGSUPP=''
 	TMP=$(mktemp)
 	rlRun "valgrind $VGSUPP -q eu-readelf --debug-dump=abbrev ./Buffer-over-readelf |& tee $TMP"
 	rlRun "fgrep 'Invalid read of size' $TMP" 1
 	rlRun "fgrep 'Abbreviation section at offset' $TMP"
 	rm -f $TMP
    rlPhaseEnd
 rlJournalPrintText
 rlJournalEnd
--- a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/Makefile
+++ b/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/Makefile
@ -1,64 +0,0 @@
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Makefile of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
 #   Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 export TEST=/tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
 export TESTVERSION=1.0
 BUILT_FILES=
 FILES=$(METADATA) runtest.sh Makefile PURPOSE POC-stack
 .PHONY: all install download clean
 run: $(FILES) build
 	./runtest.sh
 build: $(BUILT_FILES)
 	test -x runtest.sh || chmod a+x runtest.sh
 clean:
 	rm -f *~ $(BUILT_FILES)
 include /usr/share/rhts/lib/rhts-make.include
 $(METADATA): Makefile
 	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
 	@echo "Name:            $(TEST)" >> $(METADATA)
 	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
 	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
 	@echo "Description:     CVE-2018-18310-elfutils-invalid-memory-address-dereference" >> $(METADATA)
 	@echo "Type:            Security" >> $(METADATA)
 	@echo "TestTime:        48h" >> $(METADATA)
 	@echo "RunFor:          elfutils" >> $(METADATA)
 	@echo "Requires:        elfutils" >> $(METADATA)
 	@echo "Priority:        Normal" >> $(METADATA)
 	@echo "License:         GPLv2+" >> $(METADATA)
 	@echo "Confidential:    no" >> $(METADATA)
 	@echo "Destructive:     no" >> $(METADATA)
 	@echo "Bug:             1651567" >> $(METADATA)
 	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
 	rhts-lint $(METADATA)
--- a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/POC-stack
+++ b/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/POC-stack
--- a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/PURPOSE
+++ b/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/PURPOSE
@ -1,5 +0,0 @@
 PURPOSE of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
 Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference
 Author: Martin Cermak <mcermak@redhat.com>
 Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhdts-8]
 Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651567
--- a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/main.fmf
+++ b/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/main.fmf
@ -1,15 +0,0 @@
 summary: CVE-2018-18310-elfutils-invalid-memory-address-dereference
 description: |
    Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhdts-8]
    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651567
 contact:
 - Martin Cermak <mcermak@redhat.com>
 component:
 - elfutils
 test: ./runtest.sh
 framework: beakerlib
 recommend:
 - elfutils
 duration: 48h
 extra-summary: /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
 extra-task: /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
--- a/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/runtest.sh
+++ b/tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/runtest.sh
@ -1,39 +0,0 @@
 #!/bin/bash
 # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   runtest.sh of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
 #   Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Include Beaker environment
 . /usr/share/beakerlib/beakerlib.sh || exit 1
 PACKAGE="elfutils"
 rlJournalStart
    rlPhaseStartTest
 	# Expect exitcode 2, unfixed package segfaults (139)
 	rlRun "eu-stack --core=POC-stack" 2
    rlPhaseEnd
 rlJournalPrintText
 rlJournalEnd
--- a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/Makefile
+++ b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/Makefile
@ -1,64 +0,0 @@
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Makefile of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
 #   Description: CVE-2018-18310-invalid-memory-address-dereference
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2018 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 export TEST=/tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
 export TESTVERSION=1.0
 BUILT_FILES=
 FILES=$(METADATA) runtest.sh Makefile PURPOSE POC-stack bz1532205.supp
 .PHONY: all install download clean
 run: $(FILES) build
 	./runtest.sh
 build: $(BUILT_FILES)
 	test -x runtest.sh || chmod a+x runtest.sh
 clean:
 	rm -f *~ $(BUILT_FILES)
 include /usr/share/rhts/lib/rhts-make.include
 $(METADATA): Makefile
 	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
 	@echo "Name:            $(TEST)" >> $(METADATA)
 	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
 	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
 	@echo "Description:     CVE-2018-18310-invalid-memory-address-dereference" >> $(METADATA)
 	@echo "Type:            Security" >> $(METADATA)
 	@echo "TestTime:        48h" >> $(METADATA)
 	@echo "RunFor:          nothing" >> $(METADATA)
 	@echo "Requires:        elfutils valgrind" >> $(METADATA)
 	@echo "Priority:        Normal" >> $(METADATA)
 	@echo "License:         GPLv2+" >> $(METADATA)
 	@echo "Confidential:    no" >> $(METADATA)
 	@echo "Destructive:     no" >> $(METADATA)
 	@echo "Bug:             1642606" >> $(METADATA)
 	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5 -RHEL6" >> $(METADATA)
 	rhts-lint $(METADATA)
--- a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/POC-stack
+++ b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/POC-stack
--- a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/PURPOSE
+++ b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/PURPOSE
@ -1,5 +0,0 @@
 PURPOSE of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
 Description: CVE-2018-18310-invalid-memory-address-dereference
 Author: Martin Cermak <mcermak@redhat.com>
 Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhel-8]
 Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1642606
--- a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/bz1532205.supp
+++ b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/bz1532205.supp
@ -1,25 +0,0 @@
 {
   <insert_a_suppression_name_here>
   Memcheck:Cond
   fun:_nl_explode_name
 }
 {
   <insert_a_suppression_name_here>
   Memcheck:Cond
   fun:_nl_make_l10nflist
 }
 {
   <insert_a_suppression_name_here>
   Memcheck:Addr4
   fun:_nl_make_l10nflist
 }
 {
   <insert_a_suppression_name_here>
   Memcheck:Addr4
   fun:new_composite_name
 }
 {
   <insert_a_suppression_name_here>
   Memcheck:Cond
   fun:_nl_explode_name
 }
--- a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/main.fmf
+++ b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/main.fmf
@ -1,16 +0,0 @@
 summary: CVE-2018-18310-invalid-memory-address-dereference
 description: |
    Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhel-8]
    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1642606
 contact:
 - Martin Cermak <mcermak@redhat.com>
 component:
 - nothing
 test: ./runtest.sh
 framework: beakerlib
 recommend:
 - elfutils
 - valgrind
 duration: 48h
 extra-summary: /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
 extra-task: /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
--- a/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/runtest.sh
+++ b/tests/Security/CVE-2018-18310-invalid-memory-address-dereference/runtest.sh
@ -1,42 +0,0 @@
 #!/bin/bash
 # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   runtest.sh of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
 #   Description: CVE-2018-18310-invalid-memory-address-dereference
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2018 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Include Beaker environment
 . /usr/share/beakerlib/beakerlib.sh || exit 1
 PACKAGE="elfutils"
 rlJournalStart
    rlPhaseStartTest
 	arch | grep -q ppc64le && VGSUPP='--suppressions=bz1532205.supp' || VGSUPP=''
 	TMP=$(mktemp)
 	rlRun "valgrind $VGSUPP -q eu-stack --core=./POC-stack |& tee $TMP"
 	rlRun "fgrep 'Invalid read of size' $TMP" 1
 	rm -f $TMP
    rlPhaseEnd
 rlJournalPrintText
 rlJournalEnd
--- a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/Makefile
+++ b/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/Makefile
@ -1,64 +0,0 @@
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Makefile of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
 #   Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 export TEST=/tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
 export TESTVERSION=1.0
 BUILT_FILES=
 FILES=$(METADATA) runtest.sh Makefile PURPOSE POC1
 .PHONY: all install download clean
 run: $(FILES) build
 	./runtest.sh
 build: $(BUILT_FILES)
 	test -x runtest.sh || chmod a+x runtest.sh
 clean:
 	rm -f *~ $(BUILT_FILES)
 include /usr/share/rhts/lib/rhts-make.include
 $(METADATA): Makefile
 	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
 	@echo "Name:            $(TEST)" >> $(METADATA)
 	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
 	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
 	@echo "Description:     CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files" >> $(METADATA)
 	@echo "Type:            Security" >> $(METADATA)
 	@echo "TestTime:        48h" >> $(METADATA)
 	@echo "RunFor:          elfutils" >> $(METADATA)
 	@echo "Requires:        elfutils" >> $(METADATA)
 	@echo "Priority:        Normal" >> $(METADATA)
 	@echo "License:         GPLv2+" >> $(METADATA)
 	@echo "Confidential:    no" >> $(METADATA)
 	@echo "Destructive:     no" >> $(METADATA)
 	@echo "Bug:             1651200" >> $(METADATA)
 	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
 	rhts-lint $(METADATA)
--- a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/POC1
+++ b/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/POC1
--- a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/PURPOSE
+++ b/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/PURPOSE
@ -1,3 +0,0 @@
 PURPOSE of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
 Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
 Author: Martin Cermak <mcermak@redhat.com>
--- a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/main.fmf
+++ b/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/main.fmf
@ -1,13 +0,0 @@
 summary: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
 description: ''
 contact:
 - Martin Cermak <mcermak@redhat.com>
 component:
 - elfutils
 test: ./runtest.sh
 framework: beakerlib
 recommend:
 - elfutils
 duration: 48h
 extra-summary: /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
 extra-task: /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
--- a/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/runtest.sh
+++ b/tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/runtest.sh
@ -1,38 +0,0 @@
 #!/bin/bash
 # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   runtest.sh of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
 #   Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Include Beaker environment
 . /usr/share/beakerlib/beakerlib.sh || exit 1
 PACKAGE="elfutils"
 rlJournalStart
    rlPhaseStartTest
 	rlRun "eu-size POC1"
    rlPhaseEnd
 rlJournalPrintText
 rlJournalEnd
--- a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/Makefile
+++ b/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/Makefile
@ -1,64 +0,0 @@
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Makefile of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
 #   Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2018 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 export TEST=/tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
 export TESTVERSION=1.0
 BUILT_FILES=
 FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
 .PHONY: all install download clean
 run: $(FILES) build
 	./runtest.sh
 build: $(BUILT_FILES)
 	test -x runtest.sh || chmod a+x runtest.sh
 clean:
 	rm -f *~ $(BUILT_FILES)
 include /usr/share/rhts/lib/rhts-make.include
 $(METADATA): Makefile
 	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
 	@echo "Name:            $(TEST)" >> $(METADATA)
 	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
 	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
 	@echo "Description:     CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files" >> $(METADATA)
 	@echo "Type:            Security" >> $(METADATA)
 	@echo "TestTime:        48h" >> $(METADATA)
 	@echo "RunFor:          elfutils" >> $(METADATA)
 	@echo "Requires:        elfutils valgrind" >> $(METADATA)
 	@echo "Priority:        Normal" >> $(METADATA)
 	@echo "License:         GPLv2+" >> $(METADATA)
 	@echo "Confidential:    no" >> $(METADATA)
 	@echo "Destructive:     no" >> $(METADATA)
 	@echo "Bug:             1646479" >> $(METADATA)
 	@echo "Releases:        -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
 	rhts-lint $(METADATA)
--- a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/POC2
+++ b/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/POC2
--- a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/PURPOSE
+++ b/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/PURPOSE
@ -1,5 +0,0 @@
 PURPOSE of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
 Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
 Author: Martin Cermak <mcermak@redhat.com>
 Bug summary: 0 elfutils: eu-size cannot handle recursive ar files [rhel-8]
 Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646479
--- a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/main.fmf
+++ b/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/main.fmf
@ -1,16 +0,0 @@
 summary: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
 description: |
    Bug summary: 0 elfutils: eu-size cannot handle recursive ar files [rhel-8]
    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646479
 contact:
 - Martin Cermak <mcermak@redhat.com>
 component:
 - elfutils
 test: ./runtest.sh
 framework: beakerlib
 recommend:
 - elfutils
 - valgrind
 duration: 48h
 extra-summary: /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
 extra-task: /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
--- a/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/runtest.sh
+++ b/tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/runtest.sh
@ -1,42 +0,0 @@
 #!/bin/bash
 # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   runtest.sh of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
 #   Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2018 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Include Beaker environment
 . /usr/share/beakerlib/beakerlib.sh || exit 1
 PACKAGE="elfutils"
 rlJournalStart
    rlPhaseStartTest
 	TMP=$(mktemp)
 	rlRun "valgrind -q eu-size ./POC2 |& tee $TMP"
 	rlRun "fgrep 'Process terminating with default action of signal 11' $TMP" 1
 	rm -f $TMP
 	rlRun "eu-size ./POC2"
    rlPhaseEnd
 rlJournalPrintText
 rlJournalEnd
--- a/tests/Security/CVE-2018-18521-divide-by-zero/Makefile
+++ b/tests/Security/CVE-2018-18521-divide-by-zero/Makefile
@ -1,64 +0,0 @@
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Makefile of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
 #   Description: CVE-2018-18521-divide-by-zero
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2018 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 export TEST=/tools/elfutils/Security/CVE-2018-18521-divide-by-zero
 export TESTVERSION=1.0
 BUILT_FILES=
 FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
 .PHONY: all install download clean
 run: $(FILES) build
 	./runtest.sh
 build: $(BUILT_FILES)
 	test -x runtest.sh || chmod a+x runtest.sh
 clean:
 	rm -f *~ $(BUILT_FILES)
 include /usr/share/rhts/lib/rhts-make.include
 $(METADATA): Makefile
 	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
 	@echo "Name:            $(TEST)" >> $(METADATA)
 	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
 	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
 	@echo "Description:     CVE-2018-18521-divide-by-zero" >> $(METADATA)
 	@echo "Type:            Security" >> $(METADATA)
 	@echo "TestTime:        48h" >> $(METADATA)
 	@echo "RunFor:          elfutils" >> $(METADATA)
 	@echo "Requires:        elfutils valgrind" >> $(METADATA)
 	@echo "Priority:        Normal" >> $(METADATA)
 	@echo "License:         GPLv2+" >> $(METADATA)
 	@echo "Confidential:    no" >> $(METADATA)
 	@echo "Destructive:     no" >> $(METADATA)
 	@echo "Bug:             1646484" >> $(METADATA)
 	@echo "Releases:        -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
 	rhts-lint $(METADATA)
--- a/tests/Security/CVE-2018-18521-divide-by-zero/POC2
+++ b/tests/Security/CVE-2018-18521-divide-by-zero/POC2
--- a/tests/Security/CVE-2018-18521-divide-by-zero/PURPOSE
+++ b/tests/Security/CVE-2018-18521-divide-by-zero/PURPOSE
@ -1,5 +0,0 @@
 PURPOSE of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
 Description: CVE-2018-18521-divide-by-zero
 Author: Martin Cermak <mcermak@redhat.com>
 Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhel-8]
 Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646484
--- a/tests/Security/CVE-2018-18521-divide-by-zero/main.fmf
+++ b/tests/Security/CVE-2018-18521-divide-by-zero/main.fmf
@ -1,16 +0,0 @@
 summary: CVE-2018-18521-divide-by-zero
 description: |
    Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhel-8]
    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646484
 contact:
 - Martin Cermak <mcermak@redhat.com>
 component:
 - elfutils
 test: ./runtest.sh
 framework: beakerlib
 recommend:
 - elfutils
 - valgrind
 duration: 48h
 extra-summary: /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
 extra-task: /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
--- a/tests/Security/CVE-2018-18521-divide-by-zero/runtest.sh
+++ b/tests/Security/CVE-2018-18521-divide-by-zero/runtest.sh
@ -1,43 +0,0 @@
 #!/bin/bash
 # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   runtest.sh of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
 #   Description: CVE-2018-18521-divide-by-zero
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2018 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Include Beaker environment
 . /usr/share/beakerlib/beakerlib.sh || exit 1
 PACKAGE="elfutils"
 rlJournalStart
    rlPhaseStartTest
 	# This doesn't reproduce on ppach64 and ppc64le.
 	TMP=$(mktemp)
 	rlRun "valgrind -q eu-ranlib ./POC2 |& tee $TMP"
 	rlRun "fgrep 'Process terminating with default action of signal 8' $TMP" 1
 	rm -f $TMP
 	rlRun "eu-ranlib ./POC2"
    rlPhaseEnd
 rlJournalPrintText
 rlJournalEnd
--- a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/Makefile
+++ b/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/Makefile
@ -1,64 +0,0 @@
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Makefile of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
 #   Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 export TEST=/tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
 export TESTVERSION=1.0
 BUILT_FILES=
 FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
 .PHONY: all install download clean
 run: $(FILES) build
 	./runtest.sh
 build: $(BUILT_FILES)
 	test -x runtest.sh || chmod a+x runtest.sh
 clean:
 	rm -f *~ $(BUILT_FILES)
 include /usr/share/rhts/lib/rhts-make.include
 $(METADATA): Makefile
 	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
 	@echo "Name:            $(TEST)" >> $(METADATA)
 	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
 	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
 	@echo "Description:     CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c" >> $(METADATA)
 	@echo "Type:            Security" >> $(METADATA)
 	@echo "TestTime:        48h" >> $(METADATA)
 	@echo "RunFor:          elfutils" >> $(METADATA)
 	@echo "Requires:        elfutils" >> $(METADATA)
 	@echo "Priority:        Normal" >> $(METADATA)
 	@echo "License:         GPLv2+" >> $(METADATA)
 	@echo "Confidential:    no" >> $(METADATA)
 	@echo "Destructive:     no" >> $(METADATA)
 	@echo "Bug:             1651203" >> $(METADATA)
 	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
 	rhts-lint $(METADATA)
--- a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/POC2
+++ b/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/POC2
--- a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/PURPOSE
+++ b/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/PURPOSE
@ -1,5 +0,0 @@
 PURPOSE of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
 Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
 Author: Martin Cermak <mcermak@redhat.com>
 Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhdts-8]
 Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651203
--- a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/main.fmf
+++ b/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/main.fmf
@ -1,15 +0,0 @@
 summary: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
 description: |
    Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhdts-8]
    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651203
 contact:
 - Martin Cermak <mcermak@redhat.com>
 component:
 - elfutils
 test: ./runtest.sh
 framework: beakerlib
 recommend:
 - elfutils
 duration: 48h
 extra-summary: /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
 extra-task: /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
--- a/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/runtest.sh
+++ b/tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/runtest.sh
@ -1,38 +0,0 @@
 #!/bin/bash
 # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   runtest.sh of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
 #   Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Include Beaker environment
 . /usr/share/beakerlib/beakerlib.sh || exit 1
 PACKAGE="elfutils"
 rlJournalStart
    rlPhaseStartTest
 	rlRun "eu-ranlib POC2"
    rlPhaseEnd
 rlJournalPrintText
 rlJournalEnd
--- a/tests/Security/CVE-2019-7146/Makefile
+++ b/tests/Security/CVE-2019-7146/Makefile
@ -1,64 +0,0 @@
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Makefile of /tools/elfutils/Security/CVE-2019-7146
 #   Description: CVE-2019-7146
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 export TEST=/tools/elfutils/Security/CVE-2019-7146
 export TESTVERSION=1.0
 BUILT_FILES=
 FILES=$(METADATA) runtest.sh Makefile PURPOSE poc
 .PHONY: all install download clean
 run: $(FILES) build
 	./runtest.sh
 build: $(BUILT_FILES)
 	test -x runtest.sh || chmod a+x runtest.sh
 clean:
 	rm -f *~ $(BUILT_FILES)
