Compare commits

...

9 Commits
rawhide ... f35

Author SHA1 Message Date
Mark Wielaard
29d9906e6b 0.187-4
- Add elfutils-0.187-mhd_no_dual_stack.patch
- Add elfutils-0.187-mhd_epoll.patch
2022-06-23 19:13:51 +02:00
Mark Wielaard
4f4eee4ca3 0.187-3 - Add elfutils-0.187-debuginfod-client-fd-leak.patch 2022-06-23 19:12:55 +02:00
Mark Wielaard
197c1a46d5 0.187-2 - Add elfutils-0.187-csh-profile.patch
Resolves: #2080957
"Ambiguous output redirect" warning with csh or tcsh
2022-06-23 19:12:42 +02:00
Mark Wielaard
7ffb94911b 0.187-1 - Upgrade to elfutils 0.187 2022-06-23 19:12:28 +02:00
Mark Wielaard
12adbb8900 0.186-5 - Add another explicit versioned requires 2022-06-23 19:12:20 +02:00
Mark Wielaard
00bc2130ca 0.186-4 - Add an explicit versioned requires 2022-06-23 19:12:13 +02:00
Mark Wielaard
a3096b0722 0.186-3 - Add support for FDO packaging metadata
Also add s390x big endian workaround for broken FDO ELF note.
And a workaround for ppc64le -Werror=null-dereference
2022-06-23 19:11:54 +02:00
Mark Wielaard
98fbdf29b0 0.186-1 - Upgrade to upstream 0.186 2021-11-18 20:55:06 +01:00
Martin Cermak
bd36b901ed CI Gating: Use Regression and Sanity tests in automated runs 2021-11-16 11:59:24 +01:00
87 changed files with 418 additions and 2085 deletions

2
.gitignore vendored
View File

@ -26,3 +26,5 @@
/elfutils-0.183.tar.bz2 /elfutils-0.183.tar.bz2
/elfutils-0.184.tar.bz2 /elfutils-0.184.tar.bz2
/elfutils-0.185.tar.bz2 /elfutils-0.185.tar.bz2
/elfutils-0.186.tar.bz2
/elfutils-0.187.tar.bz2

View File

@ -1,125 +0,0 @@
commit 9aee0992d6e6ec4cce2c015d8da4b61022c6f6dd
Author: Mark Wielaard <mark@klomp.org>
Date: Wed Aug 4 21:01:27 2021 +0200
tests: Allow an extra pthread_kill frame in backtrace tests
glibc 2.34 calls pthread_kill from the raise function. Before raise
directly called the (tg)kill syscall. So allow pthread_kill to be the
first frame in a backtrace where raise is expected. Also change some
asserts to fprintf plus abort to make it more clear why the testcase
fails.
https://sourceware.org/bugzilla/show_bug.cgi?id=28190
Signed-off-by: Mark Wielaard <mark@klomp.org>
diff --git a/tests/backtrace.c b/tests/backtrace.c
index 36c8b8c4..afc12fb9 100644
--- a/tests/backtrace.c
+++ b/tests/backtrace.c
@@ -97,6 +97,9 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc,
static bool reduce_frameno = false;
if (reduce_frameno)
frameno--;
+ static bool pthread_kill_seen = false;
+ if (pthread_kill_seen)
+ frameno--;
if (! use_raise_jmp_patching && frameno >= 2)
frameno += 2;
const char *symname2 = NULL;
@@ -107,11 +110,26 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc,
&& (strcmp (symname, "__kernel_vsyscall") == 0
|| strcmp (symname, "__libc_do_syscall") == 0))
reduce_frameno = true;
+ else if (! pthread_kill_seen && symname
+ && strstr (symname, "pthread_kill") != NULL)
+ pthread_kill_seen = true;
else
- assert (symname && strcmp (symname, "raise") == 0);
+ {
+ if (!symname || strcmp (symname, "raise") != 0)
+ {
+ fprintf (stderr,
+ "case 0: expected symname 'raise' got '%s'\n", symname);
+ abort ();
+ }
+ }
break;
case 1:
- assert (symname != NULL && strcmp (symname, "sigusr2") == 0);
+ if (symname == NULL || strcmp (symname, "sigusr2") != 0)
+ {
+ fprintf (stderr,
+ "case 1: expected symname 'sigusr2' got '%s'\n", symname);
+ abort ();
+ }
break;
case 2: // x86_64 only
/* __restore_rt - glibc maybe does not have to have this symbol. */
@@ -120,11 +138,21 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc,
if (use_raise_jmp_patching)
{
/* Verify we trapped on the very first instruction of jmp. */
- assert (symname != NULL && strcmp (symname, "jmp") == 0);
+ if (symname == NULL || strcmp (symname, "jmp") != 0)
+ {
+ fprintf (stderr,
+ "case 3: expected symname 'raise' got '%s'\n", symname);
+ abort ();
+ }
mod = dwfl_addrmodule (dwfl, pc - 1);
if (mod)
symname2 = dwfl_module_addrname (mod, pc - 1);
- assert (symname2 == NULL || strcmp (symname2, "jmp") != 0);
+ if (symname2 == NULL || strcmp (symname2, "jmp") != 0)
+ {
+ fprintf (stderr,
+ "case 3: expected symname2 'jmp' got '%s'\n", symname2);
+ abort ();
+ }
break;
}
FALLTHROUGH;
@@ -137,11 +165,22 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc,
duplicate_sigusr2 = true;
break;
}
- assert (symname != NULL && strcmp (symname, "stdarg") == 0);
+ if (symname == NULL || strcmp (symname, "stdarg") != 0)
+ {
+ fprintf (stderr,
+ "case 4: expected symname 'stdarg' got '%s'\n", symname);
+ abort ();
+ }
break;
case 5:
/* Verify we trapped on the very last instruction of child. */
- assert (symname != NULL && strcmp (symname, "backtracegen") == 0);
+ if (symname == NULL || strcmp (symname, "backtracegen") != 0)
+ {
+ fprintf (stderr,
+ "case 5: expected symname 'backtracegen' got '%s'\n",
+ symname);
+ abort ();
+ }
mod = dwfl_addrmodule (dwfl, pc);
if (mod)
symname2 = dwfl_module_addrname (mod, pc);
@@ -151,7 +190,15 @@ callback_verify (pid_t tid, unsigned frameno, Dwarf_Addr pc,
// instructions or even inserts some padding instructions at the end
// (which apparently happens on ppc64).
if (use_raise_jmp_patching)
- assert (symname2 == NULL || strcmp (symname2, "backtracegen") != 0);
+ {
+ if (symname2 != NULL && strcmp (symname2, "backtracegen") == 0)
+ {
+ fprintf (stderr,
+ "use_raise_jmp_patching didn't expect symname2 "
+ "'backtracegen'\n");
+ abort ();
+ }
+ }
break;
}
}

