0.187-4

- Add elfutils-0.187-mhd_no_dual_stack.patch
- Add elfutils-0.187-mhd_epoll.patch

.gitignore

@@ -26,3 +26,5 @@
 /elfutils-0.183.tar.bz2
 /elfutils-0.184.tar.bz2
 /elfutils-0.185.tar.bz2
+/elfutils-0.186.tar.bz2
+/elfutils-0.187.tar.bz2

elfutils-0.185-raise-pthread_kill-backtrace.patch

@@ -1,125 +0,0 @@
-commit 9aee0992d6e6ec4cce2c015d8da4b61022c6f6dd
-Author: Mark Wielaard <mark@klomp.org>
-Date:   Wed Aug 4 21:01:27 2021 +0200
-
-    tests: Allow an extra pthread_kill frame in backtrace tests
-    
-    glibc 2.34 calls pthread_kill from the raise function. Before raise
-    directly called the (tg)kill syscall. So allow pthread_kill to be the
-    first frame in a backtrace where raise is expected. Also change some
-    asserts to fprintf plus abort to make it more clear why the testcase
-    fails.
-    
-    https://sourceware.org/bugzilla/show_bug.cgi?id=28190
-    
-    Signed-off-by: Mark Wielaard <mark@klomp.org>
-
-diff --git a/tests/backtrace.c b/tests/backtrace.c
-index 36c8b8c4..afc12fb9 100644
---- a/tests/backtrace.c
-+++ b/tests/backtrace.c
-@@ -97,6 +97,9 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc,
-   static bool reduce_frameno = false;
-   if (reduce_frameno)
-     frameno--;
-+  static bool pthread_kill_seen = false;
-+  if (pthread_kill_seen)
-+    frameno--;
-   if (! use_raise_jmp_patching && frameno >= 2)
-     frameno += 2;
-   const char *symname2 = NULL;
-@@ -107,11 +110,26 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc,
- 	       && (strcmp (symname, "__kernel_vsyscall") == 0
- 		   || strcmp (symname, "__libc_do_syscall") == 0))
- 	reduce_frameno = true;
-+      else if (! pthread_kill_seen && symname
-+	       && strstr (symname, "pthread_kill") != NULL)
-+	pthread_kill_seen = true;
-       else
--	assert (symname && strcmp (symname, "raise") == 0);
-+	{
-+	  if (!symname || strcmp (symname, "raise") != 0)
-+	    {
-+	      fprintf (stderr,
-+		       "case 0: expected symname 'raise' got '%s'\n", symname);
-+	      abort ();
-+	    }
-+	}
-       break;
-     case 1:
--      assert (symname != NULL && strcmp (symname, "sigusr2") == 0);
-+      if (symname == NULL || strcmp (symname, "sigusr2") != 0)
-+	{
-+	  fprintf (stderr,
-+		   "case 1: expected symname 'sigusr2' got '%s'\n", symname);
-+	  abort ();
-+	}
-       break;
-     case 2: // x86_64 only
-       /* __restore_rt - glibc maybe does not have to have this symbol.  */
-@@ -120,11 +138,21 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc,
-       if (use_raise_jmp_patching)
- 	{
- 	  /* Verify we trapped on the very first instruction of jmp.  */
--	  assert (symname != NULL && strcmp (symname, "jmp") == 0);
-+	  if (symname == NULL || strcmp (symname, "jmp") != 0)
-+	    {
-+	      fprintf (stderr,
-+		       "case 3: expected symname 'raise' got '%s'\n", symname);
-+	      abort ();
-+	    }
- 	  mod = dwfl_addrmodule (dwfl, pc - 1);
- 	  if (mod)
- 	    symname2 = dwfl_module_addrname (mod, pc - 1);
--	  assert (symname2 == NULL || strcmp (symname2, "jmp") != 0);
-+	  if (symname2 == NULL || strcmp (symname2, "jmp") != 0)
-+	    {
-+	      fprintf (stderr,
-+		       "case 3: expected symname2 'jmp' got '%s'\n", symname2);
-+	      abort ();
-+	    }
- 	  break;
- 	}
-       FALLTHROUGH;
-@@ -137,11 +165,22 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc,
- 	  duplicate_sigusr2 = true;
- 	  break;
- 	}
--      assert (symname != NULL && strcmp (symname, "stdarg") == 0);
-+      if (symname == NULL || strcmp (symname, "stdarg") != 0)
-+	{
-+	  fprintf (stderr,
-+		   "case 4: expected symname 'stdarg' got '%s'\n", symname);
-+	  abort ();
-+	}
-       break;
-     case 5:
-       /* Verify we trapped on the very last instruction of child.  */
--      assert (symname != NULL && strcmp (symname, "backtracegen") == 0);
-+      if (symname == NULL || strcmp (symname, "backtracegen") != 0)
-+	{
-+	  fprintf (stderr,
-+		   "case 5: expected symname 'backtracegen' got '%s'\n",
-+		   symname);
-+	  abort ();
-+	}
-       mod = dwfl_addrmodule (dwfl, pc);
-       if (mod)
- 	symname2 = dwfl_module_addrname (mod, pc);
-@@ -151,7 +190,15 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc,
-       // instructions or even inserts some padding instructions at the end
-       // (which apparently happens on ppc64).
-       if (use_raise_jmp_patching)
--        assert (symname2 == NULL || strcmp (symname2, "backtracegen") != 0);
-+	{
-+          if (symname2 != NULL && strcmp (symname2, "backtracegen") == 0)
-+	    {
-+	      fprintf (stderr,
-+		       "use_raise_jmp_patching didn't expect symname2 "
-+		       "'backtracegen'\n");
-+	      abort ();
-+	    }
-+	}
-       break;
-   }
- }

elfutils-0.186-fdo-swap.patch

@@ -0,0 +1,35 @@
+diff --git a/libelf/gelf_getnote.c b/libelf/gelf_getnote.c
+index 0f7b9d68..6ef970c5 100644
+--- a/libelf/gelf_getnote.c
++++ b/libelf/gelf_getnote.c
+@@ -31,6 +31,7 @@
+ #endif
+ 
+ #include <assert.h>
++#include <byteswap.h>
+ #include <gelf.h>
+ #include <string.h>
+ 
+@@ -73,6 +74,22 @@ gelf_getnote (Elf_Data *data, size_t offset, GElf_Nhdr *result,
+ 	offset = 0;
+       else
+ 	{
++	  /* Workaround FDO package notes on big-endian systems,
++	     getting namesz and descsz wrong. Detect it by getting
++	     a bad namesz, descsz and byte swapped n_type for
++	     NT_FDO_PACKAGING_METADATA.  */
++	  if (unlikely (n->n_type == bswap_32 (NT_FDO_PACKAGING_METADATA)
++			&& n->n_namesz > data->d_size
++			&& n->n_descsz > data->d_size))
++	    {
++	      /* n might not be writable, use result and redirect n.  */
++	      *result = *n;
++	      result->n_type = bswap_32 (n->n_type);
++	      result->n_namesz = bswap_32 (n->n_namesz);
++	      result->n_descsz = bswap_32 (n->n_descsz);
++	      n = result;
++	    }
++
+ 	  /* This is slightly tricky, offset is guaranteed to be 4
+ 	     byte aligned, which is what we need for the name_offset.
+ 	     And normally desc_offset is also 4 byte aligned, but not

elfutils-0.187-csh-profile.patch

@@ -0,0 +1,28 @@
+commit f1252e4dbe781f75d806ce0b990779548eeeb7a9
+Author: Mark Wielaard <mark@klomp.org>
+Date:   Tue May 3 17:48:55 2022 +0200
+
+    config: Move the 2>/dev/null inside the sh -c '' quotes for profile.csh.
+    
+    csh/tcsh would warn about "Ambiguous output redirect" if not done inside
+    the sh -c command.
+    
+    Fix-by: наб <nabijaczleweli@nabijaczleweli.xyz>
+    
+    https://bugzilla.redhat.com/show_bug.cgi?id=2080957
+    
+    Signed-off-by: Mark Wielaard <mark@klomp.org>
+
+diff --git a/config/profile.csh.in b/config/profile.csh.in
+index 012e243a..74c20c99 100644
+--- a/config/profile.csh.in
++++ b/config/profile.csh.in
+@@ -6,7 +6,7 @@
+ 
+ if (! $?DEBUGINFOD_URLS) then
+     set prefix="@prefix@"
+-    set DEBUGINFOD_URLS=`sh -c 'cat "$0"/*.urls; :' "@sysconfdir@/debuginfod" 2>/dev/null | tr '\n' ' '`
++    set DEBUGINFOD_URLS=`sh -c 'cat "$0"/*.urls 2>/dev/null; :' "@sysconfdir@/debuginfod" | tr '\n' ' '`
+     if ( "$DEBUGINFOD_URLS" != "" ) then
+         setenv DEBUGINFOD_URLS "$DEBUGINFOD_URLS"
+     else

