elfutils/tests/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read/runtest.sh
Martin Cermak 178121d8af Introduce CI gating setup for elfutils
Set up CI gating.  This will introduce new testcase called
fedora-ci.koji-build.tier0.functional and will configure it
as a mandatory CI gating testcase for elfutils fedora builds.

The provided test coverage comes from RHEL. This commit
"upstreams" it and makes it public.

The test cases are executed by running ./runtest.sh.
The main.fmf file keeps the testcase metadata.  Makefiles
and PURPOSE files are legacy and could be dropped.  We keep
them for backward compatibility though.  The plans and .fmf
folders contain configuration files needed for execution of
provided testcases within the Fedora CI infrastructure.
Rest of the provided files are reproducer or helper files.

Provided tests use Flexible Metadata Format, as documented in
https://fmf.readthedocs.io/ .

plans/ci.fmf: Change how from beakerlib to tmt

Removed tests that didn't run unprivileged with
tmt run --all provision --how=local

- tests/Regression/GNU-Property-notes-not-recognized
  Tries to install extra pacakger with yum.

- tests/Regression/bz447416-segfaults
  Tries to do eu-stack -p 1

- tests/Regression/elfutils-default-yama-scope-scriptlet-failed
  Does not have permission to do:
  grep /var/log/anaconda/packaging.log

- tests/Sanity/yama-scope
  su: user ptrace_scope_testuser does not exist or the user entry does not
      contain all the required fields

- tests/testsuite
  yum-builddep -y /tmp/tmp.7gnbiIzrYg/SPECS/elfutils.spec

- tests/Regression/rpmtests
  Tries to download and builddep src.rpm package from koji.

Removed not enabled tests:
- tests/Regression/bz652858-elfutils-prelink-stap-interaction
- tests/Sanity/elfutils-debuginfod

CVE reproducers are now public, so no longer confidential.

Remove unused tests/Sanity/elfutils-debuginfod/typescript
2021-04-19 10:42:42 +02:00

44 lines
1.7 KiB
Bash
Executable File

#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /tools/elfutils/Security/CVE-2019-7149-elfutils-heap-based-buffer-over-read
# Description: CVE-2019-7149-elfutils-heap-based-buffer-over-read
# Author: Martin Cermak <mcermak@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="elfutils"
rlJournalStart
rlPhaseStartTest
rlRun "which valgrind eu-nm"
# With RHEL I saw the invalid read of size 1 on aarch64 and ppc64le
# using devtoolset-7-elfutils-0.170-5.el7. I also saw it on x86_64
# with base rhel elfutils-0.172-2.el7.x86_64.
# IOW - It doesn't reproduce "everywhere".
rlRun "valgrind -q --error-exitcode=99 eu-nm -C POC1"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd