diff --git a/tests/CVE-2017-15370-no-heap-buffer-overflow-in-imaexpands/02-heap-buffer-over b/tests/CVE-2017-15370-no-heap-buffer-overflow-in-imaexpands/02-heap-buffer-over new file mode 100644 index 0000000..fb08e2b Binary files /dev/null and b/tests/CVE-2017-15370-no-heap-buffer-overflow-in-imaexpands/02-heap-buffer-over differ diff --git a/tests/CVE-2017-15370-no-heap-buffer-overflow-in-imaexpands/Makefile b/tests/CVE-2017-15370-no-heap-buffer-overflow-in-imaexpands/Makefile new file mode 100644 index 0000000..447c9c0 --- /dev/null +++ b/tests/CVE-2017-15370-no-heap-buffer-overflow-in-imaexpands/Makefile @@ -0,0 +1,63 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/tests/Security/CVE-2017-15370-no-heap-buffer-overflow-in-imaexpands +# Description: Test if there is no heap buffer overflow in ImaExpandS (ima_rw.c:126) +# Author: Jiri Kucera +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2018 Red Hat, Inc. +# +# This program is free software: you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation, either version 2 of +# the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see http://www.gnu.org/licenses/. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +export TEST=/CoreOS/tests/Security/CVE-2017-15370-no-heap-buffer-overflow-in-imaexpands +export TESTVERSION=1.0 + +BUILT_FILES= + +FILES=$(METADATA) runtest.sh Makefile PURPOSE + +.PHONY: all install download clean + +run: $(FILES) build + ./runtest.sh + +build: $(BUILT_FILES) + test -x runtest.sh || chmod a+x runtest.sh + +clean: + rm -f *~ $(BUILT_FILES) + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Jiri Kucera " > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: Test if there is no heap buffer overflow in ImaExpandS (ima_rw.c:126)" >> $(METADATA) + @echo "Type: Security" >> $(METADATA) + @echo "TestTime: 5m" >> $(METADATA) + @echo "RunFor: sox" >> $(METADATA) + @echo "Requires: sox" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2+" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + @echo "Bug: 1500554" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/CVE-2017-15370-no-heap-buffer-overflow-in-imaexpands/PURPOSE b/tests/CVE-2017-15370-no-heap-buffer-overflow-in-imaexpands/PURPOSE new file mode 100644 index 0000000..faf9fd2 --- /dev/null +++ b/tests/CVE-2017-15370-no-heap-buffer-overflow-in-imaexpands/PURPOSE @@ -0,0 +1,3 @@ +PURPOSE of /CoreOS/tests/Security/CVE-2017-15370-no-heap-buffer-overflow-in-imaexpands +Description: Test if there is no heap buffer overflow in ImaExpandS (ima_rw.c:126) +Author: Jiri Kucera diff --git a/tests/CVE-2017-15370-no-heap-buffer-overflow-in-imaexpands/runtest.sh b/tests/CVE-2017-15370-no-heap-buffer-overflow-in-imaexpands/runtest.sh new file mode 100755 index 0000000..52eaba1 --- /dev/null +++ b/tests/CVE-2017-15370-no-heap-buffer-overflow-in-imaexpands/runtest.sh @@ -0,0 +1,52 @@ +#!/bin/bash +# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/tests/Security/CVE-2017-15370-no-heap-buffer-overflow-in-imaexpands +# Description: Test if there is no heap buffer overflow in ImaExpandS (ima_rw.c:126) +# Author: Jiri Kucera +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2018 Red Hat, Inc. +# +# This program is free software: you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation, either version 2 of +# the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see http://www.gnu.org/licenses/. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include Beaker environment +. /usr/bin/rhts-environment.sh || exit 1 +. /usr/share/beakerlib/beakerlib.sh || exit 1 + +PACKAGE="sox" + +rlJournalStart + rlPhaseStartSetup + rlAssertRpm $PACKAGE + rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory" + rlRun "cp 02-heap-buffer-over $TmpDir/02-heap-buffer-over" 0 "Copying 02-heap-buffer-over" + rlRun "SndFile=/var/tmp/temp$$.snd" 0 "Generating temporary .snd file name" + rlRun "pushd $TmpDir" + rlPhaseEnd + + rlPhaseStartTest + rlRun "sox 02-heap-buffer-over $SndFile" 0 "Test for CVE-2017-15370 presence" + rlPhaseEnd + + rlPhaseStartCleanup + rlRun "popd" + rlRun "rm -rfd $TmpDir" 0 "Removing tmp directory" + rlPhaseEnd +rlJournalPrintText +rlJournalEnd diff --git a/tests/CVE-2017-15371-no-reachable-assertion-in-sox-append-comment/03-abort b/tests/CVE-2017-15371-no-reachable-assertion-in-sox-append-comment/03-abort new file mode 100644 index 0000000..c6002c5 Binary files /dev/null and b/tests/CVE-2017-15371-no-reachable-assertion-in-sox-append-comment/03-abort differ diff --git a/tests/CVE-2017-15371-no-reachable-assertion-in-sox-append-comment/Makefile b/tests/CVE-2017-15371-no-reachable-assertion-in-sox-append-comment/Makefile new file mode 100644 index 0000000..15bf87b --- /dev/null +++ b/tests/CVE-2017-15371-no-reachable-assertion-in-sox-append-comment/Makefile @@ -0,0 +1,63 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/tests/Security/CVE-2017-15371-no-reachable-assertion-in-sox-append-comment +# Description: Test if there is no reachable assertion abort in function sox_append_comment (formats.c:227) +# Author: Jiri Kucera +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2018 Red Hat, Inc. +# +# This program is free software: you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation, either version 2 of +# the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see http://www.gnu.org/licenses/. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +export TEST=/CoreOS/tests/Security/CVE-2017-15371-no-reachable-assertion-in-sox-append-comment +export TESTVERSION=1.0 + +BUILT_FILES= + +FILES=$(METADATA) runtest.sh Makefile PURPOSE + +.PHONY: all install download clean + +run: $(FILES) build + ./runtest.sh + +build: $(BUILT_FILES) + test -x runtest.sh || chmod a+x runtest.sh + +clean: + rm -f *~ $(BUILT_FILES) + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Jiri Kucera " > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: Test if there is no reachable assertion abort in function sox_append_comment (formats.c:227)" >> $(METADATA) + @echo "Type: Security" >> $(METADATA) + @echo "TestTime: 5m" >> $(METADATA) + @echo "RunFor: sox" >> $(METADATA) + @echo "Requires: sox" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2+" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + @echo "Bug: 1500570" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/CVE-2017-15371-no-reachable-assertion-in-sox-append-comment/PURPOSE b/tests/CVE-2017-15371-no-reachable-assertion-in-sox-append-comment/PURPOSE new file mode 100644 index 0000000..0b765c8 --- /dev/null +++ b/tests/CVE-2017-15371-no-reachable-assertion-in-sox-append-comment/PURPOSE @@ -0,0 +1,3 @@ +PURPOSE of /CoreOS/tests/Security/CVE-2017-15371-no-reachable-assertion-in-sox-append-comment +Description: Test if there is no reachable assertion abort in function sox_append_comment (formats.c:227) +Author: Jiri Kucera diff --git a/tests/CVE-2017-15371-no-reachable-assertion-in-sox-append-comment/runtest.sh b/tests/CVE-2017-15371-no-reachable-assertion-in-sox-append-comment/runtest.sh new file mode 100755 index 0000000..a07b087 --- /dev/null +++ b/tests/CVE-2017-15371-no-reachable-assertion-in-sox-append-comment/runtest.sh @@ -0,0 +1,53 @@ +#!/bin/bash +# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/tests/Security/CVE-2017-15371-no-reachable-assertion-in-sox-append-comment +# Description: Test if there is no reachable assertion abort in function sox_append_comment (formats.c:227) +# Author: Jiri Kucera +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2018 Red Hat, Inc. +# +# This program is free software: you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation, either version 2 of +# the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see http://www.gnu.org/licenses/. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include Beaker environment +. /usr/bin/rhts-environment.sh || exit 1 +. /usr/share/beakerlib/beakerlib.sh || exit 1 + +PACKAGE="sox" + +rlJournalStart + rlPhaseStartSetup + rlAssertRpm $PACKAGE + rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory" + rlRun "cp 03-abort $TmpDir/03-abort" 0 "Copying 03-abort" + rlRun "TmpFile=/var/tmp/temp$$" 0 "Generating temporary file name" + rlRun "pushd $TmpDir" + rlPhaseEnd + + rlPhaseStartTest + rlRun "sox 03-abort /dev/null" 2 "Test for CVE-2017-15371 presence" 2>&1 | tee $TmpFile + rlAssertGrep "FLAC ERROR whilst decoding metadata" $TmpFile + rlPhaseEnd + + rlPhaseStartCleanup + rlRun "popd" + rlRun "rm -rfd $TmpDir" 0 "Removing tmp directory" + rlPhaseEnd +rlJournalPrintText +rlJournalEnd diff --git a/tests/CVE-2017-15372-no-stack-overflow-vulnerability-in-lsx-ms-adpcm-block-expand-i/01-stack-overflow b/tests/CVE-2017-15372-no-stack-overflow-vulnerability-in-lsx-ms-adpcm-block-expand-i/01-stack-overflow new file mode 100644 index 0000000..514d56b Binary files /dev/null and b/tests/CVE-2017-15372-no-stack-overflow-vulnerability-in-lsx-ms-adpcm-block-expand-i/01-stack-overflow differ diff --git a/tests/CVE-2017-15372-no-stack-overflow-vulnerability-in-lsx-ms-adpcm-block-expand-i/Makefile b/tests/CVE-2017-15372-no-stack-overflow-vulnerability-in-lsx-ms-adpcm-block-expand-i/Makefile new file mode 100644 index 0000000..2949101 --- /dev/null +++ b/tests/CVE-2017-15372-no-stack-overflow-vulnerability-in-lsx-ms-adpcm-block-expand-i/Makefile @@ -0,0 +1,63 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/tests/Security/CVE-2017-15372-no-stack-overflow-vulnerability-in-lsx-ms-adpcm-block-expand-i +# Description: Test if there is no stack-overflow vulnerability in lsx_ms_adpcm_block_expand_i (adpcm.c:126) +# Author: Jiri Kucera +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2018 Red Hat, Inc. +# +# This program is free software: you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation, either version 2 of +# the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see http://www.gnu.org/licenses/. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +export TEST=/CoreOS/tests/Security/CVE-2017-15372-no-stack-overflow-vulnerability-in-lsx-ms-adpcm-block-expand-i +export TESTVERSION=1.0 + +BUILT_FILES= + +FILES=$(METADATA) runtest.sh Makefile PURPOSE + +.PHONY: all install download clean + +run: $(FILES) build + ./runtest.sh + +build: $(BUILT_FILES) + test -x runtest.sh || chmod a+x runtest.sh + +clean: + rm -f *~ $(BUILT_FILES) + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Jiri Kucera " > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: Test if there is no stack-overflow vulnerability in lsx_ms_adpcm_block_expand_i (adpcm.c:126)" >> $(METADATA) + @echo "Type: Security" >> $(METADATA) + @echo "TestTime: 5m" >> $(METADATA) + @echo "RunFor: sox" >> $(METADATA) + @echo "Requires: sox" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2+" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + @echo "Bug: 1500553" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/CVE-2017-15372-no-stack-overflow-vulnerability-in-lsx-ms-adpcm-block-expand-i/PURPOSE b/tests/CVE-2017-15372-no-stack-overflow-vulnerability-in-lsx-ms-adpcm-block-expand-i/PURPOSE new file mode 100644 index 0000000..42962d9 --- /dev/null +++ b/tests/CVE-2017-15372-no-stack-overflow-vulnerability-in-lsx-ms-adpcm-block-expand-i/PURPOSE @@ -0,0 +1,3 @@ +PURPOSE of /CoreOS/tests/Security/CVE-2017-15372-no-stack-overflow-vulnerability-in-lsx-ms-adpcm-block-expand-i +Description: Test if there is no stack-overflow vulnerability in lsx_ms_adpcm_block_expand_i (adpcm.c:126) +Author: Jiri Kucera diff --git a/tests/CVE-2017-15372-no-stack-overflow-vulnerability-in-lsx-ms-adpcm-block-expand-i/runtest.sh b/tests/CVE-2017-15372-no-stack-overflow-vulnerability-in-lsx-ms-adpcm-block-expand-i/runtest.sh new file mode 100755 index 0000000..2bffb0f --- /dev/null +++ b/tests/CVE-2017-15372-no-stack-overflow-vulnerability-in-lsx-ms-adpcm-block-expand-i/runtest.sh @@ -0,0 +1,52 @@ +#!/bin/bash +# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/tests/Security/CVE-2017-15372-no-stack-overflow-vulnerability-in-lsx-ms-adpcm-block-expand-i +# Description: Test if there is no stack-overflow vulnerability in lsx_ms_adpcm_block_expand_i (adpcm.c:126) +# Author: Jiri Kucera +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2018 Red Hat, Inc. +# +# This program is free software: you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation, either version 2 of +# the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see http://www.gnu.org/licenses/. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include Beaker environment +. /usr/bin/rhts-environment.sh || exit 1 +. /usr/share/beakerlib/beakerlib.sh || exit 1 + +PACKAGE="sox" + +rlJournalStart + rlPhaseStartSetup + rlAssertRpm $PACKAGE + rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory" + rlRun "cp 01-stack-overflow $TmpDir/01-stack-overflow" 0 "Copying 01-stack-overflow" + rlRun "SndFile=/var/tmp/temp$$.snd" 0 "Generating temporary .snd file name" + rlRun "pushd $TmpDir" + rlPhaseEnd + + rlPhaseStartTest + rlRun "sox 01-stack-overflow $SndFile" 0 "Test for CVE-2017-15372 presence" + rlPhaseEnd + + rlPhaseStartCleanup + rlRun "popd" + rlRun "rm -rfd $TmpDir" 0 "Removing tmp directory" + rlPhaseEnd +rlJournalPrintText +rlJournalEnd diff --git a/tests/CVE-2017-15642-no-use-after-free-in-lsx-aiffstartread/Makefile b/tests/CVE-2017-15642-no-use-after-free-in-lsx-aiffstartread/Makefile new file mode 100644 index 0000000..dcd93cd --- /dev/null +++ b/tests/CVE-2017-15642-no-use-after-free-in-lsx-aiffstartread/Makefile @@ -0,0 +1,63 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/tests/Security/CVE-2017-15642-no-use-after-free-in-lsx-aiffstartread +# Description: Test if there is no use-after-free in lsx_aiffstartread +# Author: Jiri Kucera +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2018 Red Hat, Inc. +# +# This program is free software: you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation, either version 2 of +# the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see http://www.gnu.org/licenses/. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +export TEST=/CoreOS/tests/Security/CVE-2017-15642-no-use-after-free-in-lsx-aiffstartread +export TESTVERSION=1.0 + +BUILT_FILES= + +FILES=$(METADATA) runtest.sh Makefile PURPOSE + +.PHONY: all install download clean + +run: $(FILES) build + ./runtest.sh + +build: $(BUILT_FILES) + test -x runtest.sh || chmod a+x runtest.sh + +clean: + rm -f *~ $(BUILT_FILES) + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Jiri Kucera " > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: Test if there is no use-after-free in lsx_aiffstartread" >> $(METADATA) + @echo "Type: Security" >> $(METADATA) + @echo "TestTime: 5m" >> $(METADATA) + @echo "RunFor: sox" >> $(METADATA) + @echo "Requires: sox" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2+" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + @echo "Bug: 1510923" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/CVE-2017-15642-no-use-after-free-in-lsx-aiffstartread/PURPOSE b/tests/CVE-2017-15642-no-use-after-free-in-lsx-aiffstartread/PURPOSE new file mode 100644 index 0000000..66a0712 --- /dev/null +++ b/tests/CVE-2017-15642-no-use-after-free-in-lsx-aiffstartread/PURPOSE @@ -0,0 +1,3 @@ +PURPOSE of /CoreOS/tests/Security/CVE-2017-15642-no-use-after-free-in-lsx-aiffstartread +Description: Test if there is no use-after-free in lsx_aiffstartread +Author: Jiri Kucera diff --git a/tests/CVE-2017-15642-no-use-after-free-in-lsx-aiffstartread/crash00 b/tests/CVE-2017-15642-no-use-after-free-in-lsx-aiffstartread/crash00 new file mode 100644 index 0000000..a81478a Binary files /dev/null and b/tests/CVE-2017-15642-no-use-after-free-in-lsx-aiffstartread/crash00 differ diff --git a/tests/CVE-2017-15642-no-use-after-free-in-lsx-aiffstartread/runtest.sh b/tests/CVE-2017-15642-no-use-after-free-in-lsx-aiffstartread/runtest.sh new file mode 100755 index 0000000..9c628dd --- /dev/null +++ b/tests/CVE-2017-15642-no-use-after-free-in-lsx-aiffstartread/runtest.sh @@ -0,0 +1,51 @@ +#!/bin/bash +# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/tests/Security/CVE-2017-15642-no-use-after-free-in-lsx-aiffstartread +# Description: Test if there is no use-after-free in lsx_aiffstartread +# Author: Jiri Kucera +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2018 Red Hat, Inc. +# +# This program is free software: you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation, either version 2 of +# the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see http://www.gnu.org/licenses/. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include Beaker environment +. /usr/bin/rhts-environment.sh || exit 1 +. /usr/share/beakerlib/beakerlib.sh || exit 1 + +PACKAGE="sox" + +rlJournalStart + rlPhaseStartSetup + rlAssertRpm $PACKAGE + rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory" + rlRun "cp crash00 $TmpDir/crash00" 0 "Copying crash00" + rlRun "pushd $TmpDir" + rlPhaseEnd + + rlPhaseStartTest + rlRun "sox -D -V -V crash00 /dev/null" 2 "Test for CVE-2017-15642 presence" + rlPhaseEnd + + rlPhaseStartCleanup + rlRun "popd" + rlRun "rm -rfd $TmpDir" 0 "Removing tmp directory" + rlPhaseEnd +rlJournalPrintText +rlJournalEnd diff --git a/tests/tests.yml b/tests/tests.yml new file mode 100644 index 0000000..0a2a013 --- /dev/null +++ b/tests/tests.yml @@ -0,0 +1,16 @@ +--- +# Tests that run in classic and container context +- hosts: localhost + roles: + - role: standard-test-beakerlib + tags: + - classic + - container + tests: + - CVE-2017-15370-no-heap-buffer-overflow-in-imaexpands + - CVE-2017-15371-no-reachable-assertion-in-sox-append-comment + - CVE-2017-15372-no-stack-overflow-vulnerability-in-lsx-ms-adpcm-block-expand-i + - CVE-2017-15642-no-use-after-free-in-lsx-aiffstartread + required_packages: + - sox # required by tests + - findutils # beakerlib needs find command