View File

@ -0,0 +1,35 @@
diff --git a/libelf/gelf_getnote.c b/libelf/gelf_getnote.c
index 0f7b9d68..6ef970c5 100644
--- a/libelf/gelf_getnote.c
+++ b/libelf/gelf_getnote.c
@@ -31,6 +31,7 @@
#endif
#include <assert.h>
+#include <byteswap.h>
#include <gelf.h>
#include <string.h>
@@ -73,6 +74,22 @@ gelf_getnote (Elf_Data *data, size_t offset, GElf_Nhdr *result,
offset = 0;
else
{
+ /* Workaround FDO package notes on big-endian systems,
+ getting namesz and descsz wrong. Detect it by getting
+ a bad namesz, descsz and byte swapped n_type for
+ NT_FDO_PACKAGING_METADATA. */
+ if (unlikely (n->n_type == bswap_32 (NT_FDO_PACKAGING_METADATA)
+ && n->n_namesz > data->d_size
+ && n->n_descsz > data->d_size))
+ {
+ /* n might not be writable, use result and redirect n. */
+ *result = *n;
+ result->n_type = bswap_32 (n->n_type);
+ result->n_namesz = bswap_32 (n->n_namesz);
+ result->n_descsz = bswap_32 (n->n_descsz);
+ n = result;
+ }
+
/* This is slightly tricky, offset is guaranteed to be 4
byte aligned, which is what we need for the name_offset.
And normally desc_offset is also 4 byte aligned, but not

View File

@ -0,0 +1,28 @@
commit f1252e4dbe781f75d806ce0b990779548eeeb7a9
Author: Mark Wielaard <mark@klomp.org>
Date: Tue May 3 17:48:55 2022 +0200
config: Move the 2>/dev/null inside the sh -c '' quotes for profile.csh.
csh/tcsh would warn about "Ambiguous output redirect" if not done inside
the sh -c command.
Fix-by: наб <nabijaczleweli@nabijaczleweli.xyz>
https://bugzilla.redhat.com/show_bug.cgi?id=2080957
Signed-off-by: Mark Wielaard <mark@klomp.org>
diff --git a/config/profile.csh.in b/config/profile.csh.in
index 012e243a..74c20c99 100644
--- a/config/profile.csh.in
+++ b/config/profile.csh.in
@@ -6,7 +6,7 @@
if (! $?DEBUGINFOD_URLS) then
set prefix="@prefix@"
- set DEBUGINFOD_URLS=`sh -c 'cat "$0"/*.urls; :' "@sysconfdir@/debuginfod" 2>/dev/null | tr '\n' ' '`
+ set DEBUGINFOD_URLS=`sh -c 'cat "$0"/*.urls 2>/dev/null; :' "@sysconfdir@/debuginfod" | tr '\n' ' '`
if ( "$DEBUGINFOD_URLS" != "" ) then
setenv DEBUGINFOD_URLS "$DEBUGINFOD_URLS"
else

View File

@ -0,0 +1,98 @@
commit 59158656f3b0b99d8784ddc82c15778813000edc
Author: Frank Ch. Eigler <fche@redhat.com>
Date: Wed May 4 10:26:42 2022 -0400
PR29117: fix fd leak in debuginfod client for cache-miss files
Correct a nasty fd leak and a few less nasty leaks in the debuginfod
client code. The nasty one impacts long-lived apps such as debuginfod
servers.
Signed-off-by: Mark Wielaard <mark@klomp.org>
Signed-off-by: Frank Ch. Eigler <fche@redhat.com>
diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c
index ea6e461a..521972e4 100644
--- a/debuginfod/debuginfod-client.c
+++ b/debuginfod/debuginfod-client.c
@@ -243,7 +243,13 @@ debuginfod_config_cache(char *config_path,
return -errno;
if (dprintf(fd, "%ld", cache_config_default_s) < 0)
- return -errno;
+ {
+ int ret = -errno;
+ close (fd);
+ return ret;
+ }
+
+ close (fd);
}
long cache_config;
@@ -284,7 +290,13 @@ debuginfod_init_cache (char *cache_path, char *interval_path, char *maxage_path)
return -errno;
if (dprintf(fd, "%ld", cache_clean_default_interval_s) < 0)
- return -errno;
+ {
+ int ret = -errno;
+ close (fd);
+ return ret;
+ }
+
+ close (fd);
/* init max age config file. */
if (stat(maxage_path, &st) != 0
@@ -292,8 +304,13 @@ debuginfod_init_cache (char *cache_path, char *interval_path, char *maxage_path)
return -errno;
if (dprintf(fd, "%ld", cache_default_max_unused_age_s) < 0)
- return -errno;
+ {
+ int ret = -errno;
+ close (fd);
+ return ret;
+ }
+ close (fd);
return 0;
}
@@ -812,18 +829,17 @@ debuginfod_query_server (debuginfod_client *c,
has passed since the last attempt. */
time_t cache_miss;
time_t target_mtime = st.st_mtime;
+
+ close(fd); /* no need to hold onto the negative-hit file descriptor */
+
rc = debuginfod_config_cache(cache_miss_path,
cache_miss_default_s, &st);
if (rc < 0)
- {
- close(fd);
- goto out;
- }
+ goto out;
cache_miss = (time_t)rc;
if (time(NULL) - target_mtime <= cache_miss)
{
- close(fd);
rc = -ENOENT;
goto out;
}
diff --git a/debuginfod/debuginfod-find.c b/debuginfod/debuginfod-find.c
index 3e8ab203..f60b5463 100644
--- a/debuginfod/debuginfod-find.c
+++ b/debuginfod/debuginfod-find.c
@@ -231,6 +231,8 @@ main(int argc, char** argv)
fprintf(stderr, "Server query failed: %s\n", strerror(-rc));
return 1;
}
+ else
+ close (rc);
printf("%s\n", cache_name);
free (cache_name);

