From d01e8f373ec9e33c9d8e23d4364fe8a1de9b2ad6 Mon Sep 17 00:00:00 2001 From: Guillaume Girol Date: Sat, 10 Feb 2024 12:00:00 +0000 Subject: [PATCH] add corrupted elf files that make Object::read::File OOM the files were obtained from YARA source repository. --- elf/yara-fuzzing/COPYING | 29 ++++++++++++++++++ ...h-7dc27920ae1cb85333e7f2735a45014488134673 | Bin 0 -> 5147 bytes ...221ebfaac3f262a1c1e280f10929f7b353c44996c8 | Bin 0 -> 7456 bytes 3 files changed, 29 insertions(+) create mode 100644 elf/yara-fuzzing/COPYING create mode 100644 elf/yara-fuzzing/crash-7dc27920ae1cb85333e7f2735a45014488134673 create mode 100644 elf/yara-fuzzing/crash-f1fd008da535b110853885221ebfaac3f262a1c1e280f10929f7b353c44996c8 diff --git a/elf/yara-fuzzing/COPYING b/elf/yara-fuzzing/COPYING new file mode 100644 index 0000000..4c9e15f --- /dev/null +++ b/elf/yara-fuzzing/COPYING @@ -0,0 +1,29 @@ +The files in this folder were copied from YARA. The following license applies +to these files: + +Copyright (c) 2007-2016. The YARA Authors. All Rights Reserved. + +Redistribution and use in source and binary forms, with or without modification, +are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, this +list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, +this list of conditions and the following disclaimer in the documentation and/or +other materials provided with the distribution. + +3. Neither the name of the copyright holder nor the names of its contributors +may be used to endorse or promote products derived from this software without +specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR +ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON +ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/elf/yara-fuzzing/crash-7dc27920ae1cb85333e7f2735a45014488134673 b/elf/yara-fuzzing/crash-7dc27920ae1cb85333e7f2735a45014488134673 new file mode 100644 index 0000000000000000000000000000000000000000..4fc2221fcf7af9f401e555e1b5c2e5a65f3c8880 GIT binary patch literal 5147 zcmeHL>rWh26hAY&3yaX%QTebbS~gmAZL$=Q;wq_~p*${THIzq<(d~i)Ey)5#b}c?3 zS!ps+s_`$VQJa1+ezh@1K$;RCQEK#4`G8GH7PJYmO|u&7c+Q=BVQm&6hBh{GHZ#9_ z&OPUz$DNs-Gb0U=Mpact2owb*sqiQeXSfY6a?SwrcXC$9!cYJP+zSE7Lx~3ugU=8; zBZ(QYv_!Aab0NC%2&;}DtQvek_y~^f;@m3A2nop_r;)@b1@$Dn4tL+ zAHUoG-Dh7PZ#@70-S6G@(>LFqY=b>GNA}Vm4mU)FsC7pUO^PR%{2r7Ca_9r*_Z+2D z1J5TDLlBFRAU2ffdLa?(@9G;s$>ILN0U?P&Q>3|Wf2^v!s+>Xx6@Nqu|KW|#Ie_H$ zz5<%96nw_l$w#zzR1Zmhy^{~=d6Hd&K$cuwT3j!fCC^@mrGD|UH$B^m0>H*56P|P} zsv#b zUWrc7ls)e&9VJJ`BCUZ1 z)vee5U{-Q@;s=irg!ET`+V+>Y*c%iEm`|FPZ60j4u9_Xq){ka;WW4N@H-I^ehX~su z4=hxkXH(Z)v^D7{8ndxWi5=2DVl73itM#~sT|CE9(+Yd|=j0OY*waz-88d1gGGo)d zz2#E>GHxW_WU;3TUR+0d;_*R@MJaLBRv^-|WG6a$6|oyJf_MP)`2aD2cn0wzVi9gL z-Izqm%dMac>q<#czV{s^Une;|{dKh8MGAs)>!UxMC;b!GY}+7RO>flvkNFCZdPia3 z_S#(!?xcH<>(nEDi0hV+z|{0(>i%tc2hlOIG}n#CDV*;?ggQ-sTW!$%$6XCtVBFoH z1>f>8t>Rc7)559z$2B9ag-xx()Pi+dpic9nex2s!d3}WDv$#(7jYCVWMf5kUDB_Xc z$%)^K>pawS{!qh3@kZq1>;KNz^0y`5s=!tS{$CaN&7qr~bb5ny(*xUbc*|Dc^BWQQ zzximvHlOGn$`JV(VkA+1|Bxu&82Agl8*OrZ2ce~Mchj}}gTQW{uHZ)mYjgQ3FeE`Vr1BDg9Um$|;f&c&j literal 0 HcmV?d00001 diff --git a/elf/yara-fuzzing/crash-f1fd008da535b110853885221ebfaac3f262a1c1e280f10929f7b353c44996c8 b/elf/yara-fuzzing/crash-f1fd008da535b110853885221ebfaac3f262a1c1e280f10929f7b353c44996c8 new file mode 100644 index 0000000000000000000000000000000000000000..72cde9ac47cbcf911472fc7bf65536710dd1cb57 GIT binary patch literal 7456 zcmeHMZ){W76~DF<8fa=lmX-2nBlU zu$YA^+B6$zKrTidn!$q*ZO}D;1v;5FR7-}Kq*v|}g3R`!OxZ`=LX14D*o#IrVD?M9 z6Ji|paoEYD(8;v34{|r~n*Gqp+SYvC3ho71^AoUE$1i{dmQR+E9k60JZk1urbn%TeB2 zpc^QA3Ut~J6zB%ZNAJ)#Kp({57|(Ly7WYFoVv?NSJVp<(>0nH1g}HTynXrQ4sF_TJ zf}%HRC4^~q^aae$a5NAJ9}Yn!9H>CtGJ68yC>phGH-n*gs4JYXLh-ikb&*&!)D~!u z5Z%=ii{{a$Ft;5vTk^QNNFb32!9SbdvvEV?)=hQh8jn}#QnlxC3>xH=tHPCG?D^-E zYryp+m4(9(aOHl$GB~j$j3sf3AsRv4$6Tk;yd1+KP=Cl!G6#JY7HWhNi#$q+fQ?fk zb`z9%KT3hW55p*CxhGMXx=^wwE9}#ZygkJJ zNcK=Ep4}|oxCXdA#1VJXd}CPZBY1WW+Cy~KIaqyj|G-~UACES-wdA;8`m@7}gvg}4 zpV)SDCN+E=V&`uA^cc{&x9}KCFRsjX4(h+@TIXPHJ|^0KK20YtW6&b=0%j*xyqg-I zb#Q+Ag&bU93J>fWxSkrR*l7=^E|gvVEIV*3^Y(J!MDEXc^q+qU?RRMhbTe?hb;Y~q z#+|8=qJiwWzb$cm@W*khB7Jg#{;pbc5US>#_EmUG@0++h?edfx*m6jg;D_`60}Gc-yw&Bexcoizxyf)BWYvp|1b@&*3Zc!Whu$l4F;X zvv2s(AY(l$(kI91^s04J&9GUH>GF+A)TS#cvzf-qB81!i_5??^Ggk$7#e3z*N;8Aa zhru~d+;`D+8|1Gc`ygvD-xH9%kY^z+ z$oC=NhcvK7_$?$k4z~!$krKzE(xRf5P;a1)VXuN8FQjmnY<8D!n|r@i)F-~VaKmG3 zDwlFcZv@u>!!n6j_WuTk{RAugr4G?hR_sg)|6EtHZ&sPhnLN^U4z<3l@0~hyC*S3l z0R1W2@GT;30lx&zk8+6?cMG+ z8r&7Wth>y2(Ov4h|4&cPhu^V@dp6dKb_FMhO{+YCdW1Nj!1 z=N-HfY z?d8C8|8u^)<5>WGYJLmFBhdNH;kk?W$Dm&+nBPX|nhX@$3fgnL&)#7#h0bp_shnTj zj<}VulAWEN4%`84t7|bEx3;#KrkJ`XGOZr7gEvLIVhYC0u1Kss5HW*RES@j}$v)8$ z>*!Q%a)uLXXFTFGrp2VRZE6@&U#g**VrEnDYlfA+d zjaea&Z`0OQR-h}dbw!h&_GB1W#NnXuQ0opPx`iirC<=c{T5)AL7>XytvFJ3#ge@M5 z5U&co5leXF%snW2x?)hRP#>P$vcSaT>Ul!l`Aym#gbS^yrfRpU7P|bc4#3b$peNjc z5yULIM-8`v2eB0%yf-~~7u3u6Up)ES!Osm}Y32xI<~*8cBP|2-6HlDJ$2U;c#BU9$ z8mw{5Dae)5q8=LOhk6S+6a6vQAQPAW49Ra7u}xrR1jI3~Bfo(%e-2QTIR3)#2J;g{ z9CH&g^FK|*lJx?k3l4}h8LvCLeC>_xe-U#Rl8lNk+h%p1wf8?`^q zf%#(!Oxz|g^Gq_wO&l`>jXQxd$I5>AO(icwSrc)j<6w=u1`L_w(?s9Io&;+gb12Cg z1j(_HUIlBM0UVjXBbw-s^kcBb@i&sJG9+o1eX{hEJdQ5-TSUGWj%!4J#1;Pk2dX5_ zf%JQ@#xZvzPe_Y;Xxt^J%m@(|*?31zn9$5Qh&X~g>RE9{@)c9_qtZ~ACf(5uUew@dx0vvOY z3gGmb!ZbN|#)|cv2XleNz_Gn1_C?~q9$EHEP2nERmnmq|T(CWaAO4<)!>_@<8cg4) gl6#(gYPx_s;6nus>5Ig3S0V069LVNqBW$|(Z;AT+x&QzG literal 0 HcmV?d00001