elfutils-0.187-debuginfod-client-fd-leak.patch

@@ -0,0 +1,98 @@
+commit 59158656f3b0b99d8784ddc82c15778813000edc
+Author: Frank Ch. Eigler <fche@redhat.com>
+Date:   Wed May 4 10:26:42 2022 -0400
+
+    PR29117: fix fd leak in debuginfod client for cache-miss files
+    
+    Correct a nasty fd leak and a few less nasty leaks in the debuginfod
+    client code.  The nasty one impacts long-lived apps such as debuginfod
+    servers.
+    
+    Signed-off-by: Mark Wielaard  <mark@klomp.org>
+    Signed-off-by: Frank Ch. Eigler <fche@redhat.com>
+
+diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c
+index ea6e461a..521972e4 100644
+--- a/debuginfod/debuginfod-client.c
++++ b/debuginfod/debuginfod-client.c
+@@ -243,7 +243,13 @@ debuginfod_config_cache(char *config_path,
+         return -errno;
+ 
+       if (dprintf(fd, "%ld", cache_config_default_s) < 0)
+-        return -errno;
++	{
++	  int ret = -errno;
++	  close (fd);
++	  return ret;
++	}
++
++      close (fd);
+     }
+ 
+   long cache_config;
+@@ -284,7 +290,13 @@ debuginfod_init_cache (char *cache_path, char *interval_path, char *maxage_path)
+     return -errno;
+ 
+   if (dprintf(fd, "%ld", cache_clean_default_interval_s) < 0)
+-    return -errno;
++    {
++      int ret = -errno;
++      close (fd);
++      return ret;
++    }
++
++  close (fd);
+ 
+   /* init max age config file.  */
+   if (stat(maxage_path, &st) != 0
+@@ -292,8 +304,13 @@ debuginfod_init_cache (char *cache_path, char *interval_path, char *maxage_path)
+     return -errno;
+ 
+   if (dprintf(fd, "%ld", cache_default_max_unused_age_s) < 0)
+-    return -errno;
++    {
++      int ret = -errno;
++      close (fd);
++      return ret;
++    }
+ 
++  close (fd);
+   return 0;
+ }
+ 
+@@ -812,18 +829,17 @@ debuginfod_query_server (debuginfod_client *c,
+              has passed since the last attempt. */
+           time_t cache_miss;
+           time_t target_mtime = st.st_mtime;
++
++          close(fd); /* no need to hold onto the negative-hit file descriptor */
++          
+           rc = debuginfod_config_cache(cache_miss_path,
+                                        cache_miss_default_s, &st);
+           if (rc < 0)
+-            {
+-              close(fd);
+-              goto out;
+-            }
++            goto out;
+ 
+           cache_miss = (time_t)rc;
+           if (time(NULL) - target_mtime <= cache_miss)
+             {
+-              close(fd);
+               rc = -ENOENT;
+               goto out;
+             }
+diff --git a/debuginfod/debuginfod-find.c b/debuginfod/debuginfod-find.c
+index 3e8ab203..f60b5463 100644
+--- a/debuginfod/debuginfod-find.c
++++ b/debuginfod/debuginfod-find.c
+@@ -231,6 +231,8 @@ main(int argc, char** argv)
+       fprintf(stderr, "Server query failed: %s\n", strerror(-rc));
+       return 1;
+     }
++  else
++    close (rc);
+ 
+   printf("%s\n", cache_name);
+   free (cache_name);

elfutils-0.187-mhd_epoll.patch

@@ -0,0 +1,51 @@
+commit 28f9d86ea89f88b24f1d12c8e9d5ddc3f77da194
+Author: Mark Wielaard <mark@klomp.org>
+Date:   Fri May 6 00:29:28 2022 +0200
+
+    debuginfod: Use MHD_USE_EPOLL for libmicrohttpd version 0.9.51 or higher
+    
+    Also disable MHD_USE_THREAD_PER_CONNECTION when using MHD_USE_EPOLL.
+    
+    https://sourceware.org/bugzilla/show_bug.cgi?id=29123
+    
+    Signed-off-by: Mark Wielaard <mark@klomp.org>
+
+diff --git a/debuginfod/debuginfod.cxx b/debuginfod/debuginfod.cxx
+index c02540f1..d4f47bf7 100644
+--- a/debuginfod/debuginfod.cxx
++++ b/debuginfod/debuginfod.cxx
+@@ -1,6 +1,6 @@
+ /* Debuginfo-over-http server.
+    Copyright (C) 2019-2021 Red Hat, Inc.
+-   Copyright (C) 2021 Mark J. Wielaard <mark@klomp.org>
++   Copyright (C) 2021, 2022 Mark J. Wielaard <mark@klomp.org>
+    This file is part of elfutils.
+ 
+    This file is free software; you can redistribute it and/or modify
+@@ -3899,7 +3899,14 @@ main (int argc, char *argv[])
+         }
+     }
+ 
+-  unsigned int mhd_flags = ((connection_pool
++  /* Note that MHD_USE_EPOLL and MHD_USE_THREAD_PER_CONNECTION don't
++     work together.  */
++  unsigned int use_epoll = 0;
++#if MHD_VERSION >= 0x00095100
++  use_epoll = MHD_USE_EPOLL;
++#endif
++
++  unsigned int mhd_flags = ((connection_pool || use_epoll
+ 			     ? 0 : MHD_USE_THREAD_PER_CONNECTION)
+ #if MHD_VERSION >= 0x00095300
+ 			    | MHD_USE_INTERNAL_POLLING_THREAD
+@@ -3907,9 +3914,7 @@ main (int argc, char *argv[])
+ 			    | MHD_USE_SELECT_INTERNALLY
+ #endif
+ 			    | MHD_USE_DUAL_STACK
+-#ifdef MHD_USE_EPOLL
+-			    | MHD_USE_EPOLL
+-#endif
++			    | use_epoll
+ #if MHD_VERSION >= 0x00095200
+ 			    | MHD_USE_ITC
+ #endif

elfutils-0.187-mhd_no_dual_stack.patch

@@ -0,0 +1,118 @@
+commit ba675ed25a26fd425ffd19b02cf18babf4291b4f
+Author: Mark Wielaard <mark@klomp.org>
+Date:   Thu May 5 23:59:57 2022 +0200
+
+    debuginfod: Try without MHD_USE_DUAL_STACK if MHD_start_daemon fails
+    
+    On a systems that have ipv6 disabled debuginfod doesn't start up
+    anymore because libhttpd MHD_USE_DUAL_STACK only works if it can
+    open an ipv6 socket. If MHD_start_daemon with MHD_USE_DUAL_STACK
+    fails try again without that flag set.
+    
+    https://sourceware.org/bugzilla/show_bug.cgi?id=29122
+    
+    Signed-off-by: Mark Wielaard <mark@klomp.org>
+
+diff --git a/debuginfod/debuginfod.cxx b/debuginfod/debuginfod.cxx
+index 4aaf41c0..c02540f1 100644
+--- a/debuginfod/debuginfod.cxx
++++ b/debuginfod/debuginfod.cxx
+@@ -3899,40 +3899,67 @@ main (int argc, char *argv[])
+         }
+     }
+ 
+-  // Start httpd server threads.  Use a single dual-homed pool.
+-  MHD_Daemon *d46 = MHD_start_daemon ((connection_pool ? 0 : MHD_USE_THREAD_PER_CONNECTION)
++  unsigned int mhd_flags = ((connection_pool
++			     ? 0 : MHD_USE_THREAD_PER_CONNECTION)
+ #if MHD_VERSION >= 0x00095300
+-                                     | MHD_USE_INTERNAL_POLLING_THREAD
++			    | MHD_USE_INTERNAL_POLLING_THREAD
+ #else
+-                                     | MHD_USE_SELECT_INTERNALLY
++			    | MHD_USE_SELECT_INTERNALLY
+ #endif
++			    | MHD_USE_DUAL_STACK
+ #ifdef MHD_USE_EPOLL
+-                                     | MHD_USE_EPOLL
++			    | MHD_USE_EPOLL
+ #endif
+-                                     | MHD_USE_DUAL_STACK
+ #if MHD_VERSION >= 0x00095200
+-                                     | MHD_USE_ITC
++			    | MHD_USE_ITC
+ #endif
+-                                     | MHD_USE_DEBUG, /* report errors to stderr */
+-                                     http_port,
+-                                     NULL, NULL, /* default accept policy */
+-                                     handler_cb, NULL, /* handler callback */
+-                                     MHD_OPTION_EXTERNAL_LOGGER, error_cb, NULL,
+-                                     (connection_pool ? MHD_OPTION_THREAD_POOL_SIZE : MHD_OPTION_END),
+-                                     (connection_pool ? (int)connection_pool : MHD_OPTION_END),
+-                                     MHD_OPTION_END);
++			    | MHD_USE_DEBUG); /* report errors to stderr */
+ 
++  // Start httpd server threads.  Use a single dual-homed pool.
++  MHD_Daemon *d46 = MHD_start_daemon (mhd_flags, http_port,
++				      NULL, NULL, /* default accept policy */
++				      handler_cb, NULL, /* handler callback */
++				      MHD_OPTION_EXTERNAL_LOGGER,
++				      error_cb, NULL,
++				      (connection_pool
++				       ? MHD_OPTION_THREAD_POOL_SIZE
++				       : MHD_OPTION_END),
++				      (connection_pool
++				       ? (int)connection_pool
++				       : MHD_OPTION_END),
++				      MHD_OPTION_END);
++
++  MHD_Daemon *d4 = NULL;
+   if (d46 == NULL)
+     {
+-      sqlite3 *database = db;
+-      sqlite3 *databaseq = dbq;
+-      db = dbq = 0; // for signal_handler not to freak
+-      sqlite3_close (databaseq);
+-      sqlite3_close (database);
+-      error (EXIT_FAILURE, 0, "cannot start http server at port %d", http_port);
+-    }
++      // Cannot use dual_stack, use ipv4 only
++      mhd_flags &= ~(MHD_USE_DUAL_STACK);
++      d4 = MHD_start_daemon (mhd_flags, http_port,
++			     NULL, NULL, /* default accept policy */
++			     handler_cb, NULL, /* handler callback */
++			     MHD_OPTION_EXTERNAL_LOGGER,
++			     error_cb, NULL,
++			     (connection_pool
++			      ? MHD_OPTION_THREAD_POOL_SIZE
++			      : MHD_OPTION_END),
++			     (connection_pool
++			      ? (int)connection_pool
++			      : MHD_OPTION_END),
++			     MHD_OPTION_END);
++      if (d4 == NULL)
++	{
++	  sqlite3 *database = db;
++	  sqlite3 *databaseq = dbq;
++	  db = dbq = 0; // for signal_handler not to freak
++	  sqlite3_close (databaseq);
++	  sqlite3_close (database);
++	  error (EXIT_FAILURE, 0, "cannot start http server at port %d",
++		 http_port);
++	}
+ 
+-  obatched(clog) << "started http server on IPv4 IPv6 "
++    }
++  obatched(clog) << "started http server on"
++                 << (d4 != NULL ? " IPv4 " : " IPv4 IPv6 ")
+                  << "port=" << http_port << endl;
+ 
+   // add maxigroom sql if -G given
+@@ -4053,6 +4080,7 @@ main (int argc, char *argv[])
+ 
+   /* Stop all the web service threads. */
+   if (d46) MHD_stop_daemon (d46);
++  if (d4) MHD_stop_daemon (d4);
+ 
+   if (! passive_p)
+     {