View File

@ -0,0 +1,51 @@
commit 28f9d86ea89f88b24f1d12c8e9d5ddc3f77da194
Author: Mark Wielaard <mark@klomp.org>
Date: Fri May 6 00:29:28 2022 +0200
debuginfod: Use MHD_USE_EPOLL for libmicrohttpd version 0.9.51 or higher
Also disable MHD_USE_THREAD_PER_CONNECTION when using MHD_USE_EPOLL.
https://sourceware.org/bugzilla/show_bug.cgi?id=29123
Signed-off-by: Mark Wielaard <mark@klomp.org>
diff --git a/debuginfod/debuginfod.cxx b/debuginfod/debuginfod.cxx
index c02540f1..d4f47bf7 100644
--- a/debuginfod/debuginfod.cxx
+++ b/debuginfod/debuginfod.cxx
@@ -1,6 +1,6 @@
/* Debuginfo-over-http server.
Copyright (C) 2019-2021 Red Hat, Inc.
- Copyright (C) 2021 Mark J. Wielaard <mark@klomp.org>
+ Copyright (C) 2021, 2022 Mark J. Wielaard <mark@klomp.org>
This file is part of elfutils.
This file is free software; you can redistribute it and/or modify
@@ -3899,7 +3899,14 @@ main (int argc, char *argv[])
}
}
- unsigned int mhd_flags = ((connection_pool
+ /* Note that MHD_USE_EPOLL and MHD_USE_THREAD_PER_CONNECTION don't
+ work together. */
+ unsigned int use_epoll = 0;
+#if MHD_VERSION >= 0x00095100
+ use_epoll = MHD_USE_EPOLL;
+#endif
+
+ unsigned int mhd_flags = ((connection_pool || use_epoll
? 0 : MHD_USE_THREAD_PER_CONNECTION)
#if MHD_VERSION >= 0x00095300
| MHD_USE_INTERNAL_POLLING_THREAD
@@ -3907,9 +3914,7 @@ main (int argc, char *argv[])
| MHD_USE_SELECT_INTERNALLY
#endif
| MHD_USE_DUAL_STACK
-#ifdef MHD_USE_EPOLL
- | MHD_USE_EPOLL
-#endif
+ | use_epoll
#if MHD_VERSION >= 0x00095200
| MHD_USE_ITC
#endif

View File

@ -0,0 +1,118 @@
commit ba675ed25a26fd425ffd19b02cf18babf4291b4f
Author: Mark Wielaard <mark@klomp.org>
Date: Thu May 5 23:59:57 2022 +0200
debuginfod: Try without MHD_USE_DUAL_STACK if MHD_start_daemon fails
On a systems that have ipv6 disabled debuginfod doesn't start up
anymore because libhttpd MHD_USE_DUAL_STACK only works if it can
open an ipv6 socket. If MHD_start_daemon with MHD_USE_DUAL_STACK
fails try again without that flag set.
https://sourceware.org/bugzilla/show_bug.cgi?id=29122
Signed-off-by: Mark Wielaard <mark@klomp.org>
diff --git a/debuginfod/debuginfod.cxx b/debuginfod/debuginfod.cxx
index 4aaf41c0..c02540f1 100644
--- a/debuginfod/debuginfod.cxx
+++ b/debuginfod/debuginfod.cxx
@@ -3899,40 +3899,67 @@ main (int argc, char *argv[])
}
}
- // Start httpd server threads. Use a single dual-homed pool.
- MHD_Daemon *d46 = MHD_start_daemon ((connection_pool ? 0 : MHD_USE_THREAD_PER_CONNECTION)
+ unsigned int mhd_flags = ((connection_pool
+ ? 0 : MHD_USE_THREAD_PER_CONNECTION)
#if MHD_VERSION >= 0x00095300
- | MHD_USE_INTERNAL_POLLING_THREAD
+ | MHD_USE_INTERNAL_POLLING_THREAD
#else
- | MHD_USE_SELECT_INTERNALLY
+ | MHD_USE_SELECT_INTERNALLY
#endif
+ | MHD_USE_DUAL_STACK
#ifdef MHD_USE_EPOLL
- | MHD_USE_EPOLL
+ | MHD_USE_EPOLL
#endif
- | MHD_USE_DUAL_STACK
#if MHD_VERSION >= 0x00095200
- | MHD_USE_ITC
+ | MHD_USE_ITC
#endif
- | MHD_USE_DEBUG, /* report errors to stderr */
- http_port,
- NULL, NULL, /* default accept policy */
- handler_cb, NULL, /* handler callback */
- MHD_OPTION_EXTERNAL_LOGGER, error_cb, NULL,
- (connection_pool ? MHD_OPTION_THREAD_POOL_SIZE : MHD_OPTION_END),
- (connection_pool ? (int)connection_pool : MHD_OPTION_END),
- MHD_OPTION_END);
+ | MHD_USE_DEBUG); /* report errors to stderr */
+ // Start httpd server threads. Use a single dual-homed pool.
+ MHD_Daemon *d46 = MHD_start_daemon (mhd_flags, http_port,
+ NULL, NULL, /* default accept policy */
+ handler_cb, NULL, /* handler callback */
+ MHD_OPTION_EXTERNAL_LOGGER,
+ error_cb, NULL,
+ (connection_pool
+ ? MHD_OPTION_THREAD_POOL_SIZE
+ : MHD_OPTION_END),
+ (connection_pool
+ ? (int)connection_pool
+ : MHD_OPTION_END),
+ MHD_OPTION_END);
+
+ MHD_Daemon *d4 = NULL;
if (d46 == NULL)
{
- sqlite3 *database = db;
- sqlite3 *databaseq = dbq;
- db = dbq = 0; // for signal_handler not to freak
- sqlite3_close (databaseq);
- sqlite3_close (database);
- error (EXIT_FAILURE, 0, "cannot start http server at port %d", http_port);
- }
+ // Cannot use dual_stack, use ipv4 only
+ mhd_flags &= ~(MHD_USE_DUAL_STACK);
+ d4 = MHD_start_daemon (mhd_flags, http_port,
+ NULL, NULL, /* default accept policy */
+ handler_cb, NULL, /* handler callback */
+ MHD_OPTION_EXTERNAL_LOGGER,
+ error_cb, NULL,
+ (connection_pool
+ ? MHD_OPTION_THREAD_POOL_SIZE
+ : MHD_OPTION_END),
+ (connection_pool
+ ? (int)connection_pool
+ : MHD_OPTION_END),
+ MHD_OPTION_END);
+ if (d4 == NULL)
+ {
+ sqlite3 *database = db;
+ sqlite3 *databaseq = dbq;
+ db = dbq = 0; // for signal_handler not to freak
+ sqlite3_close (databaseq);
+ sqlite3_close (database);
+ error (EXIT_FAILURE, 0, "cannot start http server at port %d",
+ http_port);
+ }
- obatched(clog) << "started http server on IPv4 IPv6 "
+ }
+ obatched(clog) << "started http server on"
+ << (d4 != NULL ? " IPv4 " : " IPv4 IPv6 ")
<< "port=" << http_port << endl;
// add maxigroom sql if -G given
@@ -4053,6 +4080,7 @@ main (int argc, char *argv[])
/* Stop all the web service threads. */
if (d46) MHD_stop_daemon (d46);
+ if (d4) MHD_stop_daemon (d4);
if (! passive_p)
{

