Compare commits
4 Commits
Author | SHA1 | Date |
---|---|---|
Mark Wielaard | 6835503d55 | |
Mark Wielaard | 299f1fc7e3 | |
Martin Cermak | 5ccad7a287 | |
Mark Wielaard | 687db29356 |
|
@ -26,3 +26,4 @@
|
|||
/elfutils-0.183.tar.bz2
|
||||
/elfutils-0.184.tar.bz2
|
||||
/elfutils-0.185.tar.bz2
|
||||
/elfutils-0.186.tar.bz2
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
Name: elfutils
|
||||
Version: 0.185
|
||||
Version: 0.186
|
||||
%global baserelease 1
|
||||
Release: %{baserelease}%{?dist}
|
||||
URL: http://elfutils.org/
|
||||
|
@ -42,11 +42,11 @@ BuildRequires: pkgconfig(libarchive) >= 3.1.2
|
|||
# For tests need to bunzip2 test files.
|
||||
BuildRequires: bzip2
|
||||
BuildRequires: zstd
|
||||
# For the run-debuginfod-find.sh test case in %%check for /usr/sbin/ss
|
||||
# For the run-debuginfod-find.sh test case in %%check for /usr/sbin/ss etc.
|
||||
BuildRequires: iproute
|
||||
BuildRequires: procps
|
||||
BuildRequires: bsdtar
|
||||
BuildRequires: curl
|
||||
BuildRequires: procps
|
||||
|
||||
BuildRequires: automake
|
||||
BuildRequires: autoconf
|
||||
|
@ -228,9 +228,7 @@ The ELF/DWARF file searching functions in libdwfl can query
|
|||
such servers to download those files on demand.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
|
||||
# Apply patches
|
||||
%autosetup -p1
|
||||
|
||||
autoreconf -f -v -i
|
||||
|
||||
|
@ -239,12 +237,8 @@ autoreconf -f -v -i
|
|||
find . -name \*.sh ! -perm -0100 -print | xargs chmod +x
|
||||
|
||||
%build
|
||||
# This package uses top level ASM constructs which are incompatible with LTO.
|
||||
# Top level ASMs are often used to implement symbol versioning. gcc-10
|
||||
# introduces a new mechanism for symbol versioning which works with LTO.
|
||||
# Converting packages to use that mechanism instead of toplevel ASMs is
|
||||
# recommended.
|
||||
# Disable LTO
|
||||
# See https://sourceware.org/pipermail/elfutils-devel/2021q4/004385.html
|
||||
%define _lto_cflags %{nil}
|
||||
|
||||
# Remove -Wall from default flags. The makefiles enable enough warnings
|
||||
|
@ -257,17 +251,21 @@ RPM_OPT_FLAGS="${RPM_OPT_FLAGS} -Wformat"
|
|||
|
||||
|
||||
trap 'cat config.log' EXIT
|
||||
%configure CFLAGS="$RPM_OPT_FLAGS -fexceptions" --enable-debuginfod-urls=https://debuginfod.fedoraproject.org/
|
||||
%configure CFLAGS="$RPM_OPT_FLAGS -fexceptions"
|
||||
trap '' EXIT
|
||||
%make_build -s
|
||||
%make_build
|
||||
|
||||
%install
|
||||
%make_install -s
|
||||
%make_install
|
||||
|
||||
chmod +x ${RPM_BUILD_ROOT}%{_prefix}/%{_lib}/lib*.so*
|
||||
# We don't want the static libraries
|
||||
rm ${RPM_BUILD_ROOT}%{_prefix}/%{_lib}/lib{elf,dw,asm}.a
|
||||
|
||||
# We don't have standard DEBUGINFOD_URLS yet.
|
||||
rm ${RPM_BUILD_ROOT}%{_sysconfdir}/profile.d/debuginfod.sh
|
||||
rm ${RPM_BUILD_ROOT}%{_sysconfdir}/profile.d/debuginfod.csh
|
||||
|
||||
%find_lang %{name}
|
||||
|
||||
%if %{provide_yama_scope}
|
||||
|
@ -283,7 +281,7 @@ touch ${RPM_BUILD_ROOT}%{_localstatedir}/cache/debuginfod/debuginfod.sqlite
|
|||
# Record some build root versions in build.log
|
||||
uname -r; rpm -q binutils gcc glibc || true
|
||||
|
||||
%make_build -s check || (cat tests/test-suite.log; false)
|
||||
%make_build check || (cat tests/test-suite.log; false)