elfutils.spec

@@ -1,6 +1,6 @@
 Name: elfutils
-Version: 0.185
-%global baserelease 5
+Version: 0.187
+%global baserelease 4
 Release: %{baserelease}%{?dist}
 URL: http://elfutils.org/
 %global source_url ftp://sourceware.org/pub/elfutils/%{version}/
@@ -42,11 +42,11 @@ BuildRequires: pkgconfig(libarchive) >= 3.1.2
 # For tests need to bunzip2 test files.
 BuildRequires: bzip2
 BuildRequires: zstd
-# For the run-debuginfod-find.sh test case in %%check for /usr/sbin/ss
+# For the run-debuginfod-find.sh test case in %%check for /usr/sbin/ss etc.
 BuildRequires: iproute
+BuildRequires: procps
 BuildRequires: bsdtar
 BuildRequires: curl
-BuildRequires: procps
 
 BuildRequires: automake
 BuildRequires: autoconf
@@ -62,7 +62,17 @@ BuildRequires: gettext-devel
 %endif
 
 # Patches
-Patch1: elfutils-0.185-raise-pthread_kill-backtrace.patch
+
+# For s390x... FDO package notes are bogus.
+Patch1: elfutils-0.186-fdo-swap.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=2080957
+Patch2: elfutils-0.187-csh-profile.patch
+# https://sourceware.org/bugzilla/show_bug.cgi?id=29117
+Patch3: elfutils-0.187-debuginfod-client-fd-leak.patch
+# https://sourceware.org/bugzilla/show_bug.cgi?id=29122
+Patch4: elfutils-0.187-mhd_no_dual_stack.patch
+# https://sourceware.org/bugzilla/show_bug.cgi?id=29123
+Patch5: elfutils-0.187-mhd_epoll.patch
 
 %description
 Elfutils is a collection of utilities, including stack (to show
@@ -187,6 +197,9 @@ License: GPLv3+ and (GPLv2+ or LGPLv3+)
 %if 0%{!?_isa:1}
 Provides: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release}
 %endif
+# For debuginfod-find binary
+Requires: elfutils-libs%{depsuffix} = %{version}-%{release}
+Requires: elfutils-libelf%{depsuffix} = %{version}-%{release}
 
 %package debuginfod-client-devel
 Summary: Libraries and headers to build debuginfod client applications
@@ -238,14 +251,6 @@ autoreconf -f -v -i
 find . -name \*.sh ! -perm -0100 -print | xargs chmod +x
 
 %build
-# This package uses top level ASM constructs which are incompatible with LTO.
-# Top level ASMs are often used to implement symbol versioning.  gcc-10
-# introduces a new mechanism for symbol versioning which works with LTO.
-# Converting packages to use that mechanism instead of toplevel ASMs is
-# recommended.
-# Disable LTO
-%define _lto_cflags %{nil}
-
 # Remove -Wall from default flags.  The makefiles enable enough warnings
 # themselves, and they use -Werror.  Appending -Wall defeats the cases where
 # the makefiles disable some specific warnings for specific code.
@@ -282,10 +287,7 @@ touch ${RPM_BUILD_ROOT}%{_localstatedir}/cache/debuginfod/debuginfod.sqlite
 # Record some build root versions in build.log
 uname -r; rpm -q binutils gcc glibc || true
 
-# FIXME for 0.186
-# run-debuginfod-find.sh is a bad test
-# %%make_build check || (cat tests/test-suite.log; false)
-%make_build check || (cat tests/test-suite.log; true)
+%make_build check || (cat tests/test-suite.log; false)
 
 # Only the latest Fedora and EPEL have these scriptlets,
 # older Fedora and plain RHEL don't.
@@ -377,7 +379,9 @@ fi
 %{_libdir}/libdebuginfod.so.*
 %{_bindir}/debuginfod-find
 %{_mandir}/man1/debuginfod-find.1*
+%{_mandir}/man7/debuginfod*.7*
 %config(noreplace) %{_sysconfdir}/profile.d/*
+%config(noreplace) %{_sysconfdir}/debuginfod/*
 
 %files debuginfod-client-devel
 %{_libdir}/pkgconfig/libdebuginfod.pc
@@ -409,6 +413,70 @@ exit 0
 %systemd_postun_with_restart debuginfod.service
 
 %changelog
+* Fri May  6 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.187-4
+- Add elfutils-0.187-mhd_no_dual_stack.patch
+- Add elfutils-0.187-mhd_epoll.patch
+
+* Thu May  5 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.187-3
+- Add elfutils-0.187-debuginfod-client-fd-leak.patch
+
+* Tue May  3 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.187-2
+- Add elfutils-0.187-csh-profile.patch
+
+* Tue Apr 26 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.187-1
+- Upgrade to elfutils 0.187
+  - debuginfod: Support -C option for connection thread pooling.
+  - debuginfod-client: Negative cache file are now zero sized instead
+    of no-permission files.
+  - addr2line: The -A, --absolute option, which shows file names
+    includingthe full compilation directory is now the
+    default.  To get theold behavior use the new option --relative.
+  - readelf, elflint: Recognize FDO Packaging Metadata ELF notes
+  - libdw, debuginfo-client: Load libcurl lazily only when files need
+    to be fetched remotely. libcurl is now never loaded when
+    DEBUGINFOD_URLS is unset. And whenDEBUGINFOD_URLS is set,
+    libcurl is only loaded when the debuginfod_begin function is
+    called.
+
+* Tue Apr 12 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.186-5
+- Add an explicit versioned requires from elfutils-debuginfod-client
+  on elfutils-libelf.
+
+* Thu Apr  7 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.186-4
+- Add an explicit versioned requires from elfutils-debuginfod-client
+  on elfutils-libs.
+
+* Fri Mar 25 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.186-3
+- Add elfutils-0.186-elf-glibc.patch
+- Add elfutils-0.186-fdo-ebl.patch
+- Add elfutils-0.186-fdo-efllint.patch
+- Add elfutils-0.186-fdo-swap.patch
+- Add elfutils-0.186-ppc64le-error-return-workaround.patch
+
+* Wed Nov 10 2021 Mark Wielaard <mjw@fedoraproject.org> - 0.186-1
+- Upgrade to upstream 0.186
+  - debuginfod-client: Default $DEBUGINFOD_URLS is computed from
+    drop-in files /etc/debuginfod/*.urls rather than
+    hardcoded into the /etc/profile.d/debuginfod*
+    scripts.
+    Add $DEBUGINFOD_MAXSIZE and $DEBUGINFOD_MAXTIME settings
+    for skipping large/slow transfers.
+    Add $DEBUGINFOD_RETRY for retrying aborted lookups.
+  - debuginfod: Supply extra HTTP response headers, describing
+    archive/file names that satisfy the requested buildid content.
+    Support -d :memory: option for in-memory databases.
+    Protect against loops in federated server configurations.
+    Add -r option to use -I/-X regexes for grooming stale files.
+    Protect against wasted CPU from duplicate concurrent requests.
+    Limit the duration of groom ops roughly to rescan (-t) times.
+    Add --passive mode for serving from read-only database.
+    Several other performance improvements & prometheus metrics.
+  - libdw: Support for the NVIDIA Cuda line map extensions.
+    DW_LNE_NVIDIA_inlined_call and DW_LNE_NVIDIA_set_function_name
+    are defined in dwarf.h. New functions dwarf_linecontext and
+    dwarf_linefunctionname.
+  - translations: Update Japanese translation.
+
 * Thu Aug  5 2021 Mark Wielaard <mjw@fedoraproject.org> - 0.185-5
 - Use autosetup
 - Add elfutils-0.185-raise-pthread_kill-backtrace.patch