View File

@ -1,6 +1,6 @@
Name: elfutils Name: elfutils
Version: 0.185 Version: 0.187
%global baserelease 5 %global baserelease 4
Release: %{baserelease}%{?dist} Release: %{baserelease}%{?dist}
URL: http://elfutils.org/ URL: http://elfutils.org/
%global source_url ftp://sourceware.org/pub/elfutils/%{version}/ %global source_url ftp://sourceware.org/pub/elfutils/%{version}/
@ -42,11 +42,11 @@ BuildRequires: pkgconfig(libarchive) >= 3.1.2
# For tests need to bunzip2 test files. # For tests need to bunzip2 test files.
BuildRequires: bzip2 BuildRequires: bzip2
BuildRequires: zstd BuildRequires: zstd
# For the run-debuginfod-find.sh test case in %%check for /usr/sbin/ss # For the run-debuginfod-find.sh test case in %%check for /usr/sbin/ss etc.
BuildRequires: iproute BuildRequires: iproute
BuildRequires: procps
BuildRequires: bsdtar BuildRequires: bsdtar
BuildRequires: curl BuildRequires: curl
BuildRequires: procps
BuildRequires: automake BuildRequires: automake
BuildRequires: autoconf BuildRequires: autoconf
@ -62,7 +62,17 @@ BuildRequires: gettext-devel
%endif %endif
# Patches # Patches
Patch1: elfutils-0.185-raise-pthread_kill-backtrace.patch
# For s390x... FDO package notes are bogus.
Patch1: elfutils-0.186-fdo-swap.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2080957
Patch2: elfutils-0.187-csh-profile.patch
# https://sourceware.org/bugzilla/show_bug.cgi?id=29117
Patch3: elfutils-0.187-debuginfod-client-fd-leak.patch
# https://sourceware.org/bugzilla/show_bug.cgi?id=29122
Patch4: elfutils-0.187-mhd_no_dual_stack.patch
# https://sourceware.org/bugzilla/show_bug.cgi?id=29123
Patch5: elfutils-0.187-mhd_epoll.patch
%description %description
Elfutils is a collection of utilities, including stack (to show Elfutils is a collection of utilities, including stack (to show
@ -187,6 +197,9 @@ License: GPLv3+ and (GPLv2+ or LGPLv3+)
%if 0%{!?_isa:1} %if 0%{!?_isa:1}
Provides: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release} Provides: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release}
%endif %endif
# For debuginfod-find binary
Requires: elfutils-libs%{depsuffix} = %{version}-%{release}
Requires: elfutils-libelf%{depsuffix} = %{version}-%{release}
%package debuginfod-client-devel %package debuginfod-client-devel
Summary: Libraries and headers to build debuginfod client applications Summary: Libraries and headers to build debuginfod client applications
@ -238,14 +251,6 @@ autoreconf -f -v -i
find . -name \*.sh ! -perm -0100 -print | xargs chmod +x find . -name \*.sh ! -perm -0100 -print | xargs chmod +x
%build %build
# This package uses top level ASM constructs which are incompatible with LTO.
# Top level ASMs are often used to implement symbol versioning. gcc-10
# introduces a new mechanism for symbol versioning which works with LTO.
# Converting packages to use that mechanism instead of toplevel ASMs is
# recommended.
# Disable LTO
%define _lto_cflags %{nil}
# Remove -Wall from default flags. The makefiles enable enough warnings # Remove -Wall from default flags. The makefiles enable enough warnings
# themselves, and they use -Werror. Appending -Wall defeats the cases where # themselves, and they use -Werror. Appending -Wall defeats the cases where
# the makefiles disable some specific warnings for specific code. # the makefiles disable some specific warnings for specific code.
@ -282,10 +287,7 @@ touch ${RPM_BUILD_ROOT}%{_localstatedir}/cache/debuginfod/debuginfod.sqlite
# Record some build root versions in build.log # Record some build root versions in build.log
uname -r; rpm -q binutils gcc glibc || true uname -r; rpm -q binutils gcc glibc || true
# FIXME for 0.186 %make_build check || (cat tests/test-suite.log; false)
# run-debuginfod-find.sh is a bad test
# %%make_build check || (cat tests/test-suite.log; false)
%make_build check || (cat tests/test-suite.log; true)
# Only the latest Fedora and EPEL have these scriptlets, # Only the latest Fedora and EPEL have these scriptlets,
# older Fedora and plain RHEL don't. # older Fedora and plain RHEL don't.
@ -377,7 +379,9 @@ fi
%{_libdir}/libdebuginfod.so.* %{_libdir}/libdebuginfod.so.*
%{_bindir}/debuginfod-find %{_bindir}/debuginfod-find
%{_mandir}/man1/debuginfod-find.1* %{_mandir}/man1/debuginfod-find.1*
%{_mandir}/man7/debuginfod*.7*
%config(noreplace) %{_sysconfdir}/profile.d/* %config(noreplace) %{_sysconfdir}/profile.d/*
%config(noreplace) %{_sysconfdir}/debuginfod/*
%files debuginfod-client-devel %files debuginfod-client-devel
%{_libdir}/pkgconfig/libdebuginfod.pc %{_libdir}/pkgconfig/libdebuginfod.pc
@ -409,6 +413,70 @@ exit 0
%systemd_postun_with_restart debuginfod.service %systemd_postun_with_restart debuginfod.service
%changelog %changelog
* Fri May 6 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.187-4
- Add elfutils-0.187-mhd_no_dual_stack.patch
- Add elfutils-0.187-mhd_epoll.patch
* Thu May 5 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.187-3
- Add elfutils-0.187-debuginfod-client-fd-leak.patch
* Tue May 3 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.187-2
- Add elfutils-0.187-csh-profile.patch
* Tue Apr 26 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.187-1
- Upgrade to elfutils 0.187
- debuginfod: Support -C option for connection thread pooling.
- debuginfod-client: Negative cache file are now zero sized instead
of no-permission files.
- addr2line: The -A, --absolute option, which shows file names
includingthe full compilation directory is now the
default. To get theold behavior use the new option --relative.
- readelf, elflint: Recognize FDO Packaging Metadata ELF notes
- libdw, debuginfo-client: Load libcurl lazily only when files need
to be fetched remotely. libcurl is now never loaded when
DEBUGINFOD_URLS is unset. And whenDEBUGINFOD_URLS is set,
libcurl is only loaded when the debuginfod_begin function is
called.
* Tue Apr 12 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.186-5
- Add an explicit versioned requires from elfutils-debuginfod-client
on elfutils-libelf.
* Thu Apr 7 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.186-4
- Add an explicit versioned requires from elfutils-debuginfod-client
on elfutils-libs.
* Fri Mar 25 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.186-3
- Add elfutils-0.186-elf-glibc.patch
- Add elfutils-0.186-fdo-ebl.patch
- Add elfutils-0.186-fdo-efllint.patch
- Add elfutils-0.186-fdo-swap.patch
- Add elfutils-0.186-ppc64le-error-return-workaround.patch
* Wed Nov 10 2021 Mark Wielaard <mjw@fedoraproject.org> - 0.186-1
- Upgrade to upstream 0.186
- debuginfod-client: Default $DEBUGINFOD_URLS is computed from
drop-in files /etc/debuginfod/*.urls rather than
hardcoded into the /etc/profile.d/debuginfod*
scripts.
Add $DEBUGINFOD_MAXSIZE and $DEBUGINFOD_MAXTIME settings
for skipping large/slow transfers.
Add $DEBUGINFOD_RETRY for retrying aborted lookups.
- debuginfod: Supply extra HTTP response headers, describing
archive/file names that satisfy the requested buildid content.
Support -d :memory: option for in-memory databases.
Protect against loops in federated server configurations.
Add -r option to use -I/-X regexes for grooming stale files.
Protect against wasted CPU from duplicate concurrent requests.
Limit the duration of groom ops roughly to rescan (-t) times.
Add --passive mode for serving from read-only database.
Several other performance improvements & prometheus metrics.
- libdw: Support for the NVIDIA Cuda line map extensions.
DW_LNE_NVIDIA_inlined_call and DW_LNE_NVIDIA_set_function_name
are defined in dwarf.h. New functions dwarf_linecontext and
dwarf_linefunctionname.
- translations: Update Japanese translation.
* Thu Aug 5 2021 Mark Wielaard <mjw@fedoraproject.org> - 0.185-5 * Thu Aug 5 2021 Mark Wielaard <mjw@fedoraproject.org> - 0.185-5
- Use autosetup - Use autosetup
- Add elfutils-0.185-raise-pthread_kill-backtrace.patch - Add elfutils-0.185-raise-pthread_kill-backtrace.patch