|
||||
|
||||
# Only the latest Fedora and EPEL have these scriptlets,
|
||||
# older Fedora and plain RHEL don't.
|
||||
|
@ -375,7 +373,7 @@ fi
|
|||
%{_libdir}/libdebuginfod.so.*
|
||||
%{_bindir}/debuginfod-find
|
||||
%{_mandir}/man1/debuginfod-find.1*
|
||||
%config(noreplace) %{_sysconfdir}/profile.d/*
|
||||
%{_mandir}/man7/debuginfod*.7*
|
||||
|
||||
%files debuginfod-client-devel
|
||||
%{_libdir}/pkgconfig/libdebuginfod.pc
|
||||
|
@ -407,6 +405,33 @@ exit 0
|
|||
%systemd_postun_with_restart debuginfod.service
|
||||
|
||||
%changelog
|
||||
* Thu Nov 25 2021 Mark Wielaard <mjw@fedoraproject.org> - 0.186-1
|
||||
- Upgrade to upstream 0.186
|
||||
- debuginfod-client: Default $DEBUGINFOD_URLS is computed from
|
||||
drop-in files /etc/debuginfod/*.urls rather than
|
||||
hardcoded into the /etc/profile.d/debuginfod*
|
||||
scripts.
|
||||
Add $DEBUGINFOD_MAXSIZE and $DEBUGINFOD_MAXTIME settings
|
||||
for skipping large/slow transfers.
|
||||
Add $DEBUGINFOD_RETRY for retrying aborted lookups.
|
||||
- debuginfod: Supply extra HTTP response headers, describing
|
||||
archive/file names that satisfy the requested buildid content.
|
||||
Support -d :memory: option for in-memory databases.
|
||||
Protect against loops in federated server configurations.
|
||||
Add -r option to use -I/-X regexes for grooming stale files.
|
||||
Protect against wasted CPU from duplicate concurrent requests.
|
||||
Limit the duration of groom ops roughly to rescan (-t) times.
|
||||
Add --passive mode for serving from read-only database.
|
||||
Several other performance improvements & prometheus metrics.
|
||||
- libdw: Support for the NVIDIA Cuda line map extensions.
|
||||
DW_LNE_NVIDIA_inlined_call and DW_LNE_NVIDIA_set_function_name
|
||||
are defined in dwarf.h. New functions dwarf_linecontext and
|
||||
dwarf_linefunctionname.
|
||||
- translations: Update Japanese translation.
|
||||
|
||||
* Thu May 27 2021 Mark Wielaard <mjw@fedoraproject.org> - 0.185-2
|
||||
- Disable debuginfod client by default for f34.
|
||||
|
||||
* Wed May 26 2021 Mark Wielaard <mjw@fedoraproject.org> - 0.185-1
|
||||
- Upgrade to upstream 0.185
|
||||
- debuginfod-client: Simplify curl handle reuse so downloads which
|
||||
|
|
2
sources
2
sources
|
@ -1 +1 @@
|
|||
SHA512 (elfutils-0.185.tar.bz2) = 34de0de1355b11740e036e0fc64f2fc063587c8eb121b19216ee5548d3f0f268d8fc3995176c47190466b9d881007cfa11a9d01e9a50e38af6119492bf8bb47f
|
||||
SHA512 (elfutils-0.186.tar.bz2) = c9180b27ec62935f18b9431268d176f6023d1bb938731d2af6e7626ae460af6608a70ba68483aa1ec7e6cb0fa0528b661ca8b68bc4f58ea8e18af527c5950c78
|
||||
|
|
|
@ -1,64 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
||||
# Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE addr2line-buffer-over-flow1
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read" >> $(METADATA)
|
||||
@echo "Type: Security" >> $(METADATA)
|
||||
@echo "TestTime: 48h" >> $(METADATA)
|
||||
@echo "RunFor: elfutils" >> $(METADATA)
|
||||
@echo "Requires: elfutils valgrind" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Bug: 1625260" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
|
@ -1,5 +0,0 @@
|
|||
PURPOSE of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
||||
Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
||||
Author: Martin Cermak <mcermak@redhat.com>
|
||||
Bug summary: 2 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file [rhel-7]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625260
|
Binary file not shown.
|
@ -1,16 +0,0 @@
|
|||
summary: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
||||
description: |
|
||||
Bug summary: 2 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file [rhel-7]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625260
|
||||
contact:
|
||||
- Martin Cermak <mcermak@redhat.com>
|
||||
component:
|
||||
- elfutils
|
||||
test: ./runtest.sh
|
||||
framework: beakerlib
|
||||
recommend:
|
||||
- elfutils
|
||||
- valgrind
|
||||
duration: 48h
|
||||
extra-summary: /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
||||
extra-task: /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
|
@ -1,39 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
||||
# Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="elfutils"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartTest
|
||||
# Reproduced with elfutils-0.172-2.el7.x86_64 valgrind-3.13.0-13.el7.x86_64
|
||||
rlRun "valgrind -q --error-exitcode=99 eu-addr2line -e addr2line-buffer-over-flow1 -- 500 50 10 -1000"
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
Binary file not shown.
|
@ -1,65 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
|
||||
# Description: CVE-2018-16402-double-free-due-to-double-decompression
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2018 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE Double-free-libelf
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: CVE-2018-16402-double-free-due-to-double-decompression" >> $(METADATA)
|
||||
@echo "Type: Security" >> $(METADATA)
|
||||
@echo "TestTime: 48h" >> $(METADATA)
|
||||
@echo "RunFor: nothing" >> $(METADATA)
|
||||
@echo "Requires: elfutils" >> $(METADATA)
|
||||
@echo "Requires: valgrind" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Bug: 1625052" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
|
@ -1,5 +0,0 @@
|
|||
PURPOSE of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
|
||||
Description: CVE-2018-16402-double-free-due-to-double-decompression
|
||||
Author: Martin Cermak <mcermak@redhat.com>
|
||||
Bug summary: 2 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash [rhel-8]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625052
|
|
@ -1,16 +0,0 @@
|
|||
summary: CVE-2018-16402-double-free-due-to-double-decompression
|
||||
description: |
|
||||
Bug summary: 2 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash [rhel-8]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625052
|
||||
contact:
|
||||
- Martin Cermak <mcermak@redhat.com>
|
||||
component:
|
||||
- nothing
|
||||
test: ./runtest.sh
|
||||
framework: beakerlib
|
||||
recommend:
|
||||
- elfutils
|
||||
- valgrind
|
||||
duration: 48h
|
||||
extra-summary: /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
|
||||
extra-task: /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
|
|
@ -1,42 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
|
||||
# Description: CVE-2018-16402-double-free-due-to-double-decompression
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2018 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="elfutils"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartTest
|
||||
TMP=$(mktemp)
|
||||
rlRun "valgrind -q eu-readelf -S ./Double-free-libelf |& tee $TMP"
|
||||
rlRun "fgrep 'Invalid free()' $TMP" 1
|
||||
rlRun "fgrep 'Section Headers:' $TMP"
|
||||
rm -f $TMP
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
Binary file not shown.
|
@ -1,65 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
||||
# Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2018 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE Buffer-over-readelf bz1532205.supp
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c" >> $(METADATA)
|
||||
@echo "Type: Security" >> $(METADATA)
|
||||
@echo "TestTime: 48h" >> $(METADATA)
|
||||
@echo "RunFor: nothing" >> $(METADATA)
|
||||
@echo "Requires: elfutils" >> $(METADATA)
|
||||
@echo "Requires: valgrind" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: yes" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Bug: 1625057" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
|
@ -1,5 +0,0 @@
|
|||
PURPOSE of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
||||
Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
||||
Author: Martin Cermak <mcermak@redhat.com>
|
||||
Bug summary: 3 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash [rhel-8]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625057
|
|
@ -1,25 +0,0 @@
|
|||
{
|
||||
<insert_a_suppression_name_here>
|
||||
Memcheck:Cond
|
||||
fun:_nl_explode_name
|
||||
}
|
||||
{
|
||||
<insert_a_suppression_name_here>
|
||||
Memcheck:Cond
|
||||
fun:_nl_make_l10nflist
|
||||
}
|
||||
{
|
||||
<insert_a_suppression_name_here>
|
||||
Memcheck:Addr4
|
||||
fun:_nl_make_l10nflist
|
||||
}
|
||||
{
|
||||
<insert_a_suppression_name_here>
|
||||
Memcheck:Addr4
|
||||
fun:new_composite_name
|
||||
}
|
||||
{
|
||||
<insert_a_suppression_name_here>
|
||||
Memcheck:Cond
|
||||
fun:_nl_explode_name
|
||||
}
|
|
@ -1,16 +0,0 @@
|
|||
summary: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
||||
description: |
|
||||
Bug summary: 3 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash [rhel-8]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625057
|
||||
contact:
|
||||
- Martin Cermak <mcermak@redhat.com>
|
||||
component:
|
||||
- nothing
|
||||
test: ./runtest.sh
|
||||
framework: beakerlib
|
||||
recommend:
|
||||
- elfutils
|
||||
- valgrind
|
||||
duration: 48h
|
||||
extra-summary: /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
||||
extra-task: /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
|
@ -1,43 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
||||
# Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2018 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="elfutils"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartTest
|
||||
arch | grep -q ppc64le && VGSUPP='--suppressions=bz1532205.supp' || VGSUPP=''
|
||||
TMP=$(mktemp)
|
||||
rlRun "valgrind $VGSUPP -q eu-readelf --debug-dump=abbrev ./Buffer-over-readelf |& tee $TMP"
|
||||
rlRun "fgrep 'Invalid read of size' $TMP" 1
|
||||
rlRun "fgrep 'Abbreviation section at offset' $TMP"
|
||||
rm -f $TMP
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
|
@ -1,64 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
||||
# Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC-stack
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference" >> $(METADATA)
|
||||
@echo "Type: Security" >> $(METADATA)
|
||||
@echo "TestTime: 48h" >> $(METADATA)
|
||||
@echo "RunFor: elfutils" >> $(METADATA)
|
||||
@echo "Requires: elfutils" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Bug: 1651567" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
Binary file not shown.
|
@ -1,5 +0,0 @@
|
|||
PURPOSE of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
||||
Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
||||
Author: Martin Cermak <mcermak@redhat.com>
|
||||
Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhdts-8]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651567
|
|
@ -1,15 +0,0 @@
|
|||
summary: CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
||||
description: |
|
||||
Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhdts-8]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651567
|
||||
contact:
|
||||
- Martin Cermak <mcermak@redhat.com>
|
||||
component:
|
||||
- elfutils
|
||||
test: ./runtest.sh
|
||||
framework: beakerlib
|
||||
recommend:
|
||||
- elfutils
|
||||
duration: 48h
|
||||
extra-summary: /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
||||
extra-task: /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
|
@ -1,39 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
||||
# Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="elfutils"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartTest
|
||||
# Expect exitcode 2, unfixed package segfaults (139)
|
||||
rlRun "eu-stack --core=POC-stack" 2
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
|
@ -1,64 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
|
||||
# Description: CVE-2018-18310-invalid-memory-address-dereference
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2018 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC-stack bz1532205.supp
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: CVE-2018-18310-invalid-memory-address-dereference" >> $(METADATA)
|
||||
@echo "Type: Security" >> $(METADATA)
|
||||
@echo "TestTime: 48h" >> $(METADATA)
|
||||
@echo "RunFor: nothing" >> $(METADATA)
|
||||
@echo "Requires: elfutils valgrind" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Bug: 1642606" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -RHEL6" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
Binary file not shown.
|
@ -1,5 +0,0 @@
|
|||
PURPOSE of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
|
||||
Description: CVE-2018-18310-invalid-memory-address-dereference
|
||||
Author: Martin Cermak <mcermak@redhat.com>
|
||||
Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhel-8]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1642606
|
|
@ -1,25 +0,0 @@
|
|||
{
|
||||
<insert_a_suppression_name_here>
|
||||
Memcheck:Cond
|
||||
fun:_nl_explode_name
|
||||
}
|
||||
{
|
||||
<insert_a_suppression_name_here>
|
||||
Memcheck:Cond
|
||||
fun:_nl_make_l10nflist
|
||||
}
|
||||
{
|
||||
<insert_a_suppression_name_here>
|
||||
Memcheck:Addr4
|
||||
fun:_nl_make_l10nflist
|
||||
}
|
||||
{
|
||||
<insert_a_suppression_name_here>
|
||||
Memcheck:Addr4
|
||||
fun:new_composite_name
|
||||
}
|
||||
{
|
||||
<insert_a_suppression_name_here>
|
||||
Memcheck:Cond
|
||||
fun:_nl_explode_name
|
||||
}
|
|
@ -1,16 +0,0 @@
|
|||
summary: CVE-2018-18310-invalid-memory-address-dereference
|
||||
description: |
|
||||
Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhel-8]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1642606
|
||||
contact:
|
||||
- Martin Cermak <mcermak@redhat.com>
|
||||
component:
|
||||
- nothing
|
||||
test: ./runtest.sh
|
||||
framework: beakerlib
|
||||
recommend:
|
||||
- elfutils
|
||||
- valgrind
|
||||
duration: 48h
|
||||
extra-summary: /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
|
||||
extra-task: /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
|
|
@ -1,42 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
|
||||
# Description: CVE-2018-18310-invalid-memory-address-dereference
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2018 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="elfutils"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartTest
|
||||
arch | grep -q ppc64le && VGSUPP='--suppressions=bz1532205.supp' || VGSUPP=''
|
||||
TMP=$(mktemp)
|
||||
rlRun "valgrind $VGSUPP -q eu-stack --core=./POC-stack |& tee $TMP"
|
||||
rlRun "fgrep 'Invalid read of size' $TMP" 1
|
||||
rm -f $TMP
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
|
@ -1,64 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
||||
# Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC1
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files" >> $(METADATA)
|
||||
@echo "Type: Security" >> $(METADATA)
|
||||
@echo "TestTime: 48h" >> $(METADATA)
|
||||
@echo "RunFor: elfutils" >> $(METADATA)
|
||||
@echo "Requires: elfutils" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Bug: 1651200" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
Binary file not shown.
|
@ -1,3 +0,0 @@
|
|||
PURPOSE of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
||||
Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
||||
Author: Martin Cermak <mcermak@redhat.com>
|
|
@ -1,13 +0,0 @@
|
|||
summary: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
||||
description: ''
|
||||
contact:
|
||||
- Martin Cermak <mcermak@redhat.com>
|
||||
component:
|
||||
- elfutils
|
||||
test: ./runtest.sh
|
||||
framework: beakerlib
|
||||
recommend:
|
||||
- elfutils
|
||||
duration: 48h
|
||||
extra-summary: /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
||||
extra-task: /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
|
@ -1,38 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
||||
# Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="elfutils"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartTest
|
||||
rlRun "eu-size POC1"
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
|
@ -1,64 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
||||
# Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2018 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files" >> $(METADATA)
|
||||
@echo "Type: Security" >> $(METADATA)
|
||||
@echo "TestTime: 48h" >> $(METADATA)
|
||||
@echo "RunFor: elfutils" >> $(METADATA)
|
||||
@echo "Requires: elfutils valgrind" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Bug: 1646479" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
Binary file not shown.
|
@ -1,5 +0,0 @@
|
|||
PURPOSE of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
||||
Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
||||
Author: Martin Cermak <mcermak@redhat.com>
|
||||
Bug summary: 0 elfutils: eu-size cannot handle recursive ar files [rhel-8]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646479
|
|
@ -1,16 +0,0 @@
|
|||
summary: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
||||
description: |
|
||||
Bug summary: 0 elfutils: eu-size cannot handle recursive ar files [rhel-8]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646479
|
||||
contact:
|
||||
- Martin Cermak <mcermak@redhat.com>
|
||||
component:
|
||||
- elfutils
|
||||
test: ./runtest.sh
|
||||
framework: beakerlib
|
||||
recommend:
|
||||
- elfutils
|
||||
- valgrind
|
||||
duration: 48h
|
||||
extra-summary: /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
||||
extra-task: /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
|
@ -1,42 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
||||
# Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2018 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="elfutils"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartTest
|
||||
TMP=$(mktemp)
|
||||
rlRun "valgrind -q eu-size ./POC2 |& tee $TMP"
|
||||
rlRun "fgrep 'Process terminating with default action of signal 11' $TMP" 1
|
||||
rm -f $TMP
|
||||
rlRun "eu-size ./POC2"
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
|
@ -1,64 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
|
||||
# Description: CVE-2018-18521-divide-by-zero
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2018 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/tools/elfutils/Security/CVE-2018-18521-divide-by-zero
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: CVE-2018-18521-divide-by-zero" >> $(METADATA)
|
||||
@echo "Type: Security" >> $(METADATA)
|
||||
@echo "TestTime: 48h" >> $(METADATA)
|
||||
@echo "RunFor: elfutils" >> $(METADATA)
|
||||
@echo "Requires: elfutils valgrind" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Bug: 1646484" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
Binary file not shown.
|
@ -1,5 +0,0 @@
|
|||
PURPOSE of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
|
||||
Description: CVE-2018-18521-divide-by-zero
|
||||
Author: Martin Cermak <mcermak@redhat.com>
|
||||
Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhel-8]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646484
|
|
@ -1,16 +0,0 @@
|
|||
summary: CVE-2018-18521-divide-by-zero
|
||||
description: |
|
||||
Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhel-8]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646484
|
||||
contact:
|
||||
- Martin Cermak <mcermak@redhat.com>
|
||||
component:
|
||||
- elfutils
|
||||
test: ./runtest.sh
|
||||
framework: beakerlib
|
||||
recommend:
|
||||
- elfutils
|
||||
- valgrind
|
||||
duration: 48h
|
||||
extra-summary: /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
|
||||
extra-task: /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
|
|
@ -1,43 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
|
||||
# Description: CVE-2018-18521-divide-by-zero
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2018 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="elfutils"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartTest
|
||||
# This doesn't reproduce on ppach64 and ppc64le.
|
||||
TMP=$(mktemp)
|
||||
rlRun "valgrind -q eu-ranlib ./POC2 |& tee $TMP"
|
||||
rlRun "fgrep 'Process terminating with default action of signal 8' $TMP" 1
|
||||
rm -f $TMP
|
||||
rlRun "eu-ranlib ./POC2"
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
|
@ -1,64 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
||||
# Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c" >> $(METADATA)
|
||||
@echo "Type: Security" >> $(METADATA)
|
||||
@echo "TestTime: 48h" >> $(METADATA)
|
||||
@echo "RunFor: elfutils" >> $(METADATA)
|
||||
@echo "Requires: elfutils" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Bug: 1651203" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
Binary file not shown.
|
@ -1,5 +0,0 @@
|
|||
PURPOSE of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
||||
Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
||||
Author: Martin Cermak <mcermak@redhat.com>
|
||||
Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhdts-8]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651203
|
|
@ -1,15 +0,0 @@
|
|||
summary: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
||||
description: |
|
||||
Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhdts-8]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651203
|
||||
contact:
|
||||
- Martin Cermak <mcermak@redhat.com>
|
||||
component:
|
||||
- elfutils
|
||||
test: ./runtest.sh
|
||||
framework: beakerlib
|
||||
recommend:
|
||||
- elfutils
|
||||
duration: 48h
|
||||
extra-summary: /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
||||
extra-task: /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
|
@ -1,38 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
||||
# Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="elfutils"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartTest
|
||||
rlRun "eu-ranlib POC2"
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
|
@ -1,64 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /tools/elfutils/Security/CVE-2019-7146
|
||||
# Description: CVE-2019-7146
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/tools/elfutils/Security/CVE-2019-7146
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE poc
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: CVE-2019-7146" >> $(METADATA)
|
||||
@echo "Type: Security" >> $(METADATA)
|
||||
@echo "TestTime: 48h" >> $(METADATA)
|
||||
@echo "RunFor: elfutils" >> $(METADATA)
|
||||
@echo "Requires: elfutils" >> $(METADATA)
|
||||
@echo "Requires: valgrind" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
|
@ -1,3 +0,0 @@
|
|||
PURPOSE of /tools/elfutils/Security/CVE-2019-7146
|
||||
Description: CVE-2019-7146
|
||||
Author: Martin Cermak <mcermak@redhat.com>
|
|
@ -1,14 +0,0 @@
|
|||
summary: CVE-2019-7146
|
||||
description: ''
|
||||
contact:
|
||||
- Martin Cermak <mcermak@redhat.com>
|
||||
component:
|
||||
- elfutils
|
||||
test: ./runtest.sh
|
||||
framework: beakerlib
|
||||
recommend:
|
||||
- elfutils
|
||||
- valgrind
|
||||
duration: 48h
|
||||
extra-summary: /tools/elfutils/Security/CVE-2019-7146
|
||||
extra-task: /tools/elfutils/Security/CVE-2019-7146
|
Binary file not shown.
|
@ -1,41 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of /tools/elfutils/Security/CVE-2019-7146
|
||||
# Description: CVE-2019-7146
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="elfutils"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartTest
|
||||
# https://svn.devel.redhat.com/repos/srtvulns/trunk/components/elfutils/CVE-2019-7146/
|
||||
# Expected Output
|
||||
# An error instead of segfault.
|
||||
rlRun "valgrind -q --error-exitcode=99 eu-readelf -a ./poc" 1
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
|
@ -1,64 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
||||
# Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC1
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read" >> $(METADATA)
|
||||
@echo "Type: Security" >> $(METADATA)
|
||||
@echo "TestTime: 48h" >> $(METADATA)
|
||||
@echo "RunFor: elfutils" >> $(METADATA)
|
||||
@echo "Requires: elfutils valgrind" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Bug: 1680056" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
Binary file not shown.
