57 lines
2.0 KiB
Bash
Executable File
57 lines
2.0 KiB
Bash
Executable File
#!/bin/bash
|
|
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
#
|
|
# runtest.sh of /tools/elfutils/Security/bz1139128-CVE-2014-0172-elfutils-integer-overflow
|
|
# Description: CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
|
|
# Author: Vaclav Kadlcik <vkadlcik@redhat.com>
|
|
#
|
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
#
|
|
# Copyright (c) 2014 Red Hat, Inc.
|
|
#
|
|
# This program is free software: you can redistribute it and/or
|
|
# modify it under the terms of the GNU General Public License as
|
|
# published by the Free Software Foundation, either version 2 of
|
|
# the License, or (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be
|
|
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
# PURPOSE. See the GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
#
|
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
# Include Beaker environment
|
|
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
|
|
PACKAGE="elfutils"
|
|
|
|
# Reproducer by Florian Weimer
|
|
REPRODUCING_FILE=dwz-overflow.elf
|
|
|
|
rlJournalStart
|
|
rlPhaseStartSetup
|
|
rlAssertRpm $PACKAGE
|
|
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
|
|
rlRun "cp $REPRODUCING_FILE $TmpDir" 0
|
|
rlRun "pushd $TmpDir"
|
|
rlPhaseEnd
|
|
|
|
rlPhaseStartTest
|
|
# eu-readelf since 0.153 was vulnerable.
|
|
# The following crashed with "Segmentation fault"
|
|
# and exit value 139.
|
|
rlRun "eu-readelf -w $REPRODUCING_FILE" 0,1 'eu-readelf should not crash'
|
|
rlPhaseEnd
|
|
|
|
rlPhaseStartCleanup
|
|
rlRun "popd"
|
|
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
|
|
rlPhaseEnd
|
|
rlJournalPrintText
|
|
rlJournalEnd
|