View File

@ -1 +1 @@
SHA512 (elfutils-0.185.tar.bz2) = 34de0de1355b11740e036e0fc64f2fc063587c8eb121b19216ee5548d3f0f268d8fc3995176c47190466b9d881007cfa11a9d01e9a50e38af6119492bf8bb47f SHA512 (elfutils-0.187.tar.bz2) = a9b9e32b503b8b50a62d4e4001097ed2721d3475232a6380e6b9853bd1647aec016440c0ca7ceb950daf1144f8db9814ab43cf33cc0ebef7fc91e9e775c9e874

View File

@ -1,64 +0,0 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
# Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE addr2line-buffer-over-flow1
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read" >> $(METADATA)
@echo "Type: Security" >> $(METADATA)
@echo "TestTime: 48h" >> $(METADATA)
@echo "RunFor: elfutils" >> $(METADATA)
@echo "Requires: elfutils valgrind" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 1625260" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -1,5 +0,0 @@
PURPOSE of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
Author: Martin Cermak <mcermak@redhat.com>
Bug summary: 2 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file [rhel-7]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625260

View File

@ -1,16 +0,0 @@
summary: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
description: |
Bug summary: 2 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file [rhel-7]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625260
contact:
- Martin Cermak <mcermak@redhat.com>
component:
- elfutils
test: ./runtest.sh
framework: beakerlib
recommend:
- elfutils
- valgrind
duration: 48h
extra-summary: /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
extra-task: /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read

View File

@ -1,39 +0,0 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /tools/elfutils/Security/CVE-2018-16062-elfutils-Heap-based-buffer-over-read
# Description: CVE-2018-16062-elfutils-Heap-based-buffer-over-read
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="elfutils"
rlJournalStart
rlPhaseStartTest
# Reproduced with elfutils-0.172-2.el7.x86_64 valgrind-3.13.0-13.el7.x86_64
rlRun "valgrind -q --error-exitcode=99 eu-addr2line -e addr2line-buffer-over-flow1 -- 500 50 10 -1000"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -1,65 +0,0 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
# Description: CVE-2018-16402-double-free-due-to-double-decompression
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2018 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE Double-free-libelf
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: CVE-2018-16402-double-free-due-to-double-decompression" >> $(METADATA)
@echo "Type: Security" >> $(METADATA)
@echo "TestTime: 48h" >> $(METADATA)
@echo "RunFor: nothing" >> $(METADATA)
@echo "Requires: elfutils" >> $(METADATA)
@echo "Requires: valgrind" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 1625052" >> $(METADATA)
@echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -1,5 +0,0 @@
PURPOSE of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
Description: CVE-2018-16402-double-free-due-to-double-decompression
Author: Martin Cermak <mcermak@redhat.com>
Bug summary: 2 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash [rhel-8]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625052

View File

@ -1,16 +0,0 @@
summary: CVE-2018-16402-double-free-due-to-double-decompression
description: |
Bug summary: 2 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash [rhel-8]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625052
contact:
- Martin Cermak <mcermak@redhat.com>
component:
- nothing
test: ./runtest.sh
framework: beakerlib
recommend:
- elfutils
- valgrind
duration: 48h
extra-summary: /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
extra-task: /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression

View File

@ -1,42 +0,0 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /tools/elfutils/Security/CVE-2018-16402-double-free-due-to-double-decompression
# Description: CVE-2018-16402-double-free-due-to-double-decompression
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2018 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="elfutils"
rlJournalStart
rlPhaseStartTest
TMP=$(mktemp)
rlRun "valgrind -q eu-readelf -S ./Double-free-libelf |& tee $TMP"
rlRun "fgrep 'Invalid free()' $TMP" 1
rlRun "fgrep 'Section Headers:' $TMP"
rm -f $TMP
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -1,65 +0,0 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
# Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2018 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE Buffer-over-readelf bz1532205.supp
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c" >> $(METADATA)
@echo "Type: Security" >> $(METADATA)
@echo "TestTime: 48h" >> $(METADATA)
@echo "RunFor: nothing" >> $(METADATA)
@echo "Requires: elfutils" >> $(METADATA)
@echo "Requires: valgrind" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: yes" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 1625057" >> $(METADATA)
@echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -1,5 +0,0 @@
PURPOSE of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
Author: Martin Cermak <mcermak@redhat.com>
Bug summary: 3 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash [rhel-8]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625057