 include /usr/share/rhts/lib/rhts-make.include
 $(METADATA): Makefile
 	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
 	@echo "Name:            $(TEST)" >> $(METADATA)
 	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
 	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
 	@echo "Description:     CVE-2019-7146" >> $(METADATA)
 	@echo "Type:            Security" >> $(METADATA)
 	@echo "TestTime:        48h" >> $(METADATA)
 	@echo "RunFor:          elfutils" >> $(METADATA)
 	@echo "Requires:        elfutils" >> $(METADATA)
 	@echo "Requires:        valgrind" >> $(METADATA)
 	@echo "Priority:        Normal" >> $(METADATA)
 	@echo "License:         GPLv2+" >> $(METADATA)
 	@echo "Confidential:    no" >> $(METADATA)
 	@echo "Destructive:     no" >> $(METADATA)
 	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
 	rhts-lint $(METADATA)
--- a/tests/Security/CVE-2019-7146/PURPOSE
+++ b/tests/Security/CVE-2019-7146/PURPOSE
@ -1,3 +0,0 @@
 PURPOSE of /tools/elfutils/Security/CVE-2019-7146
 Description: CVE-2019-7146
 Author: Martin Cermak <mcermak@redhat.com>
--- a/tests/Security/CVE-2019-7146/main.fmf
+++ b/tests/Security/CVE-2019-7146/main.fmf
@ -1,14 +0,0 @@
 summary: CVE-2019-7146
 description: ''
 contact:
 - Martin Cermak <mcermak@redhat.com>
 component:
 - elfutils
 test: ./runtest.sh
 framework: beakerlib
 recommend:
 - elfutils
 - valgrind
 duration: 48h
 extra-summary: /tools/elfutils/Security/CVE-2019-7146
 extra-task: /tools/elfutils/Security/CVE-2019-7146
--- a/tests/Security/CVE-2019-7146/poc
+++ b/tests/Security/CVE-2019-7146/poc
--- a/tests/Security/CVE-2019-7146/runtest.sh
+++ b/tests/Security/CVE-2019-7146/runtest.sh
@ -1,41 +0,0 @@
 #!/bin/bash
 # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   runtest.sh of /tools/elfutils/Security/CVE-2019-7146
 #   Description: CVE-2019-7146
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Include Beaker environment
 . /usr/share/beakerlib/beakerlib.sh || exit 1
 PACKAGE="elfutils"
 rlJournalStart
    rlPhaseStartTest
       # https://svn.devel.redhat.com/repos/srtvulns/trunk/components/elfutils/CVE-2019-7146/
       # Expected Output
       # An error instead of segfault.
       rlRun "valgrind -q --error-exitcode=99 eu-readelf -a ./poc" 1
    rlPhaseEnd
 rlJournalPrintText
 rlJournalEnd
--- a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/Makefile
+++ b/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/Makefile
@ -1,64 +0,0 @@
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Makefile of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
 #   Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 export TEST=/tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
 export TESTVERSION=1.0
 BUILT_FILES=
 FILES=$(METADATA) runtest.sh Makefile PURPOSE POC1
 .PHONY: all install download clean
 run: $(FILES) build
 	./runtest.sh
 build: $(BUILT_FILES)
 	test -x runtest.sh || chmod a+x runtest.sh
 clean:
 	rm -f *~ $(BUILT_FILES)
 include /usr/share/rhts/lib/rhts-make.include
 $(METADATA): Makefile
 	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
 	@echo "Name:            $(TEST)" >> $(METADATA)
 	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
 	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
 	@echo "Description:     CVE-2019-7149-elfutils-heap-based-buffer-over-read" >> $(METADATA)
 	@echo "Type:            Security" >> $(METADATA)
 	@echo "TestTime:        48h" >> $(METADATA)
 	@echo "RunFor:          elfutils" >> $(METADATA)
 	@echo "Requires:        elfutils valgrind" >> $(METADATA)
 	@echo "Priority:        Normal" >> $(METADATA)
 	@echo "License:         GPLv2+" >> $(METADATA)
 	@echo "Confidential:    no" >> $(METADATA)
 	@echo "Destructive:     no" >> $(METADATA)
 	@echo "Bug:             1680056" >> $(METADATA)
 	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
 	rhts-lint $(METADATA)
--- a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/POC1
+++ b/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/POC1
--- a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/PURPOSE
+++ b/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/PURPOSE
@ -1,5 +0,0 @@
 PURPOSE of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
 Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read
 Author: Martin Cermak <mcermak@redhat.com>
 Bug summary: elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw [rhdts-8]
 Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680056
--- a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/main.fmf
+++ b/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/main.fmf
@ -1,16 +0,0 @@
 summary: CVE-2019-7149-elfutils-heap-based-buffer-over-read
 description: |
    Bug summary: elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw [rhdts-8]
    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680056
 contact:
 - Martin Cermak <mcermak@redhat.com>
 component:
 - elfutils
 test: ./runtest.sh
 framework: beakerlib
 recommend:
 - elfutils
 - valgrind
 duration: 48h
 extra-summary: /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
 extra-task: /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
--- a/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/runtest.sh
+++ b/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/runtest.sh
@ -1,43 +0,0 @@
 #!/bin/bash
 # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   runtest.sh of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
 #   Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Include Beaker environment
 . /usr/share/beakerlib/beakerlib.sh || exit 1
 PACKAGE="elfutils"
 rlJournalStart
    rlPhaseStartTest
 	rlRun "which valgrind eu-nm"
 	# With RHEL I saw the invalid read of size 1 on aarch64 and ppc64le
 	# using devtoolset-7-elfutils-0.170-5.el7.  I also saw it on x86_64
 	# with base rhel elfutils-0.172-2.el7.x86_64.
 	# IOW - It doesn't reproduce "everywhere".
 	rlRun "valgrind -q --error-exitcode=99 eu-nm -C POC1"
    rlPhaseEnd
 rlJournalPrintText
 rlJournalEnd
--- a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/Makefile
+++ b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/Makefile
@ -1,64 +0,0 @@
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Makefile of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
 #   Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 export TEST=/tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
 export TESTVERSION=1.0
 BUILT_FILES=
 FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
 .PHONY: all install download clean
 run: $(FILES) build
 	./runtest.sh
 build: $(BUILT_FILES)
 	test -x runtest.sh || chmod a+x runtest.sh
 clean:
 	rm -f *~ $(BUILT_FILES)
 include /usr/share/rhts/lib/rhts-make.include
 $(METADATA): Makefile
 	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
 	@echo "Name:            $(TEST)" >> $(METADATA)
 	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
 	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
 	@echo "Description:     CVE-2019-7150-segmentation-fault-in-elf64_xlatetom" >> $(METADATA)
 	@echo "Type:            Security" >> $(METADATA)
 	@echo "TestTime:        48h" >> $(METADATA)
 	@echo "RunFor:          elfutils" >> $(METADATA)
 	@echo "Requires:        elfutils valgrind" >> $(METADATA)
 	@echo "Priority:        Normal" >> $(METADATA)
 	@echo "License:         GPLv2+" >> $(METADATA)
 	@echo "Confidential:    no" >> $(METADATA)
 	@echo "Destructive:     no" >> $(METADATA)
 	@echo "Bug:             1680046" >> $(METADATA)
 	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
 	rhts-lint $(METADATA)
--- a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/POC1
+++ b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/POC1
--- a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/POC2
+++ b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/POC2
--- a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/PURPOSE
+++ b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/PURPOSE
@ -1,5 +0,0 @@
 PURPOSE of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
 Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
 Author: Martin Cermak <mcermak@redhat.com>
 Bug summary: elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c [rhel-7]
 Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680046
--- a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/main.fmf
+++ b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/main.fmf
@ -1,16 +0,0 @@
 summary: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
 description: |
    Bug summary: elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c [rhel-7]
    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680046
 contact:
 - Martin Cermak <mcermak@redhat.com>
 component:
 - elfutils
 test: ./runtest.sh
 framework: beakerlib
 recommend:
 - elfutils
 - valgrind
 duration: 48h
 extra-summary: /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
 extra-task: /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
--- a/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/runtest.sh
+++ b/tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/runtest.sh
@ -1,40 +0,0 @@
 #!/bin/bash
 # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   runtest.sh of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
 #   Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Include Beaker environment
 . /usr/share/beakerlib/beakerlib.sh || exit 1
 PACKAGE="elfutils"
 rlJournalStart
    rlPhaseStartTest
 	# An error is expected (2), but a SEGV is not (139).
 	# Reproduced with elfutils-0.172-2.el7, verified with elfutils-0.176-1.el7
 	rlRun "valgrind -q --error-exitcode=99 eu-stack --core=POC2" 2
    rlPhaseEnd
 rlJournalPrintText
 rlJournalEnd
--- a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/Makefile
+++ b/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/Makefile
@ -1,64 +0,0 @@
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Makefile of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
 #   Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 export TEST=/tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
 export TESTVERSION=1.0
 BUILT_FILES=
 FILES=$(METADATA) runtest.sh Makefile PURPOSE POC
 .PHONY: all install download clean
 run: $(FILES) build
 	./runtest.sh
 build: $(BUILT_FILES)
 	test -x runtest.sh || chmod a+x runtest.sh
 clean:
 	rm -f *~ $(BUILT_FILES)
 include /usr/share/rhts/lib/rhts-make.include
 $(METADATA): Makefile
 	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
 	@echo "Name:            $(TEST)" >> $(METADATA)
 	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
 	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
 	@echo "Description:     CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note" >> $(METADATA)
 	@echo "Type:            Security" >> $(METADATA)
 	@echo "TestTime:        48h" >> $(METADATA)
 	@echo "RunFor:          elfutils" >> $(METADATA)
 	@echo "Requires:        elfutils valgrind" >> $(METADATA)
 	@echo "Priority:        Normal" >> $(METADATA)
 	@echo "License:         GPLv2+" >> $(METADATA)
 	@echo "Confidential:    no" >> $(METADATA)
 	@echo "Destructive:     no" >> $(METADATA)
 	@echo "Bug:             1679071" >> $(METADATA)
 	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
 	rhts-lint $(METADATA)
--- a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/POC
+++ b/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/POC
--- a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/PURPOSE
+++ b/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/PURPOSE
@ -1,5 +0,0 @@
 PURPOSE of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
 Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
 Author: Martin Cermak <mcermak@redhat.com>
 Bug summary: elfutils: Out of bound write in elf_cvt_note in libelf/note_xlate.h [rhel-7]
 Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679071
--- a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/main.fmf
+++ b/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/main.fmf
@ -1,16 +0,0 @@
 summary: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
 description: |
    Bug summary: elfutils: Out of bound write in elf_cvt_note in libelf/note_xlate.h [rhel-7]
    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679071
 contact:
 - Martin Cermak <mcermak@redhat.com>
 component:
 - elfutils
 test: ./runtest.sh
 framework: beakerlib
 recommend:
 - elfutils
 - valgrind
 duration: 48h
 extra-summary: /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
 extra-task: /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
--- a/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/runtest.sh
+++ b/tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/runtest.sh
@ -1,40 +0,0 @@
 #!/bin/bash
 # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   runtest.sh of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
 #   Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Include Beaker environment
 . /usr/share/beakerlib/beakerlib.sh || exit 1
 PACKAGE="elfutils"
 rlJournalStart
    rlPhaseStartTest
 	# Reproduced with elfutils-0.174-5.fc28.x86_64
 	# This is expected to fail (1), but not to segfault (139).
 	rlRun "valgrind -q --error-exitcode=99 eu-elflint -d POC" 1
    rlPhaseEnd
 rlJournalPrintText
 rlJournalEnd
--- a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/Makefile
+++ b/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/Makefile
@ -1,64 +0,0 @@
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Makefile of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
 #   Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 export TEST=/tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
 export TESTVERSION=1.0
 BUILT_FILES=
 FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
 .PHONY: all install download clean
 run: $(FILES) build
 	./runtest.sh
 build: $(BUILT_FILES)
 	test -x runtest.sh || chmod a+x runtest.sh
 clean:
 	rm -f *~ $(BUILT_FILES)
 include /usr/share/rhts/lib/rhts-make.include
 $(METADATA): Makefile
 	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
 	@echo "Name:            $(TEST)" >> $(METADATA)
 	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
 	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
 	@echo "Description:     CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom" >> $(METADATA)
 	@echo "Type:            Security" >> $(METADATA)
 	@echo "TestTime:        48h" >> $(METADATA)
 	@echo "RunFor:          elfutils" >> $(METADATA)
 	@echo "Requires:        elfutils valgrind" >> $(METADATA)
 	@echo "Priority:        Normal" >> $(METADATA)
 	@echo "License:         GPLv2+" >> $(METADATA)
 	@echo "Confidential:    no" >> $(METADATA)
 	@echo "Destructive:     no" >> $(METADATA)
 	@echo "Bug:             1679078" >> $(METADATA)
 	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
 	rhts-lint $(METADATA)
--- a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/POC2
+++ b/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/POC2
--- a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/PURPOSE
+++ b/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/PURPOSE
@ -1,5 +0,0 @@
 PURPOSE of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
 Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
 Author: Martin Cermak <mcermak@redhat.com>
 Bug summary: elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c [rhel-7]
 Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679078
--- a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/main.fmf
+++ b/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/main.fmf
@ -1,16 +0,0 @@
 summary: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
 description: |
    Bug summary: elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c [rhel-7]
    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679078
 contact:
 - Martin Cermak <mcermak@redhat.com>
 component:
 - elfutils
 test: ./runtest.sh
 framework: beakerlib
 recommend:
 - elfutils
 - valgrind
 duration: 48h
 extra-summary: /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
 extra-task: /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
--- a/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/runtest.sh
+++ b/tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/runtest.sh
@ -1,41 +0,0 @@
 #!/bin/bash
 # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   runtest.sh of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
 #   Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
 #   Author: Martin Cermak <mcermak@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Include Beaker environment
 . /usr/share/beakerlib/beakerlib.sh || exit 1
 PACKAGE="elfutils"
 rlJournalStart
    rlPhaseStartTest
 	# We expect 1, but not 99 ...
 	# Reproduced with valgrind-3.13.0-13.el7 and elfutils-0.172-2.el7
 	# Verified with valgrind-3.14.0-16.el7 and elfutils-0.176-1.el7
 	rlRun "valgrind -q --error-exitcode=99 eu-readelf -a POC2" 1
    rlPhaseEnd
 rlJournalPrintText
 rlJournalEnd
--- a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/Makefile
+++ b/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/Makefile
@ -1,63 +0,0 @@
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Makefile of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
 #   Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
 #   Author: Vaclav Kadlcik <vkadlcik@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2014 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 export TEST=/tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
 export TESTVERSION=1.0
 BUILT_FILES=
 FILES=$(METADATA) runtest.sh Makefile PURPOSE dwz-overflow.elf
 .PHONY: all install download clean
 run: $(FILES) build
 	./runtest.sh
 build: $(BUILT_FILES)
 	test -x runtest.sh || chmod a+x runtest.sh
 clean:
 	rm -f *~ $(BUILT_FILES)
 include /usr/share/rhts/lib/rhts-make.include
 $(METADATA): Makefile
 	@echo "Owner:           Vaclav Kadlcik <vkadlcik@redhat.com>" > $(METADATA)
 	@echo "Name:            $(TEST)" >> $(METADATA)
 	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
 	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
 	@echo "Description:     CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw" >> $(METADATA)
 	@echo "Type:            Security" >> $(METADATA)
 	@echo "TestTime:        5m" >> $(METADATA)
 	@echo "RunFor:          elfutils" >> $(METADATA)
 	@echo "Requires:        elfutils" >> $(METADATA)
 	@echo "Priority:        Normal" >> $(METADATA)
 	@echo "License:         GPLv2+" >> $(METADATA)
 	@echo "Confidential:    no" >> $(METADATA)
 	@echo "Destructive:     no" >> $(METADATA)
 	@echo "Bug:             1139128" >> $(METADATA)
 	rhts-lint $(METADATA)
--- a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/PURPOSE
+++ b/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/PURPOSE
@ -1,5 +0,0 @@
 PURPOSE of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
 Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
 Author: Vaclav Kadlcik <vkadlcik@redhat.com>
 Bug summary: elfutils: integer overflow, leading to a heap-based buffer overflow in libdw [rhel-6.6]
 Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1139128
--- a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/dwz-overflow.elf
+++ b/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/dwz-overflow.elf
--- a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/main.fmf
+++ b/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/main.fmf
@ -1,16 +0,0 @@
 summary: 'CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer
    overflow in libdw'
 description: |
    Bug summary: elfutils: integer overflow, leading to a heap-based buffer overflow in libdw [rhel-6.6]
    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1139128
 contact:
 - Vaclav Kadlcik <vkadlcik@redhat.com>
 component:
 - elfutils
 test: ./runtest.sh
 framework: beakerlib
 recommend:
 - elfutils
 duration: 5m
 extra-summary: /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
 extra-task: /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
--- a/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/runtest.sh
+++ b/tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/runtest.sh
@ -1,56 +0,0 @@
 #!/bin/bash
 # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   runtest.sh of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
 #   Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
 #   Author: Vaclav Kadlcik <vkadlcik@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2014 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Include Beaker environment
 . /usr/share/beakerlib/beakerlib.sh || exit 1
 PACKAGE="elfutils"
 # Reproducer by Florian Weimer
 REPRODUCING_FILE=dwz-overflow.elf
 rlJournalStart
    rlPhaseStartSetup
        rlAssertRpm $PACKAGE
        rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
        rlRun "cp $REPRODUCING_FILE $TmpDir" 0
        rlRun "pushd $TmpDir"
    rlPhaseEnd
    rlPhaseStartTest
        # eu-readelf since 0.153 was vulnerable.
        # The following crashed with "Segmentation fault"
        # and exit value 139.
        rlRun "eu-readelf -w $REPRODUCING_FILE" 0,1 'eu-readelf should not crash'
    rlPhaseEnd
    rlPhaseStartCleanup
        rlRun "popd"
        rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
    rlPhaseEnd
 rlJournalPrintText
 rlJournalEnd
Author	SHA1	Message	Date
Martin Cermak	6c4fe493d4	CI Gating: Use Regression and Sanity tests in automated runs	2021-11-16 12:00:15 +01:00
Mark Wielaard	687db29356	0.185-2 - Disable debuginfod client by default for f34	2021-05-27 10:42:58 +02:00