|
@ -1,5 +0,0 @@
|
|||
PURPOSE of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
||||
Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
||||
Author: Martin Cermak <mcermak@redhat.com>
|
||||
Bug summary: elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw [rhdts-8]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680056
|
|
@ -1,16 +0,0 @@
|
|||
summary: CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
||||
description: |
|
||||
Bug summary: elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw [rhdts-8]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680056
|
||||
contact:
|
||||
- Martin Cermak <mcermak@redhat.com>
|
||||
component:
|
||||
- elfutils
|
||||
test: ./runtest.sh
|
||||
framework: beakerlib
|
||||
recommend:
|
||||
- elfutils
|
||||
- valgrind
|
||||
duration: 48h
|
||||
extra-summary: /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
||||
extra-task: /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
|
@ -1,43 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
||||
# Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="elfutils"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartTest
|
||||
rlRun "which valgrind eu-nm"
|
||||
# With RHEL I saw the invalid read of size 1 on aarch64 and ppc64le
|
||||
# using devtoolset-7-elfutils-0.170-5.el7. I also saw it on x86_64
|
||||
# with base rhel elfutils-0.172-2.el7.x86_64.
|
||||
# IOW - It doesn't reproduce "everywhere".
|
||||
rlRun "valgrind -q --error-exitcode=99 eu-nm -C POC1"
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
|
@ -1,64 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
||||
# Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom" >> $(METADATA)
|
||||
@echo "Type: Security" >> $(METADATA)
|
||||
@echo "TestTime: 48h" >> $(METADATA)
|
||||
@echo "RunFor: elfutils" >> $(METADATA)
|
||||
@echo "Requires: elfutils valgrind" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Bug: 1680046" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
Binary file not shown.
Binary file not shown.
|
@ -1,5 +0,0 @@
|
|||
PURPOSE of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
||||
Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
||||
Author: Martin Cermak <mcermak@redhat.com>
|
||||
Bug summary: elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c [rhel-7]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680046
|
|
@ -1,16 +0,0 @@
|
|||
summary: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
||||
description: |
|
||||
Bug summary: elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c [rhel-7]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680046
|
||||
contact:
|
||||
- Martin Cermak <mcermak@redhat.com>
|
||||
component:
|
||||
- elfutils
|
||||
test: ./runtest.sh
|
||||
framework: beakerlib
|
||||
recommend:
|
||||
- elfutils
|
||||
- valgrind
|
||||
duration: 48h
|
||||
extra-summary: /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
||||
extra-task: /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
|
@ -1,40 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
||||
# Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="elfutils"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartTest
|
||||
# An error is expected (2), but a SEGV is not (139).
|
||||
# Reproduced with elfutils-0.172-2.el7, verified with elfutils-0.176-1.el7
|
||||
rlRun "valgrind -q --error-exitcode=99 eu-stack --core=POC2" 2
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
|
@ -1,64 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
||||
# Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note" >> $(METADATA)
|
||||
@echo "Type: Security" >> $(METADATA)
|
||||
@echo "TestTime: 48h" >> $(METADATA)
|
||||
@echo "RunFor: elfutils" >> $(METADATA)
|
||||
@echo "Requires: elfutils valgrind" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Bug: 1679071" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
Binary file not shown.
|
@ -1,5 +0,0 @@
|
|||
PURPOSE of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
||||
Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
||||
Author: Martin Cermak <mcermak@redhat.com>
|
||||
Bug summary: elfutils: Out of bound write in elf_cvt_note in libelf/note_xlate.h [rhel-7]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679071
|
|
@ -1,16 +0,0 @@
|
|||
summary: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
||||
description: |
|
||||
Bug summary: elfutils: Out of bound write in elf_cvt_note in libelf/note_xlate.h [rhel-7]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679071
|
||||
contact:
|
||||
- Martin Cermak <mcermak@redhat.com>
|
||||
component:
|
||||
- elfutils
|
||||
test: ./runtest.sh
|
||||
framework: beakerlib
|
||||
recommend:
|
||||
- elfutils
|
||||
- valgrind
|
||||
duration: 48h
|
||||
extra-summary: /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
||||
extra-task: /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
|
@ -1,40 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
||||
# Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="elfutils"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartTest
|
||||
# Reproduced with elfutils-0.174-5.fc28.x86_64
|
||||
# This is expected to fail (1), but not to segfault (139).
|
||||
rlRun "valgrind -q --error-exitcode=99 eu-elflint -d POC" 1
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
|
@ -1,64 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
||||
# Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom" >> $(METADATA)
|
||||
@echo "Type: Security" >> $(METADATA)
|
||||
@echo "TestTime: 48h" >> $(METADATA)
|
||||
@echo "RunFor: elfutils" >> $(METADATA)
|
||||
@echo "Requires: elfutils valgrind" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Bug: 1679078" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
Binary file not shown.
|
@ -1,5 +0,0 @@
|
|||
PURPOSE of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
||||
Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
||||
Author: Martin Cermak <mcermak@redhat.com>
|
||||
Bug summary: elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c [rhel-7]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679078
|
|
@ -1,16 +0,0 @@
|
|||
summary: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
||||
description: |
|
||||
Bug summary: elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c [rhel-7]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679078
|
||||
contact:
|
||||
- Martin Cermak <mcermak@redhat.com>
|
||||
component:
|
||||
- elfutils
|
||||
test: ./runtest.sh
|
||||
framework: beakerlib
|
||||
recommend:
|
||||
- elfutils
|
||||
- valgrind
|
||||
duration: 48h
|
||||
extra-summary: /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
||||
extra-task: /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
|
@ -1,41 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
||||
# Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
|
||||
# Author: Martin Cermak <mcermak@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="elfutils"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartTest
|
||||
# We expect 1, but not 99 ...
|
||||
# Reproduced with valgrind-3.13.0-13.el7 and elfutils-0.172-2.el7
|
||||
# Verified with valgrind-3.14.0-16.el7 and elfutils-0.176-1.el7
|
||||
rlRun "valgrind -q --error-exitcode=99 eu-readelf -a POC2" 1
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
|
@ -1,63 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
|
||||
# Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
|
||||
# Author: Vaclav Kadlcik <vkadlcik@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2014 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE dwz-overflow.elf
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Vaclav Kadlcik <vkadlcik@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw" >> $(METADATA)
|
||||
@echo "Type: Security" >> $(METADATA)
|
||||
@echo "TestTime: 5m" >> $(METADATA)
|
||||
@echo "RunFor: elfutils" >> $(METADATA)
|
||||
@echo "Requires: elfutils" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Bug: 1139128" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
|
@ -1,5 +0,0 @@
|
|||
PURPOSE of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
|
||||
Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
|
||||
Author: Vaclav Kadlcik <vkadlcik@redhat.com>
|
||||
Bug summary: elfutils: integer overflow, leading to a heap-based buffer overflow in libdw [rhel-6.6]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1139128
|
Binary file not shown.
|
@ -1,16 +0,0 @@
|
|||
summary: 'CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer
|
||||
overflow in libdw'
|
||||
description: |
|
||||
Bug summary: elfutils: integer overflow, leading to a heap-based buffer overflow in libdw [rhel-6.6]
|
||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1139128
|
||||
contact:
|
||||
- Vaclav Kadlcik <vkadlcik@redhat.com>
|
||||
component:
|
||||
- elfutils
|
||||
test: ./runtest.sh
|
||||
framework: beakerlib
|
||||
recommend:
|
||||
- elfutils
|
||||
duration: 5m
|
||||
extra-summary: /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
|
||||
extra-task: /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
|
|
@ -1,56 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
|
||||
# Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
|
||||
# Author: Vaclav Kadlcik <vkadlcik@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2014 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="elfutils"
|
||||
|
||||
# Reproducer by Florian Weimer
|
||||
REPRODUCING_FILE=dwz-overflow.elf
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartSetup
|
||||
rlAssertRpm $PACKAGE
|
||||
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
|
||||
rlRun "cp $REPRODUCING_FILE $TmpDir" 0
|
||||
rlRun "pushd $TmpDir"
|
||||
rlPhaseEnd
|
||||
|
||||
rlPhaseStartTest
|
||||
# eu-readelf since 0.153 was vulnerable.
|
||||
# The following crashed with "Segmentation fault"
|
||||
# and exit value 139.
|
||||
rlRun "eu-readelf -w $REPRODUCING_FILE" 0,1 'eu-readelf should not crash'
|
||||
rlPhaseEnd
|
||||
|
||||
rlPhaseStartCleanup
|
||||
rlRun "popd"
|
||||
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
Loading…
Reference in New Issue