View File

@ -1,25 +0,0 @@
{
<insert_a_suppression_name_here>
Memcheck:Cond
fun:_nl_explode_name
}
{
<insert_a_suppression_name_here>
Memcheck:Cond
fun:_nl_make_l10nflist
}
{
<insert_a_suppression_name_here>
Memcheck:Addr4
fun:_nl_make_l10nflist
}
{
<insert_a_suppression_name_here>
Memcheck:Addr4
fun:new_composite_name
}
{
<insert_a_suppression_name_here>
Memcheck:Cond
fun:_nl_explode_name
}

View File

@ -1,16 +0,0 @@
summary: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
description: |
Bug summary: 3 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash [rhel-8]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1625057
contact:
- Martin Cermak <mcermak@redhat.com>
component:
- nothing
test: ./runtest.sh
framework: beakerlib
recommend:
- elfutils
- valgrind
duration: 48h
extra-summary: /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
extra-task: /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c

View File

@ -1,43 +0,0 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /tools/elfutils/Security/CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
# Description: CVE-2018-16403-heap-based-buffer-over-read-in-libdw-dwarf_getabbrev-c
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2018 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="elfutils"
rlJournalStart
rlPhaseStartTest
arch | grep -q ppc64le && VGSUPP='--suppressions=bz1532205.supp' || VGSUPP=''
TMP=$(mktemp)
rlRun "valgrind $VGSUPP -q eu-readelf --debug-dump=abbrev ./Buffer-over-readelf |& tee $TMP"
rlRun "fgrep 'Invalid read of size' $TMP" 1
rlRun "fgrep 'Abbreviation section at offset' $TMP"
rm -f $TMP
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -1,64 +0,0 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
# Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC-stack
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference" >> $(METADATA)
@echo "Type: Security" >> $(METADATA)
@echo "TestTime: 48h" >> $(METADATA)
@echo "RunFor: elfutils" >> $(METADATA)
@echo "Requires: elfutils" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 1651567" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -1,5 +0,0 @@
PURPOSE of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference
Author: Martin Cermak <mcermak@redhat.com>
Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhdts-8]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651567

View File

@ -1,15 +0,0 @@
summary: CVE-2018-18310-elfutils-invalid-memory-address-dereference
description: |
Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhdts-8]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651567
contact:
- Martin Cermak <mcermak@redhat.com>
component:
- elfutils
test: ./runtest.sh
framework: beakerlib
recommend:
- elfutils
duration: 48h
extra-summary: /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
extra-task: /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference

View File

@ -1,39 +0,0 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /tools/elfutils/Security/CVE-2018-18310-elfutils-invalid-memory-address-dereference
# Description: CVE-2018-18310-elfutils-invalid-memory-address-dereference
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="elfutils"
rlJournalStart
rlPhaseStartTest
# Expect exitcode 2, unfixed package segfaults (139)
rlRun "eu-stack --core=POC-stack" 2
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -1,64 +0,0 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
# Description: CVE-2018-18310-invalid-memory-address-dereference
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2018 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC-stack bz1532205.supp
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: CVE-2018-18310-invalid-memory-address-dereference" >> $(METADATA)
@echo "Type: Security" >> $(METADATA)
@echo "TestTime: 48h" >> $(METADATA)
@echo "RunFor: nothing" >> $(METADATA)
@echo "Requires: elfutils valgrind" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 1642606" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -RHEL6" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -1,5 +0,0 @@
PURPOSE of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
Description: CVE-2018-18310-invalid-memory-address-dereference
Author: Martin Cermak <mcermak@redhat.com>
Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhel-8]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1642606

View File

@ -1,25 +0,0 @@
{
<insert_a_suppression_name_here>
Memcheck:Cond
fun:_nl_explode_name
}
{
<insert_a_suppression_name_here>
Memcheck:Cond
fun:_nl_make_l10nflist
}
{
<insert_a_suppression_name_here>
Memcheck:Addr4
fun:_nl_make_l10nflist
}
{
<insert_a_suppression_name_here>
Memcheck:Addr4
fun:new_composite_name
}
{
<insert_a_suppression_name_here>
Memcheck:Cond
fun:_nl_explode_name
}

View File

@ -1,16 +0,0 @@
summary: CVE-2018-18310-invalid-memory-address-dereference
description: |
Bug summary: 0 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [rhel-8]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1642606
contact:
- Martin Cermak <mcermak@redhat.com>
component:
- nothing
test: ./runtest.sh
framework: beakerlib
recommend:
- elfutils
- valgrind
duration: 48h
extra-summary: /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
extra-task: /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference

View File

@ -1,42 +0,0 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /tools/elfutils/Security/CVE-2018-18310-invalid-memory-address-dereference
# Description: CVE-2018-18310-invalid-memory-address-dereference
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2018 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="elfutils"
rlJournalStart
rlPhaseStartTest
arch | grep -q ppc64le && VGSUPP='--suppressions=bz1532205.supp' || VGSUPP=''
TMP=$(mktemp)
rlRun "valgrind $VGSUPP -q eu-stack --core=./POC-stack |& tee $TMP"
rlRun "fgrep 'Invalid read of size' $TMP" 1
rm -f $TMP
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -1,64 +0,0 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
# Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC1
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files" >> $(METADATA)
@echo "Type: Security" >> $(METADATA)
@echo "TestTime: 48h" >> $(METADATA)
@echo "RunFor: elfutils" >> $(METADATA)
@echo "Requires: elfutils" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 1651200" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -1,3 +0,0 @@
PURPOSE of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
Author: Martin Cermak <mcermak@redhat.com>

View File

@ -1,13 +0,0 @@
summary: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
description: ''
contact:
- Martin Cermak <mcermak@redhat.com>
component:
- elfutils
test: ./runtest.sh
framework: beakerlib
recommend:
- elfutils
duration: 48h
extra-summary: /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
extra-task: /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files

View File

@ -1,38 +0,0 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /tools/elfutils/Security/CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
# Description: CVE-2018-18520-elfutils-eu-size-cannot-handle-recursive-ar-files
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="elfutils"
rlJournalStart
rlPhaseStartTest
rlRun "eu-size POC1"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -1,64 +0,0 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
# Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2018 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files" >> $(METADATA)
@echo "Type: Security" >> $(METADATA)
@echo "TestTime: 48h" >> $(METADATA)
@echo "RunFor: elfutils" >> $(METADATA)
@echo "Requires: elfutils valgrind" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 1646479" >> $(METADATA)
@echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -1,5 +0,0 @@
PURPOSE of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
Author: Martin Cermak <mcermak@redhat.com>
Bug summary: 0 elfutils: eu-size cannot handle recursive ar files [rhel-8]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646479