sources

@@ -1 +1 @@
-SHA512 (elfutils-0.185.tar.bz2) = 34de0de1355b11740e036e0fc64f2fc063587c8eb121b19216ee5548d3f0f268d8fc3995176c47190466b9d881007cfa11a9d01e9a50e38af6119492bf8bb47f
+SHA512 (elfutils-0.187.tar.bz2) = a9b9e32b503b8b50a62d4e4001097ed2721d3475232a6380e6b9853bd1647aec016440c0ca7ceb950daf1144f8db9814ab43cf33cc0ebef7fc91e9e775c9e874

tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/Makefile

@@ -1,64 +0,0 @@
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Makefile of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
-#   Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-export TEST=/tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
-export TESTVERSION=1.0
-
-BUILT_FILES=
-
-FILES=$(METADATA) runtest.sh Makefile PURPOSE addr2line-buffer-over-flow1
-
-.PHONY: all install download clean
-
-run: $(FILES) build
-	./runtest.sh
-
-build: $(BUILT_FILES)
-	test -x runtest.sh || chmod a+x runtest.sh
-
-clean:
-	rm -f *~ $(BUILT_FILES)
-
-
-include /usr/share/rhts/lib/rhts-make.include
-
-$(METADATA): Makefile
-	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
-	@echo "Name:            $(TEST)" >> $(METADATA)
-	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
-	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
-	@echo "Description:     CVE-2018-16062-elfutils-Heap-based-buffer-over-read" >> $(METADATA)
-	@echo "Type:            Security" >> $(METADATA)
-	@echo "TestTime:        48h" >> $(METADATA)
-	@echo "RunFor:          elfutils" >> $(METADATA)
-	@echo "Requires:        elfutils valgrind" >> $(METADATA)
-	@echo "Priority:        Normal" >> $(METADATA)
-	@echo "License:         GPLv2+" >> $(METADATA)
-	@echo "Confidential:    no" >> $(METADATA)
-	@echo "Destructive:     no" >> $(METADATA)
-	@echo "Bug:             1625260" >> $(METADATA)
-	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
-
-	rhts-lint $(METADATA)

tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/PURPOSE

@@ -1,5 +0,0 @@
-PURPOSE of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
-Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
-Author: Martin Cermak <mcermak@redhat.com>
-Bug summary: 2 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file [rhel-7]
-Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625260

tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/main.fmf

@@ -1,16 +0,0 @@
-summary: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
-description: |
-    Bug summary: 2 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file [rhel-7]
-    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625260
-contact:
-- Martin Cermak <mcermak@redhat.com>
-component:
-- elfutils
-test: ./runtest.sh
-framework: beakerlib
-recommend:
-- elfutils
-- valgrind
-duration: 48h
-extra-summary: /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
-extra-task: /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read

tests/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read/runtest.sh

@@ -1,39 +0,0 @@
-#!/bin/bash
-# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   runtest.sh of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
-#   Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-# Include Beaker environment
-. /usr/share/beakerlib/beakerlib.sh || exit 1
-
-PACKAGE="elfutils"
-
-rlJournalStart
-    rlPhaseStartTest
-	# Reproduced with elfutils-0.172-2.el7.x86_64 valgrind-3.13.0-13.el7.x86_64
-	rlRun "valgrind -q --error-exitcode=99 eu-addr2line -e addr2line-buffer-over-flow1 -- 500 50 10 -1000"
-    rlPhaseEnd
-rlJournalPrintText
-rlJournalEnd

tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/Makefile

@@ -1,65 +0,0 @@
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Makefile of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
-#   Description: CVE-2018-16402-double-free-due-to-double-decompression
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2018 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-export TEST=/tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
-export TESTVERSION=1.0
-
-BUILT_FILES=
-
-FILES=$(METADATA) runtest.sh Makefile PURPOSE Double-free-libelf
-
-.PHONY: all install download clean
-
-run: $(FILES) build
-	./runtest.sh
-
-build: $(BUILT_FILES)
-	test -x runtest.sh || chmod a+x runtest.sh
-
-clean:
-	rm -f *~ $(BUILT_FILES)
-
-
-include /usr/share/rhts/lib/rhts-make.include
-
-$(METADATA): Makefile
-	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
-	@echo "Name:            $(TEST)" >> $(METADATA)
-	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
-	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
-	@echo "Description:     CVE-2018-16402-double-free-due-to-double-decompression" >> $(METADATA)
-	@echo "Type:            Security" >> $(METADATA)
-	@echo "TestTime:        48h" >> $(METADATA)
-	@echo "RunFor:          nothing" >> $(METADATA)
-	@echo "Requires:        elfutils" >> $(METADATA)
-	@echo "Requires:        valgrind" >> $(METADATA)
-	@echo "Priority:        Normal" >> $(METADATA)
-	@echo "License:         GPLv2+" >> $(METADATA)
-	@echo "Confidential:    no" >> $(METADATA)
-	@echo "Destructive:     no" >> $(METADATA)
-	@echo "Bug:             1625052" >> $(METADATA)
-	@echo "Releases:        -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
-
-	rhts-lint $(METADATA)

tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/PURPOSE

@@ -1,5 +0,0 @@
-PURPOSE of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
-Description: CVE-2018-16402-double-free-due-to-double-decompression
-Author: Martin Cermak <mcermak@redhat.com>
-Bug summary: 2 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash [rhel-8]
-Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625052

tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/main.fmf

@@ -1,16 +0,0 @@
-summary: CVE-2018-16402-double-free-due-to-double-decompression
-description: |
-    Bug summary: 2 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash [rhel-8]
-    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625052
-contact:
-- Martin Cermak <mcermak@redhat.com>
-component:
-- nothing
-test: ./runtest.sh
-framework: beakerlib
-recommend:
-- elfutils
-- valgrind
-duration: 48h
-extra-summary: /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
-extra-task: /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression

tests/Security/CVE-2018-16402-double-free-due-to-double-decompression/runtest.sh

@@ -1,42 +0,0 @@
-#!/bin/bash
-# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   runtest.sh of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
-#   Description: CVE-2018-16402-double-free-due-to-double-decompression
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2018 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-# Include Beaker environment
-. /usr/share/beakerlib/beakerlib.sh || exit 1
-
-PACKAGE="elfutils"
-
-rlJournalStart
-    rlPhaseStartTest
-	TMP=$(mktemp)
-	rlRun "valgrind -q eu-readelf -S ./Double-free-libelf |& tee $TMP"
-	rlRun "fgrep 'Invalid free()' $TMP" 1
-	rlRun "fgrep 'Section Headers:' $TMP"
-	rm -f $TMP
-    rlPhaseEnd
-rlJournalPrintText
-rlJournalEnd

tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/Makefile

@@ -1,65 +0,0 @@
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Makefile of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
-#   Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2018 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-export TEST=/tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
-export TESTVERSION=1.0
-
-BUILT_FILES=
-
-FILES=$(METADATA) runtest.sh Makefile PURPOSE Buffer-over-readelf bz1532205.supp
-
-.PHONY: all install download clean
-
-run: $(FILES) build
-	./runtest.sh
-
-build: $(BUILT_FILES)
-	test -x runtest.sh || chmod a+x runtest.sh
-
-clean:
-	rm -f *~ $(BUILT_FILES)
-
-
-include /usr/share/rhts/lib/rhts-make.include
-
-$(METADATA): Makefile
-	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
-	@echo "Name:            $(TEST)" >> $(METADATA)
-	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
-	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
-	@echo "Description:     CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c" >> $(METADATA)
-	@echo "Type:            Security" >> $(METADATA)
-	@echo "TestTime:        48h" >> $(METADATA)
-	@echo "RunFor:          nothing" >> $(METADATA)
-	@echo "Requires:        elfutils" >> $(METADATA)
-	@echo "Requires:        valgrind" >> $(METADATA)
-	@echo "Priority:        Normal" >> $(METADATA)
-	@echo "License:         GPLv2+" >> $(METADATA)
-	@echo "Confidential:    yes" >> $(METADATA)
-	@echo "Destructive:     no" >> $(METADATA)
-	@echo "Bug:             1625057" >> $(METADATA)
-	@echo "Releases:        -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
-
-	rhts-lint $(METADATA)

tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/PURPOSE

@@ -1,5 +0,0 @@
-PURPOSE of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
-Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
-Author: Martin Cermak <mcermak@redhat.com>
-Bug summary: 3 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash [rhel-8]
-Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625057

tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/bz1532205.supp

@@ -1,25 +0,0 @@
-{
-   <insert_a_suppression_name_here>
-   Memcheck:Cond
-   fun:_nl_explode_name
-}
-{
-   <insert_a_suppression_name_here>
-   Memcheck:Cond
-   fun:_nl_make_l10nflist
-}
-{
-   <insert_a_suppression_name_here>
-   Memcheck:Addr4
-   fun:_nl_make_l10nflist
-}
-{
-   <insert_a_suppression_name_here>
-   Memcheck:Addr4
-   fun:new_composite_name
-}
-{
-   <insert_a_suppression_name_here>
-   Memcheck:Cond
-   fun:_nl_explode_name
-}

tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/main.fmf

@@ -1,16 +0,0 @@
-summary: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
-description: |
-    Bug summary: 3 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash [rhel-8]
-    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625057
-contact:
-- Martin Cermak <mcermak@redhat.com>
-component:
-- nothing
-test: ./runtest.sh
-framework: beakerlib
-recommend:
-- elfutils
-- valgrind
-duration: 48h
-extra-summary: /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
-extra-task: /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c

tests/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c/runtest.sh

@@ -1,43 +0,0 @@
-#!/bin/bash
-# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   runtest.sh of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
-#   Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2018 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-# Include Beaker environment
-. /usr/share/beakerlib/beakerlib.sh || exit 1
-
-PACKAGE="elfutils"
-
-rlJournalStart
-    rlPhaseStartTest
-	arch | grep -q ppc64le && VGSUPP='--suppressions=bz1532205.supp' || VGSUPP=''
-	TMP=$(mktemp)
-	rlRun "valgrind $VGSUPP -q eu-readelf --debug-dump=abbrev ./Buffer-over-readelf |& tee $TMP"
-	rlRun "fgrep 'Invalid read of size' $TMP" 1
-	rlRun "fgrep 'Abbreviation section at offset' $TMP"
-	rm -f $TMP
-    rlPhaseEnd
-rlJournalPrintText
-rlJournalEnd

tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/Makefile

@@ -1,64 +0,0 @@
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Makefile of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
-#   Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-export TEST=/tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
-export TESTVERSION=1.0
-
-BUILT_FILES=
-
-FILES=$(METADATA) runtest.sh Makefile PURPOSE POC-stack
-
-.PHONY: all install download clean
-
-run: $(FILES) build
-	./runtest.sh
-
-build: $(BUILT_FILES)
-	test -x runtest.sh || chmod a+x runtest.sh
-
-clean:
-	rm -f *~ $(BUILT_FILES)
-
-
-include /usr/share/rhts/lib/rhts-make.include
-
-$(METADATA): Makefile
-	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
-	@echo "Name:            $(TEST)" >> $(METADATA)
-	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
-	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
-	@echo "Description:     CVE-2018-18310-elfutils-invalid-memory-address-dereference" >> $(METADATA)
-	@echo "Type:            Security" >> $(METADATA)
-	@echo "TestTime:        48h" >> $(METADATA)
-	@echo "RunFor:          elfutils" >> $(METADATA)
-	@echo "Requires:        elfutils" >> $(METADATA)
-	@echo "Priority:        Normal" >> $(METADATA)
-	@echo "License:         GPLv2+" >> $(METADATA)
-	@echo "Confidential:    no" >> $(METADATA)
-	@echo "Destructive:     no" >> $(METADATA)
-	@echo "Bug:             1651567" >> $(METADATA)
-	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
-
-	rhts-lint $(METADATA)

tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/PURPOSE

@@ -1,5 +0,0 @@
-PURPOSE of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
-Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference
-Author: Martin Cermak <mcermak@redhat.com>
-Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhdts-8]
-Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651567

tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/main.fmf

@@ -1,15 +0,0 @@
-summary: CVE-2018-18310-elfutils-invalid-memory-address-dereference
-description: |
-    Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhdts-8]
-    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651567
-contact:
-- Martin Cermak <mcermak@redhat.com>
-component:
-- elfutils
-test: ./runtest.sh
-framework: beakerlib
-recommend:
-- elfutils
-duration: 48h
-extra-summary: /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
-extra-task: /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference

tests/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference/runtest.sh

@@ -1,39 +0,0 @@
-#!/bin/bash
-# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   runtest.sh of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
-#   Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-# Include Beaker environment
-. /usr/share/beakerlib/beakerlib.sh || exit 1
-
-PACKAGE="elfutils"
-
-rlJournalStart
-    rlPhaseStartTest
-	# Expect exitcode 2, unfixed package segfaults (139)
-	rlRun "eu-stack --core=POC-stack" 2
-    rlPhaseEnd
-rlJournalPrintText
-rlJournalEnd

tests/Security/CVE-2018-18310-invalid-memory-address-dereference/Makefile

@@ -1,64 +0,0 @@
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Makefile of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
-#   Description: CVE-2018-18310-invalid-memory-address-dereference
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2018 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-export TEST=/tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
-export TESTVERSION=1.0
-
-BUILT_FILES=
-
-FILES=$(METADATA) runtest.sh Makefile PURPOSE POC-stack bz1532205.supp
-
-.PHONY: all install download clean
-
-run: $(FILES) build
-	./runtest.sh
-
-build: $(BUILT_FILES)
-	test -x runtest.sh || chmod a+x runtest.sh
-
-clean:
-	rm -f *~ $(BUILT_FILES)
-
-
-include /usr/share/rhts/lib/rhts-make.include
-
-$(METADATA): Makefile
-	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
-	@echo "Name:            $(TEST)" >> $(METADATA)
-	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
-	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
-	@echo "Description:     CVE-2018-18310-invalid-memory-address-dereference" >> $(METADATA)
-	@echo "Type:            Security" >> $(METADATA)
-	@echo "TestTime:        48h" >> $(METADATA)
-	@echo "RunFor:          nothing" >> $(METADATA)
-	@echo "Requires:        elfutils valgrind" >> $(METADATA)
-	@echo "Priority:        Normal" >> $(METADATA)
-	@echo "License:         GPLv2+" >> $(METADATA)
-	@echo "Confidential:    no" >> $(METADATA)
-	@echo "Destructive:     no" >> $(METADATA)
-	@echo "Bug:             1642606" >> $(METADATA)
-	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5 -RHEL6" >> $(METADATA)
-
-	rhts-lint $(METADATA)

tests/Security/CVE-2018-18310-invalid-memory-address-dereference/PURPOSE

@@ -1,5 +0,0 @@
-PURPOSE of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
-Description: CVE-2018-18310-invalid-memory-address-dereference
-Author: Martin Cermak <mcermak@redhat.com>
-Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhel-8]
-Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1642606

tests/Security/CVE-2018-18310-invalid-memory-address-dereference/bz1532205.supp

@@ -1,25 +0,0 @@
-{
-   <insert_a_suppression_name_here>
-   Memcheck:Cond
-   fun:_nl_explode_name
-}
-{
-   <insert_a_suppression_name_here>
-   Memcheck:Cond
-   fun:_nl_make_l10nflist
-}
-{
-   <insert_a_suppression_name_here>
-   Memcheck:Addr4
-   fun:_nl_make_l10nflist
-}
-{
-   <insert_a_suppression_name_here>
-   Memcheck:Addr4
-   fun:new_composite_name
-}
-{
-   <insert_a_suppression_name_here>
-   Memcheck:Cond
-   fun:_nl_explode_name
-}

tests/Security/CVE-2018-18310-invalid-memory-address-dereference/main.fmf

@@ -1,16 +0,0 @@
-summary: CVE-2018-18310-invalid-memory-address-dereference
-description: |
-    Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhel-8]
-    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1642606
-contact:
-- Martin Cermak <mcermak@redhat.com>
-component:
-- nothing
-test: ./runtest.sh
-framework: beakerlib
-recommend:
-- elfutils
-- valgrind
-duration: 48h
-extra-summary: /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
-extra-task: /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference

tests/Security/CVE-2018-18310-invalid-memory-address-dereference/runtest.sh

@@ -1,42 +0,0 @@
-#!/bin/bash
-# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   runtest.sh of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
-#   Description: CVE-2018-18310-invalid-memory-address-dereference
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2018 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-# Include Beaker environment
-. /usr/share/beakerlib/beakerlib.sh || exit 1
-
-PACKAGE="elfutils"
-
-rlJournalStart
-    rlPhaseStartTest
-	arch | grep -q ppc64le && VGSUPP='--suppressions=bz1532205.supp' || VGSUPP=''
-	TMP=$(mktemp)
-	rlRun "valgrind $VGSUPP -q eu-stack --core=./POC-stack |& tee $TMP"
-	rlRun "fgrep 'Invalid read of size' $TMP" 1
-	rm -f $TMP
-    rlPhaseEnd
-rlJournalPrintText
-rlJournalEnd

tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/Makefile

@@ -1,64 +0,0 @@
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Makefile of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
-#   Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-export TEST=/tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
-export TESTVERSION=1.0
-
-BUILT_FILES=
-
-FILES=$(METADATA) runtest.sh Makefile PURPOSE POC1
-
-.PHONY: all install download clean
-
-run: $(FILES) build
-	./runtest.sh
-
-build: $(BUILT_FILES)
-	test -x runtest.sh || chmod a+x runtest.sh
-
-clean:
-	rm -f *~ $(BUILT_FILES)
-
-
-include /usr/share/rhts/lib/rhts-make.include
-
-$(METADATA): Makefile
-	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
-	@echo "Name:            $(TEST)" >> $(METADATA)
-	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
-	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
-	@echo "Description:     CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files" >> $(METADATA)
-	@echo "Type:            Security" >> $(METADATA)
-	@echo "TestTime:        48h" >> $(METADATA)
-	@echo "RunFor:          elfutils" >> $(METADATA)
-	@echo "Requires:        elfutils" >> $(METADATA)
-	@echo "Priority:        Normal" >> $(METADATA)
-	@echo "License:         GPLv2+" >> $(METADATA)
-	@echo "Confidential:    no" >> $(METADATA)
-	@echo "Destructive:     no" >> $(METADATA)
-	@echo "Bug:             1651200" >> $(METADATA)
-	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
-
-	rhts-lint $(METADATA)

tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/PURPOSE

@@ -1,3 +0,0 @@
-PURPOSE of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
-Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
-Author: Martin Cermak <mcermak@redhat.com>

tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/main.fmf

@@ -1,13 +0,0 @@
-summary: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
-description: ''
-contact:
-- Martin Cermak <mcermak@redhat.com>
-component:
-- elfutils
-test: ./runtest.sh
-framework: beakerlib
-recommend:
-- elfutils
-duration: 48h
-extra-summary: /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
-extra-task: /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files

tests/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files/runtest.sh

@@ -1,38 +0,0 @@
-#!/bin/bash
-# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   runtest.sh of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
-#   Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-# Include Beaker environment
-. /usr/share/beakerlib/beakerlib.sh || exit 1
-
-PACKAGE="elfutils"
-
-rlJournalStart
-    rlPhaseStartTest
-	rlRun "eu-size POC1"
-    rlPhaseEnd
-rlJournalPrintText
-rlJournalEnd

tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/Makefile

@@ -1,64 +0,0 @@
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Makefile of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
-#   Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2018 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-export TEST=/tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
-export TESTVERSION=1.0
-
-BUILT_FILES=
-
-FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
-
-.PHONY: all install download clean
-
-run: $(FILES) build
-	./runtest.sh
-
-build: $(BUILT_FILES)
-	test -x runtest.sh || chmod a+x runtest.sh
-
-clean:
-	rm -f *~ $(BUILT_FILES)
-
-
-include /usr/share/rhts/lib/rhts-make.include
-
-$(METADATA): Makefile
-	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
-	@echo "Name:            $(TEST)" >> $(METADATA)
-	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
-	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
-	@echo "Description:     CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files" >> $(METADATA)
-	@echo "Type:            Security" >> $(METADATA)
-	@echo "TestTime:        48h" >> $(METADATA)
-	@echo "RunFor:          elfutils" >> $(METADATA)
-	@echo "Requires:        elfutils valgrind" >> $(METADATA)
-	@echo "Priority:        Normal" >> $(METADATA)
-	@echo "License:         GPLv2+" >> $(METADATA)
-	@echo "Confidential:    no" >> $(METADATA)
-	@echo "Destructive:     no" >> $(METADATA)
-	@echo "Bug:             1646479" >> $(METADATA)
-	@echo "Releases:        -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
-
-	rhts-lint $(METADATA)

tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/PURPOSE

@@ -1,5 +0,0 @@
-PURPOSE of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
-Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
-Author: Martin Cermak <mcermak@redhat.com>
-Bug summary: 0 elfutils: eu-size cannot handle recursive ar files [rhel-8]
-Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646479

tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/main.fmf

@@ -1,16 +0,0 @@
-summary: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
-description: |
-    Bug summary: 0 elfutils: eu-size cannot handle recursive ar files [rhel-8]
-    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646479
-contact:
-- Martin Cermak <mcermak@redhat.com>
-component:
-- elfutils
-test: ./runtest.sh
-framework: beakerlib
-recommend:
-- elfutils
-- valgrind
-duration: 48h
-extra-summary: /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
-extra-task: /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files

tests/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files/runtest.sh

@@ -1,42 +0,0 @@
-#!/bin/bash
-# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   runtest.sh of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
-#   Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2018 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-# Include Beaker environment
-. /usr/share/beakerlib/beakerlib.sh || exit 1
-
-PACKAGE="elfutils"
-
-rlJournalStart
-    rlPhaseStartTest
-	TMP=$(mktemp)
-	rlRun "valgrind -q eu-size ./POC2 |& tee $TMP"
-	rlRun "fgrep 'Process terminating with default action of signal 11' $TMP" 1
-	rm -f $TMP
-	rlRun "eu-size ./POC2"
-    rlPhaseEnd
-rlJournalPrintText
-rlJournalEnd

tests/Security/CVE-2018-18521-divide-by-zero/Makefile

@@ -1,64 +0,0 @@
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Makefile of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
-#   Description: CVE-2018-18521-divide-by-zero
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2018 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-export TEST=/tools/elfutils/Security/CVE-2018-18521-divide-by-zero
-export TESTVERSION=1.0
-
-BUILT_FILES=
-
-FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
-
-.PHONY: all install download clean
-
-run: $(FILES) build
-	./runtest.sh
-
-build: $(BUILT_FILES)
-	test -x runtest.sh || chmod a+x runtest.sh
-
-clean:
-	rm -f *~ $(BUILT_FILES)
-
-
-include /usr/share/rhts/lib/rhts-make.include
-
-$(METADATA): Makefile
-	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
-	@echo "Name:            $(TEST)" >> $(METADATA)
-	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
-	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
-	@echo "Description:     CVE-2018-18521-divide-by-zero" >> $(METADATA)
-	@echo "Type:            Security" >> $(METADATA)
-	@echo "TestTime:        48h" >> $(METADATA)
-	@echo "RunFor:          elfutils" >> $(METADATA)
-	@echo "Requires:        elfutils valgrind" >> $(METADATA)
-	@echo "Priority:        Normal" >> $(METADATA)
-	@echo "License:         GPLv2+" >> $(METADATA)
-	@echo "Confidential:    no" >> $(METADATA)
-	@echo "Destructive:     no" >> $(METADATA)
-	@echo "Bug:             1646484" >> $(METADATA)
-	@echo "Releases:        -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
-
-	rhts-lint $(METADATA)

tests/Security/CVE-2018-18521-divide-by-zero/PURPOSE

@@ -1,5 +0,0 @@
-PURPOSE of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
-Description: CVE-2018-18521-divide-by-zero
-Author: Martin Cermak <mcermak@redhat.com>
-Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhel-8]
-Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646484

tests/Security/CVE-2018-18521-divide-by-zero/main.fmf

@@ -1,16 +0,0 @@
-summary: CVE-2018-18521-divide-by-zero
-description: |
-    Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhel-8]
-    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646484
-contact:
-- Martin Cermak <mcermak@redhat.com>
-component:
-- elfutils
-test: ./runtest.sh
-framework: beakerlib
-recommend:
-- elfutils
-- valgrind
-duration: 48h
-extra-summary: /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
-extra-task: /tools/elfutils/Security/CVE-2018-18521-divide-by-zero

tests/Security/CVE-2018-18521-divide-by-zero/runtest.sh

@@ -1,43 +0,0 @@
-#!/bin/bash
-# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   runtest.sh of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
-#   Description: CVE-2018-18521-divide-by-zero
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2018 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-# Include Beaker environment
-. /usr/share/beakerlib/beakerlib.sh || exit 1
-
-PACKAGE="elfutils"
-
-rlJournalStart
-    rlPhaseStartTest
-	# This doesn't reproduce on ppach64 and ppc64le.
-	TMP=$(mktemp)
-	rlRun "valgrind -q eu-ranlib ./POC2 |& tee $TMP"
-	rlRun "fgrep 'Process terminating with default action of signal 8' $TMP" 1
-	rm -f $TMP
-	rlRun "eu-ranlib ./POC2"
-    rlPhaseEnd
-rlJournalPrintText
-rlJournalEnd

tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/Makefile

@@ -1,64 +0,0 @@
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Makefile of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
-#   Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-export TEST=/tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
-export TESTVERSION=1.0
-
-BUILT_FILES=
-
-FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
-
-.PHONY: all install download clean
-
-run: $(FILES) build
-	./runtest.sh
-
-build: $(BUILT_FILES)
-	test -x runtest.sh || chmod a+x runtest.sh
-
-clean:
-	rm -f *~ $(BUILT_FILES)
-
-
-include /usr/share/rhts/lib/rhts-make.include
-
-$(METADATA): Makefile
-	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
-	@echo "Name:            $(TEST)" >> $(METADATA)
-	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
-	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
-	@echo "Description:     CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c" >> $(METADATA)
-	@echo "Type:            Security" >> $(METADATA)
-	@echo "TestTime:        48h" >> $(METADATA)
-	@echo "RunFor:          elfutils" >> $(METADATA)
-	@echo "Requires:        elfutils" >> $(METADATA)
-	@echo "Priority:        Normal" >> $(METADATA)
-	@echo "License:         GPLv2+" >> $(METADATA)
-	@echo "Confidential:    no" >> $(METADATA)
-	@echo "Destructive:     no" >> $(METADATA)
-	@echo "Bug:             1651203" >> $(METADATA)
-	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
-
-	rhts-lint $(METADATA)

tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/PURPOSE

@@ -1,5 +0,0 @@
-PURPOSE of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
-Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
-Author: Martin Cermak <mcermak@redhat.com>
-Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhdts-8]
-Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651203

tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/main.fmf

@@ -1,15 +0,0 @@
-summary: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
-description: |
-    Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhdts-8]
-    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651203
-contact:
-- Martin Cermak <mcermak@redhat.com>
-component:
-- elfutils
-test: ./runtest.sh
-framework: beakerlib
-recommend:
-- elfutils
-duration: 48h
-extra-summary: /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
-extra-task: /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c

tests/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c/runtest.sh

@@ -1,38 +0,0 @@
-#!/bin/bash
-# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   runtest.sh of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
-#   Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-# Include Beaker environment
-. /usr/share/beakerlib/beakerlib.sh || exit 1
-
-PACKAGE="elfutils"
-
-rlJournalStart
-    rlPhaseStartTest
-	rlRun "eu-ranlib POC2"
-    rlPhaseEnd
-rlJournalPrintText
-rlJournalEnd

tests/Security/CVE-2019-7146/Makefile

@@ -1,64 +0,0 @@
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Makefile of /tools/elfutils/Security/CVE-2019-7146
-#   Description: CVE-2019-7146
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-export TEST=/tools/elfutils/Security/CVE-2019-7146
-export TESTVERSION=1.0
-
-BUILT_FILES=
-
-FILES=$(METADATA) runtest.sh Makefile PURPOSE poc
-
-.PHONY: all install download clean
-
-run: $(FILES) build
-	./runtest.sh
-
-build: $(BUILT_FILES)
-	test -x runtest.sh || chmod a+x runtest.sh
-
-clean:
-	rm -f *~ $(BUILT_FILES)
-
-
-include /usr/share/rhts/lib/rhts-make.include
-
-$(METADATA): Makefile
-	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
-	@echo "Name:            $(TEST)" >> $(METADATA)
-	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
-	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
-	@echo "Description:     CVE-2019-7146" >> $(METADATA)
-	@echo "Type:            Security" >> $(METADATA)
-	@echo "TestTime:        48h" >> $(METADATA)
-	@echo "RunFor:          elfutils" >> $(METADATA)
-	@echo "Requires:        elfutils" >> $(METADATA)
-	@echo "Requires:        valgrind" >> $(METADATA)
-	@echo "Priority:        Normal" >> $(METADATA)
-	@echo "License:         GPLv2+" >> $(METADATA)
-	@echo "Confidential:    no" >> $(METADATA)
-	@echo "Destructive:     no" >> $(METADATA)
-	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
-
-	rhts-lint $(METADATA)

tests/Security/CVE-2019-7146/PURPOSE

@@ -1,3 +0,0 @@
-PURPOSE of /tools/elfutils/Security/CVE-2019-7146
-Description: CVE-2019-7146
-Author: Martin Cermak <mcermak@redhat.com>

tests/Security/CVE-2019-7146/main.fmf

@@ -1,14 +0,0 @@
-summary: CVE-2019-7146
-description: ''
-contact:
-- Martin Cermak <mcermak@redhat.com>
-component:
-- elfutils
-test: ./runtest.sh
-framework: beakerlib
-recommend:
-- elfutils
-- valgrind
-duration: 48h
-extra-summary: /tools/elfutils/Security/CVE-2019-7146
-extra-task: /tools/elfutils/Security/CVE-2019-7146

tests/Security/CVE-2019-7146/runtest.sh

@@ -1,41 +0,0 @@
-#!/bin/bash
-# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   runtest.sh of /tools/elfutils/Security/CVE-2019-7146
-#   Description: CVE-2019-7146
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-# Include Beaker environment
-. /usr/share/beakerlib/beakerlib.sh || exit 1
-
-PACKAGE="elfutils"
-
-rlJournalStart
-    rlPhaseStartTest
-       # https://svn.devel.redhat.com/repos/srtvulns/trunk/components/elfutils/CVE-2019-7146/
-       # Expected Output
-       # An error instead of segfault.
-       rlRun "valgrind -q --error-exitcode=99 eu-readelf -a ./poc" 1
-    rlPhaseEnd
-rlJournalPrintText
-rlJournalEnd

tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/Makefile

@@ -1,64 +0,0 @@
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Makefile of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
-#   Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-export TEST=/tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
-export TESTVERSION=1.0
-
-BUILT_FILES=
-
-FILES=$(METADATA) runtest.sh Makefile PURPOSE POC1
-
-.PHONY: all install download clean
-
-run: $(FILES) build
-	./runtest.sh
-
-build: $(BUILT_FILES)
-	test -x runtest.sh || chmod a+x runtest.sh
-
-clean:
-	rm -f *~ $(BUILT_FILES)
-
-
-include /usr/share/rhts/lib/rhts-make.include
-
-$(METADATA): Makefile
-	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
-	@echo "Name:            $(TEST)" >> $(METADATA)
-	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
-	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
-	@echo "Description:     CVE-2019-7149-elfutils-heap-based-buffer-over-read" >> $(METADATA)
-	@echo "Type:            Security" >> $(METADATA)
-	@echo "TestTime:        48h" >> $(METADATA)
-	@echo "RunFor:          elfutils" >> $(METADATA)
-	@echo "Requires:        elfutils valgrind" >> $(METADATA)
-	@echo "Priority:        Normal" >> $(METADATA)
-	@echo "License:         GPLv2+" >> $(METADATA)
-	@echo "Confidential:    no" >> $(METADATA)
-	@echo "Destructive:     no" >> $(METADATA)
-	@echo "Bug:             1680056" >> $(METADATA)
-	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
-
-	rhts-lint $(METADATA)

tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/PURPOSE

@@ -1,5 +0,0 @@
-PURPOSE of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
-Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read
-Author: Martin Cermak <mcermak@redhat.com>
-Bug summary: elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw [rhdts-8]
-Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680056

tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/main.fmf

@@ -1,16 +0,0 @@
-summary: CVE-2019-7149-elfutils-heap-based-buffer-over-read
-description: |
-    Bug summary: elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw [rhdts-8]
-    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680056
-contact:
-- Martin Cermak <mcermak@redhat.com>
-component:
-- elfutils
-test: ./runtest.sh
-framework: beakerlib
-recommend:
-- elfutils
-- valgrind
-duration: 48h
-extra-summary: /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
-extra-task: /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read

tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/runtest.sh

@@ -1,43 +0,0 @@
-#!/bin/bash
-# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   runtest.sh of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
-#   Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-# Include Beaker environment
-. /usr/share/beakerlib/beakerlib.sh || exit 1
-
-PACKAGE="elfutils"
-
-rlJournalStart
-    rlPhaseStartTest
-	rlRun "which valgrind eu-nm"
-	# With RHEL I saw the invalid read of size 1 on aarch64 and ppc64le
-	# using devtoolset-7-elfutils-0.170-5.el7.  I also saw it on x86_64
-	# with base rhel elfutils-0.172-2.el7.x86_64.
-	# IOW - It doesn't reproduce "everywhere".
-	rlRun "valgrind -q --error-exitcode=99 eu-nm -C POC1"
-    rlPhaseEnd
-rlJournalPrintText
-rlJournalEnd

tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/Makefile

@@ -1,64 +0,0 @@
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Makefile of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
-#   Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-export TEST=/tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
-export TESTVERSION=1.0
-
-BUILT_FILES=
-
-FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
-
-.PHONY: all install download clean
-
-run: $(FILES) build
-	./runtest.sh
-
-build: $(BUILT_FILES)
-	test -x runtest.sh || chmod a+x runtest.sh
-
-clean:
-	rm -f *~ $(BUILT_FILES)
-
-
-include /usr/share/rhts/lib/rhts-make.include
-
-$(METADATA): Makefile
-	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
-	@echo "Name:            $(TEST)" >> $(METADATA)
-	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
-	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
-	@echo "Description:     CVE-2019-7150-segmentation-fault-in-elf64_xlatetom" >> $(METADATA)
-	@echo "Type:            Security" >> $(METADATA)
-	@echo "TestTime:        48h" >> $(METADATA)
-	@echo "RunFor:          elfutils" >> $(METADATA)
-	@echo "Requires:        elfutils valgrind" >> $(METADATA)
-	@echo "Priority:        Normal" >> $(METADATA)
-	@echo "License:         GPLv2+" >> $(METADATA)
-	@echo "Confidential:    no" >> $(METADATA)
-	@echo "Destructive:     no" >> $(METADATA)
-	@echo "Bug:             1680046" >> $(METADATA)
-	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
-
-	rhts-lint $(METADATA)

tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/PURPOSE

@@ -1,5 +0,0 @@
-PURPOSE of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
-Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
-Author: Martin Cermak <mcermak@redhat.com>
-Bug summary: elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c [rhel-7]
-Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680046

tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/main.fmf

@@ -1,16 +0,0 @@
-summary: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
-description: |
-    Bug summary: elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c [rhel-7]
-    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680046
-contact:
-- Martin Cermak <mcermak@redhat.com>
-component:
-- elfutils
-test: ./runtest.sh
-framework: beakerlib
-recommend:
-- elfutils
-- valgrind
-duration: 48h
-extra-summary: /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
-extra-task: /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom

tests/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom/runtest.sh

@@ -1,40 +0,0 @@
-#!/bin/bash
-# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   runtest.sh of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
-#   Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-# Include Beaker environment
-. /usr/share/beakerlib/beakerlib.sh || exit 1
-
-PACKAGE="elfutils"
-
-rlJournalStart
-    rlPhaseStartTest
-	# An error is expected (2), but a SEGV is not (139).
-	# Reproduced with elfutils-0.172-2.el7, verified with elfutils-0.176-1.el7
-	rlRun "valgrind -q --error-exitcode=99 eu-stack --core=POC2" 2
-    rlPhaseEnd
-rlJournalPrintText
-rlJournalEnd

tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/Makefile

@@ -1,64 +0,0 @@
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Makefile of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
-#   Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-export TEST=/tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
-export TESTVERSION=1.0
-
-BUILT_FILES=
-
-FILES=$(METADATA) runtest.sh Makefile PURPOSE POC
-
-.PHONY: all install download clean
-
-run: $(FILES) build
-	./runtest.sh
-
-build: $(BUILT_FILES)
-	test -x runtest.sh || chmod a+x runtest.sh
-
-clean:
-	rm -f *~ $(BUILT_FILES)
-
-
-include /usr/share/rhts/lib/rhts-make.include
-
-$(METADATA): Makefile
-	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
-	@echo "Name:            $(TEST)" >> $(METADATA)
-	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
-	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
-	@echo "Description:     CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note" >> $(METADATA)
-	@echo "Type:            Security" >> $(METADATA)
-	@echo "TestTime:        48h" >> $(METADATA)
-	@echo "RunFor:          elfutils" >> $(METADATA)
-	@echo "Requires:        elfutils valgrind" >> $(METADATA)
-	@echo "Priority:        Normal" >> $(METADATA)
-	@echo "License:         GPLv2+" >> $(METADATA)
-	@echo "Confidential:    no" >> $(METADATA)
-	@echo "Destructive:     no" >> $(METADATA)
-	@echo "Bug:             1679071" >> $(METADATA)
-	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
-
-	rhts-lint $(METADATA)

tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/PURPOSE

@@ -1,5 +0,0 @@
-PURPOSE of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
-Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
-Author: Martin Cermak <mcermak@redhat.com>
-Bug summary: elfutils: Out of bound write in elf_cvt_note in libelf/note_xlate.h [rhel-7]
-Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679071

tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/main.fmf

@@ -1,16 +0,0 @@
-summary: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
-description: |
-    Bug summary: elfutils: Out of bound write in elf_cvt_note in libelf/note_xlate.h [rhel-7]
-    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679071
-contact:
-- Martin Cermak <mcermak@redhat.com>
-component:
-- elfutils
-test: ./runtest.sh
-framework: beakerlib
-recommend:
-- elfutils
-- valgrind
-duration: 48h
-extra-summary: /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
-extra-task: /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note

tests/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note/runtest.sh

@@ -1,40 +0,0 @@
-#!/bin/bash
-# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   runtest.sh of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
-#   Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-# Include Beaker environment
-. /usr/share/beakerlib/beakerlib.sh || exit 1
-
-PACKAGE="elfutils"
-
-rlJournalStart
-    rlPhaseStartTest
-	# Reproduced with elfutils-0.174-5.fc28.x86_64
-	# This is expected to fail (1), but not to segfault (139).
-	rlRun "valgrind -q --error-exitcode=99 eu-elflint -d POC" 1
-    rlPhaseEnd
-rlJournalPrintText
-rlJournalEnd

tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/Makefile

@@ -1,64 +0,0 @@
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Makefile of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
-#   Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-export TEST=/tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
-export TESTVERSION=1.0
-
-BUILT_FILES=
-
-FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
-
-.PHONY: all install download clean
-
-run: $(FILES) build
-	./runtest.sh
-
-build: $(BUILT_FILES)
-	test -x runtest.sh || chmod a+x runtest.sh
-
-clean:
-	rm -f *~ $(BUILT_FILES)
-
-
-include /usr/share/rhts/lib/rhts-make.include
-
-$(METADATA): Makefile
-	@echo "Owner:           Martin Cermak <mcermak@redhat.com>" > $(METADATA)
-	@echo "Name:            $(TEST)" >> $(METADATA)
-	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
-	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
-	@echo "Description:     CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom" >> $(METADATA)
-	@echo "Type:            Security" >> $(METADATA)
-	@echo "TestTime:        48h" >> $(METADATA)
-	@echo "RunFor:          elfutils" >> $(METADATA)
-	@echo "Requires:        elfutils valgrind" >> $(METADATA)
-	@echo "Priority:        Normal" >> $(METADATA)
-	@echo "License:         GPLv2+" >> $(METADATA)
-	@echo "Confidential:    no" >> $(METADATA)
-	@echo "Destructive:     no" >> $(METADATA)
-	@echo "Bug:             1679078" >> $(METADATA)
-	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
-
-	rhts-lint $(METADATA)

tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/PURPOSE

@@ -1,5 +0,0 @@
-PURPOSE of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
-Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
-Author: Martin Cermak <mcermak@redhat.com>
-Bug summary: elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c [rhel-7]
-Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679078

tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/main.fmf

@@ -1,16 +0,0 @@
-summary: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
-description: |
-    Bug summary: elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c [rhel-7]
-    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679078
-contact:
-- Martin Cermak <mcermak@redhat.com>
-component:
-- elfutils
-test: ./runtest.sh
-framework: beakerlib
-recommend:
-- elfutils
-- valgrind
-duration: 48h
-extra-summary: /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
-extra-task: /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom

tests/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom/runtest.sh

@@ -1,41 +0,0 @@
-#!/bin/bash
-# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   runtest.sh of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
-#   Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
-#   Author: Martin Cermak <mcermak@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2019 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-# Include Beaker environment
-. /usr/share/beakerlib/beakerlib.sh || exit 1
-
-PACKAGE="elfutils"
-
-rlJournalStart
-    rlPhaseStartTest
-	# We expect 1, but not 99 ...
-	# Reproduced with valgrind-3.13.0-13.el7 and elfutils-0.172-2.el7
-	# Verified with valgrind-3.14.0-16.el7 and elfutils-0.176-1.el7
-	rlRun "valgrind -q --error-exitcode=99 eu-readelf -a POC2" 1
-    rlPhaseEnd
-rlJournalPrintText
-rlJournalEnd

tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/Makefile

@@ -1,63 +0,0 @@
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Makefile of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
-#   Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
-#   Author: Vaclav Kadlcik <vkadlcik@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2014 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-export TEST=/tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
-export TESTVERSION=1.0
-
-BUILT_FILES=
-
-FILES=$(METADATA) runtest.sh Makefile PURPOSE dwz-overflow.elf
-
-.PHONY: all install download clean
-
-run: $(FILES) build
-	./runtest.sh
-
-build: $(BUILT_FILES)
-	test -x runtest.sh || chmod a+x runtest.sh
-
-clean:
-	rm -f *~ $(BUILT_FILES)
-
-
-include /usr/share/rhts/lib/rhts-make.include
-
-$(METADATA): Makefile
-	@echo "Owner:           Vaclav Kadlcik <vkadlcik@redhat.com>" > $(METADATA)
-	@echo "Name:            $(TEST)" >> $(METADATA)
-	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
-	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
-	@echo "Description:     CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw" >> $(METADATA)
-	@echo "Type:            Security" >> $(METADATA)
-	@echo "TestTime:        5m" >> $(METADATA)
-	@echo "RunFor:          elfutils" >> $(METADATA)
-	@echo "Requires:        elfutils" >> $(METADATA)
-	@echo "Priority:        Normal" >> $(METADATA)
-	@echo "License:         GPLv2+" >> $(METADATA)
-	@echo "Confidential:    no" >> $(METADATA)
-	@echo "Destructive:     no" >> $(METADATA)
-	@echo "Bug:             1139128" >> $(METADATA)
-
-	rhts-lint $(METADATA)

tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/PURPOSE

@@ -1,5 +0,0 @@
-PURPOSE of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
-Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
-Author: Vaclav Kadlcik <vkadlcik@redhat.com>
-Bug summary: elfutils: integer overflow, leading to a heap-based buffer overflow in libdw [rhel-6.6]
-Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1139128

tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/main.fmf

@@ -1,16 +0,0 @@
-summary: 'CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer
-    overflow in libdw'
-description: |
-    Bug summary: elfutils: integer overflow, leading to a heap-based buffer overflow in libdw [rhel-6.6]
-    Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1139128
-contact:
-- Vaclav Kadlcik <vkadlcik@redhat.com>
-component:
-- elfutils
-test: ./runtest.sh
-framework: beakerlib
-recommend:
-- elfutils
-duration: 5m
-extra-summary: /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
-extra-task: /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow

tests/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow/runtest.sh

@@ -1,56 +0,0 @@
-#!/bin/bash
-# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   runtest.sh of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
-#   Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
-#   Author: Vaclav Kadlcik <vkadlcik@redhat.com>
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-#   Copyright (c) 2014 Red Hat, Inc.
-#
-#   This program is free software: you can redistribute it and/or
-#   modify it under the terms of the GNU General Public License as
-#   published by the Free Software Foundation, either version 2 of
-#   the License, or (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be
-#   useful, but WITHOUT ANY WARRANTY; without even the implied
-#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#   PURPOSE.  See the GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program. If not, see http://www.gnu.org/licenses/.
-#
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-# Include Beaker environment
-. /usr/share/beakerlib/beakerlib.sh || exit 1
-
-PACKAGE="elfutils"
-
-# Reproducer by Florian Weimer
-REPRODUCING_FILE=dwz-overflow.elf
-
-rlJournalStart
-    rlPhaseStartSetup
-        rlAssertRpm $PACKAGE
-        rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
-        rlRun "cp $REPRODUCING_FILE $TmpDir" 0
-        rlRun "pushd $TmpDir"
-    rlPhaseEnd
-
-    rlPhaseStartTest
-        # eu-readelf since 0.153 was vulnerable.
-        # The following crashed with "Segmentation fault"
-        # and exit value 139.
-        rlRun "eu-readelf -w $REPRODUCING_FILE" 0,1 'eu-readelf should not crash'
-    rlPhaseEnd
-
-    rlPhaseStartCleanup
-        rlRun "popd"
-        rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
-    rlPhaseEnd
-rlJournalPrintText
-rlJournalEnd