View File

@ -1,16 +0,0 @@
summary: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
description: |
Bug summary: 0 elfutils: eu-size cannot handle recursive ar files [rhel-8]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646479
contact:
- Martin Cermak <mcermak@redhat.com>
component:
- elfutils
test: ./runtest.sh
framework: beakerlib
recommend:
- elfutils
- valgrind
duration: 48h
extra-summary: /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
extra-task: /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files

View File

@ -1,42 +0,0 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /tools/elfutils/Security/CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
# Description: CVE-2018-18520-eu-size-cannot-handle-recursive-ar-files
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2018 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="elfutils"
rlJournalStart
rlPhaseStartTest
TMP=$(mktemp)
rlRun "valgrind -q eu-size ./POC2 |& tee $TMP"
rlRun "fgrep 'Process terminating with default action of signal 11' $TMP" 1
rm -f $TMP
rlRun "eu-size ./POC2"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -1,64 +0,0 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
# Description: CVE-2018-18521-divide-by-zero
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2018 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/tools/elfutils/Security/CVE-2018-18521-divide-by-zero
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: CVE-2018-18521-divide-by-zero" >> $(METADATA)
@echo "Type: Security" >> $(METADATA)
@echo "TestTime: 48h" >> $(METADATA)
@echo "RunFor: elfutils" >> $(METADATA)
@echo "Requires: elfutils valgrind" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 1646484" >> $(METADATA)
@echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -1,5 +0,0 @@
PURPOSE of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
Description: CVE-2018-18521-divide-by-zero
Author: Martin Cermak <mcermak@redhat.com>
Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhel-8]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646484

View File

@ -1,16 +0,0 @@
summary: CVE-2018-18521-divide-by-zero
description: |
Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhel-8]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1646484
contact:
- Martin Cermak <mcermak@redhat.com>
component:
- elfutils
test: ./runtest.sh
framework: beakerlib
recommend:
- elfutils
- valgrind
duration: 48h
extra-summary: /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
extra-task: /tools/elfutils/Security/CVE-2018-18521-divide-by-zero

View File

@ -1,43 +0,0 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /tools/elfutils/Security/CVE-2018-18521-divide-by-zero
# Description: CVE-2018-18521-divide-by-zero
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2018 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="elfutils"
rlJournalStart
rlPhaseStartTest
# This doesn't reproduce on ppach64 and ppc64le.
TMP=$(mktemp)
rlRun "valgrind -q eu-ranlib ./POC2 |& tee $TMP"
rlRun "fgrep 'Process terminating with default action of signal 8' $TMP" 1
rm -f $TMP
rlRun "eu-ranlib ./POC2"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -1,64 +0,0 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
# Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c" >> $(METADATA)
@echo "Type: Security" >> $(METADATA)
@echo "TestTime: 48h" >> $(METADATA)
@echo "RunFor: elfutils" >> $(METADATA)
@echo "Requires: elfutils" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 1651203" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -1,5 +0,0 @@
PURPOSE of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
Author: Martin Cermak <mcermak@redhat.com>
Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhdts-8]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651203

View File

@ -1,15 +0,0 @@
summary: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
description: |
Bug summary: 1 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [rhdts-8]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1651203
contact:
- Martin Cermak <mcermak@redhat.com>
component:
- elfutils
test: ./runtest.sh
framework: beakerlib
recommend:
- elfutils
duration: 48h
extra-summary: /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
extra-task: /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c

View File

@ -1,38 +0,0 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /tools/elfutils/Security/CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
# Description: CVE-2018-18521-elfutils-Divide-by-zero-in-arlib_add_symbols-function-in-arlib-c
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="elfutils"
rlJournalStart
rlPhaseStartTest
rlRun "eu-ranlib POC2"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -1,64 +0,0 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /tools/elfutils/Security/CVE-2019-7146
# Description: CVE-2019-7146
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/tools/elfutils/Security/CVE-2019-7146
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE poc
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: CVE-2019-7146" >> $(METADATA)
@echo "Type: Security" >> $(METADATA)
@echo "TestTime: 48h" >> $(METADATA)
@echo "RunFor: elfutils" >> $(METADATA)
@echo "Requires: elfutils" >> $(METADATA)
@echo "Requires: valgrind" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -1,3 +0,0 @@
PURPOSE of /tools/elfutils/Security/CVE-2019-7146
Description: CVE-2019-7146
Author: Martin Cermak <mcermak@redhat.com>

View File

@ -1,14 +0,0 @@
summary: CVE-2019-7146
description: ''
contact:
- Martin Cermak <mcermak@redhat.com>
component:
- elfutils
test: ./runtest.sh
framework: beakerlib
recommend:
- elfutils
- valgrind
duration: 48h
extra-summary: /tools/elfutils/Security/CVE-2019-7146
extra-task: /tools/elfutils/Security/CVE-2019-7146

Binary file not shown.

View File

@ -1,41 +0,0 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /tools/elfutils/Security/CVE-2019-7146
# Description: CVE-2019-7146
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="elfutils"
rlJournalStart
rlPhaseStartTest
# https://svn.devel.redhat.com/repos/srtvulns/trunk/components/elfutils/CVE-2019-7146/
# Expected Output
# An error instead of segfault.
rlRun "valgrind -q --error-exitcode=99 eu-readelf -a ./poc" 1
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -1,64 +0,0 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
# Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC1
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read" >> $(METADATA)
@echo "Type: Security" >> $(METADATA)
@echo "TestTime: 48h" >> $(METADATA)
@echo "RunFor: elfutils" >> $(METADATA)
@echo "Requires: elfutils valgrind" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 1680056" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -1,5 +0,0 @@
PURPOSE of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read
Author: Martin Cermak <mcermak@redhat.com>
Bug summary: elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw [rhdts-8]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680056

View File

@ -1,16 +0,0 @@
summary: CVE-2019-7149-elfutils-heap-based-buffer-over-read
description: |
Bug summary: elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw [rhdts-8]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680056
contact:
- Martin Cermak <mcermak@redhat.com>
component:
- elfutils
test: ./runtest.sh
framework: beakerlib
recommend:
- elfutils
- valgrind
duration: 48h
extra-summary: /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
extra-task: /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read

View File

@ -1,43 +0,0 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
# Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="elfutils"
rlJournalStart
rlPhaseStartTest
rlRun "which valgrind eu-nm"
# With RHEL I saw the invalid read of size 1 on aarch64 and ppc64le
# using devtoolset-7-elfutils-0.170-5.el7. I also saw it on x86_64
# with base rhel elfutils-0.172-2.el7.x86_64.
# IOW - It doesn't reproduce "everywhere".
rlRun "valgrind -q --error-exitcode=99 eu-nm -C POC1"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -1,64 +0,0 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
# Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom" >> $(METADATA)
@echo "Type: Security" >> $(METADATA)
@echo "TestTime: 48h" >> $(METADATA)
@echo "RunFor: elfutils" >> $(METADATA)
@echo "Requires: elfutils valgrind" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 1680046" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -1,5 +0,0 @@
PURPOSE of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
Author: Martin Cermak <mcermak@redhat.com>
Bug summary: elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c [rhel-7]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680046

View File

@ -1,16 +0,0 @@
summary: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
description: |
Bug summary: elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c [rhel-7]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1680046
contact:
- Martin Cermak <mcermak@redhat.com>
component:
- elfutils
test: ./runtest.sh
framework: beakerlib
recommend:
- elfutils
- valgrind
duration: 48h
extra-summary: /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
extra-task: /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom

View File

@ -1,40 +0,0 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /tools/elfutils/Security/CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
# Description: CVE-2019-7150-segmentation-fault-in-elf64_xlatetom
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="elfutils"
rlJournalStart
rlPhaseStartTest
# An error is expected (2), but a SEGV is not (139).
# Reproduced with elfutils-0.172-2.el7, verified with elfutils-0.176-1.el7
rlRun "valgrind -q --error-exitcode=99 eu-stack --core=POC2" 2
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -1,64 +0,0 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
# Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note" >> $(METADATA)
@echo "Type: Security" >> $(METADATA)
@echo "TestTime: 48h" >> $(METADATA)
@echo "RunFor: elfutils" >> $(METADATA)
@echo "Requires: elfutils valgrind" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 1679071" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -1,5 +0,0 @@
PURPOSE of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
Author: Martin Cermak <mcermak@redhat.com>
Bug summary: elfutils: Out of bound write in elf_cvt_note in libelf/note_xlate.h [rhel-7]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679071

View File

@ -1,16 +0,0 @@
summary: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
description: |
Bug summary: elfutils: Out of bound write in elf_cvt_note in libelf/note_xlate.h [rhel-7]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679071
contact:
- Martin Cermak <mcermak@redhat.com>
component:
- elfutils
test: ./runtest.sh
framework: beakerlib
recommend:
- elfutils
- valgrind
duration: 48h
extra-summary: /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
extra-task: /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note

View File

@ -1,40 +0,0 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /tools/elfutils/Security/CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
# Description: CVE-2019-7664-Out-of-bound-write-in-elf_cvt_note
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="elfutils"
rlJournalStart
rlPhaseStartTest
# Reproduced with elfutils-0.174-5.fc28.x86_64
# This is expected to fail (1), but not to segfault (139).
rlRun "valgrind -q --error-exitcode=99 eu-elflint -d POC" 1
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -1,64 +0,0 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
# Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE POC2
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Martin Cermak <mcermak@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom" >> $(METADATA)
@echo "Type: Security" >> $(METADATA)
@echo "TestTime: 48h" >> $(METADATA)
@echo "RunFor: elfutils" >> $(METADATA)
@echo "Requires: elfutils valgrind" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 1679078" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -1,5 +0,0 @@
PURPOSE of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
Author: Martin Cermak <mcermak@redhat.com>
Bug summary: elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c [rhel-7]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679078

View File

@ -1,16 +0,0 @@
summary: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
description: |
Bug summary: elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c [rhel-7]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1679078
contact:
- Martin Cermak <mcermak@redhat.com>
component:
- elfutils
test: ./runtest.sh
framework: beakerlib
recommend:
- elfutils
- valgrind
duration: 48h
extra-summary: /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
extra-task: /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom

View File

@ -1,41 +0,0 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /tools/elfutils/Security/CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
# Description: CVE-2019-7665-heap-based-buffer-over-read-in-function-elf32_xlatetom
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="elfutils"
rlJournalStart
rlPhaseStartTest
# We expect 1, but not 99 ...
# Reproduced with valgrind-3.13.0-13.el7 and elfutils-0.172-2.el7
# Verified with valgrind-3.14.0-16.el7 and elfutils-0.176-1.el7
rlRun "valgrind -q --error-exitcode=99 eu-readelf -a POC2" 1
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -1,63 +0,0 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
# Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
# Author: Vaclav Kadlcik <vkadlcik@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2014 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE dwz-overflow.elf
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Vaclav Kadlcik <vkadlcik@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw" >> $(METADATA)
@echo "Type: Security" >> $(METADATA)
@echo "TestTime: 5m" >> $(METADATA)
@echo "RunFor: elfutils" >> $(METADATA)
@echo "Requires: elfutils" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 1139128" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -1,5 +0,0 @@
PURPOSE of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
Author: Vaclav Kadlcik <vkadlcik@redhat.com>
Bug summary: elfutils: integer overflow, leading to a heap-based buffer overflow in libdw [rhel-6.6]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1139128

View File

@ -1,16 +0,0 @@
summary: 'CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer
overflow in libdw'
description: |
Bug summary: elfutils: integer overflow, leading to a heap-based buffer overflow in libdw [rhel-6.6]
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1139128
contact:
- Vaclav Kadlcik <vkadlcik@redhat.com>
component:
- elfutils
test: ./runtest.sh
framework: beakerlib
recommend:
- elfutils
duration: 5m
extra-summary: /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
extra-task: /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow

View File

@ -1,56 +0,0 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
# Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
# Author: Vaclav Kadlcik <vkadlcik@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2014 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="elfutils"
# Reproducer by Florian Weimer
REPRODUCING_FILE=dwz-overflow.elf
rlJournalStart
rlPhaseStartSetup
rlAssertRpm $PACKAGE
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
rlRun "cp $REPRODUCING_FILE $TmpDir" 0
rlRun "pushd $TmpDir"
rlPhaseEnd
rlPhaseStartTest
# eu-readelf since 0.153 was vulnerable.
# The following crashed with "Segmentation fault"
# and exit value 139.
rlRun "eu-readelf -w $REPRODUCING_FILE" 0,1 'eu-readelf should not crash'
rlPhaseEnd
rlPhaseStartCleanup
rlRun "popd"
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd