CVE-2018-19664

[rshariffdeen]

Cannot build the experiment due to $INJECT_CFLAGS messing with CMAKE

WARNING:Did not recognize the compiler flag "${INJECT_CFLAGS:--g}"
WARNING:Did not recognize the compiler flag "${INJECT_CFLAGS:--g}"
clang-6.0: error: no such file or directory: '${INJECT_CFLAGS:--g}'
ERROR:Failed to compile using given arguments: [-g -O0 -include /CrashRepair/compiler/../lib/crepair_runtime.h -fPIC -g -O0 -D_NO_STRING_INLINES -DFORTIFY_SOURCE=0 -fPIC ${INJECT_CFLAGS:--g} -Wl,--version-script,/data/vulnloc/libjpeg/CVE-2018-19664/src/turbojpeg-mapfile -shared -Wl,-soname,libturbojpeg.so.0 -o libturbojpeg.so.0.2.0 CMakeFiles/turbojpeg.dir/jcapimin.c.o CMakeFiles/turbojpeg.dir/jcapistd.c.o CMakeFiles/turbojpeg.dir/jccoefct.c.o CMakeFiles/turbojpeg.dir/jccolor.c.o CMakeFiles/turbojpeg.dir/jcdctmgr.c.o CMakeFiles/turbojpeg.dir/jchuff.c.o CMakeFiles/turbojpeg.dir/jcicc.c.o CMakeFiles/turbojpeg.dir/jcinit.c.o CMakeFiles/turbojpeg.dir/jcmainct.c.o CMakeFiles/turbojpeg.dir/jcmarker.c.o CMakeFiles/turbojpeg.dir/jcmaster.c.o CMakeFiles/turbojpeg.dir/jcomapi.c.o CMakeFiles/turbojpeg.dir/jcparam.c.o CMakeFiles/turbojpeg.dir/jcphuff.c.o CMakeFiles/turbojpeg.dir/jcprepct.c.o CMakeFiles/turbojpeg.dir/jcsample.c.o CMakeFiles/turbojpeg.dir/jctrans.c.o CMakeFiles/turbojpeg.dir/jdapimin.c.o CMakeFiles/turbojpeg.dir/jdapistd.c.o CMakeFiles/turbojpeg.dir/jdatadst.c.o CMakeFiles/turbojpeg.dir/jdatasrc.c.o CMakeFiles/turbojpeg.dir/jdcoefct.c.o CMakeFiles/turbojpeg.dir/jdcolor.c.o CMakeFiles/turbojpeg.dir/jddctmgr.c.o CMakeFiles/turbojpeg.dir/jdhuff.c.o CMakeFiles/turbojpeg.dir/jdicc.c.o CMakeFiles/turbojpeg.dir/jdinput.c.o CMakeFiles/turbojpeg.dir/jdmainct.c.o CMakeFiles/turbojpeg.dir/jdmarker.c.o CMakeFiles/turbojpeg.dir/jdmaster.c.o CMakeFiles/turbojpeg.dir/jdmerge.c.o CMakeFiles/turbojpeg.dir/jdphuff.c.o CMakeFiles/turbojpeg.dir/jdpostct.c.o CMakeFiles/turbojpeg.dir/jdsample.c.o CMakeFiles/turbojpeg.dir/jdtrans.c.o CMakeFiles/turbojpeg.dir/jerror.c.o CMakeFiles/turbojpeg.dir/jfdctflt.c.o CMakeFiles/turbojpeg.dir/jfdctfst.c.o CMakeFiles/turbojpeg.dir/jfdctint.c.o CMakeFiles/turbojpeg.dir/jidctflt.c.o CMakeFiles/turbojpeg.dir/jidctfst.c.o CMakeFiles/turbojpeg.dir/jidctint.c.o CMakeFiles/turbojpeg.dir/jidctred.c.o CMakeFiles/turbojpeg.dir/jquant1.c.o CMakeFiles/turbojpeg.dir/jquant2.c.o CMakeFiles/turbojpeg.dir/jutils.c.o CMakeFiles/turbojpeg.dir/jmemmgr.c.o CMakeFiles/turbojpeg.dir/jmemnobs.c.o CMakeFiles/turbojpeg.dir/jaricom.c.o CMakeFiles/turbojpeg.dir/jcarith.c.o CMakeFiles/turbojpeg.dir/jdarith.c.o CMakeFiles/turbojpeg.dir/turbojpeg.c.o CMakeFiles/turbojpeg.dir/transupp.c.o CMakeFiles/turbojpeg.dir/jdatadst-tj.c.o CMakeFiles/turbojpeg.dir/jdatasrc-tj.c.o CMakeFiles/turbojpeg.dir/rdbmp.c.o CMakeFiles/turbojpeg.dir/rdppm.c.o CMakeFiles/turbojpeg.dir/wrbmp.c.o CMakeFiles/turbojpeg.dir/wrppm.c.o CMakeFiles/simd.dir/jsimd_none.c.o -Wl,-rpath,:::::::::::::::::::::::: -L/CrashRepair/compiler/../lib/ -L/klee/build/lib/ -lcrepair_runtime -lcrepair_proxy -lkleeRuntest]
CMakeFiles/turbojpeg.dir/build.make:1026: recipe for target 'libturbojpeg.so.0.2.0' failed
make[2]: *** [libturbojpeg.so.0.2.0] Error 1
clang-6.0: error: no such file or directory: '${INJECT_CFLAGS:--g}'
CMakeFiles/Makefile2:341: recipe for target 'CMakeFiles/turbojpeg.dir/all' failed
make[1]: *** [CMakeFiles/turbojpeg.dir/all] Error 2
ERROR:Failed to compile using given arguments: [-g -O0 -include /CrashRepair/compiler/../lib/crepair_runtime.h -fPIC -g -O0 -D_NO_STRING_INLINES -DFORTIFY_SOURCE=0 -fPIC ${INJECT_CFLAGS:--g} -Wl,--version-script,/data/vulnloc/libjpeg/CVE-2018-19664/src/sharedlib/../libjpeg.map -shared -Wl,-soname,libjpeg.so.62 -o ../libjpeg.so.62.3.0 CMakeFiles/jpeg.dir/__/jcapimin.c.o CMakeFiles/jpeg.dir/__/jcapistd.c.o CMakeFiles/jpeg.dir/__/jccoefct.c.o CMakeFiles/jpeg.dir/__/jccolor.c.o CMakeFiles/jpeg.dir/__/jcdctmgr.c.o CMakeFiles/jpeg.dir/__/jchuff.c.o CMakeFiles/jpeg.dir/__/jcicc.c.o CMakeFiles/jpeg.dir/__/jcinit.c.o CMakeFiles/jpeg.dir/__/jcmainct.c.o CMakeFiles/jpeg.dir/__/jcmarker.c.o CMakeFiles/jpeg.dir/__/jcmaster.c.o CMakeFiles/jpeg.dir/__/jcomapi.c.o CMakeFiles/jpeg.dir/__/jcparam.c.o CMakeFiles/jpeg.dir/__/jcphuff.c.o CMakeFiles/jpeg.dir/__/jcprepct.c.o CMakeFiles/jpeg.dir/__/jcsample.c.o CMakeFiles/jpeg.dir/__/jctrans.c.o CMakeFiles/jpeg.dir/__/jdapimin.c.o CMakeFiles/jpeg.dir/__/jdapistd.c.o CMakeFiles/jpeg.dir/__/jdatadst.c.o CMakeFiles/jpeg.dir/__/jdatasrc.c.o CMakeFiles/jpeg.dir/__/jdcoefct.c.o CMakeFiles/jpeg.dir/__/jdcolor.c.o CMakeFiles/jpeg.dir/__/jddctmgr.c.o CMakeFiles/jpeg.dir/__/jdhuff.c.o CMakeFiles/jpeg.dir/__/jdicc.c.o CMakeFiles/jpeg.dir/__/jdinput.c.o CMakeFiles/jpeg.dir/__/jdmainct.c.o CMakeFiles/jpeg.dir/__/jdmarker.c.o CMakeFiles/jpeg.dir/__/jdmaster.c.o CMakeFiles/jpeg.dir/__/jdmerge.c.o CMakeFiles/jpeg.dir/__/jdphuff.c.o CMakeFiles/jpeg.dir/__/jdpostct.c.o CMakeFiles/jpeg.dir/__/jdsample.c.o CMakeFiles/jpeg.dir/__/jdtrans.c.o CMakeFiles/jpeg.dir/__/jerror.c.o CMakeFiles/jpeg.dir/__/jfdctflt.c.o CMakeFiles/jpeg.dir/__/jfdctfst.c.o CMakeFiles/jpeg.dir/__/jfdctint.c.o CMakeFiles/jpeg.dir/__/jidctflt.c.o CMakeFiles/jpeg.dir/__/jidctfst.c.o CMakeFiles/jpeg.dir/__/jidctint.c.o CMakeFiles/jpeg.dir/__/jidctred.c.o CMakeFiles/jpeg.dir/__/jquant1.c.o CMakeFiles/jpeg.dir/__/jquant2.c.o CMakeFiles/jpeg.dir/__/jutils.c.o CMakeFiles/jpeg.dir/__/jmemmgr.c.o CMakeFiles/jpeg.dir/__/jmemnobs.c.o CMakeFiles/jpeg.dir/__/jaricom.c.o CMakeFiles/jpeg.dir/__/jcarith.c.o CMakeFiles/jpeg.dir/__/jdarith.c.o ../CMakeFiles/simd.dir/jsimd_none.c.o -Wl,-rpath,:::::::::::::::::::::::: -L/CrashRepair/compiler/../lib/ -L/klee/build/lib/ -lcrepair_runtime -lcrepair_proxy -lkleeRuntest]
sharedlib/CMakeFiles/jpeg.dir/build.make:898: recipe for target 'libjpeg.so.62.3.0' failed
make[2]: *** [libjpeg.so.62.3.0] Error 1
CMakeFiles/Makefile2:835: recipe for target 'sharedlib/CMakeFiles/jpeg.dir/all' failed
make[1]: *** [sharedlib/CMakeFiles/jpeg.dir/all] Error 2
Makefile:145: recipe for target 'all' failed
make: *** [all] Error 2

[ChrisTimperley]

Ah, this is a pretty simple bug. Thanks for filing an issue. ${INJECT_CFLAGS} isn't the problem (we need it!). The problem is that -DCMAKE_C_FLAGS_RELEASE='...' uses single quotes rather than double quotes, so ${INJECT_CFLAGS} isn't interpolated. I'll push a quick fix.

[ChrisTimperley]

Just a heads up that the scenario builds but we aren't able to localize a constraint:

        Fix Localization
====================================================================================================

        Generating Fix Locations
        __________________________________________________________________________________________

                generating taint map
                             [info] found 0 tainted locations
                        starting parallel computing
                        waiting for thread completion
                             [info] found 0 source files
                             [info] found 0 executed functions
                generating possible fix locations

        Localizing Constraints
        __________________________________________________________________________________________

        Unable to Localize a Crash Free Constraint
        Repair Failed
        Analysis Failed
        Runtime Error
        Error. Exiting...

Run time statistics:
-----------------------

        Startup: 0.000 minutes
        Build: 0 minutes
        Concrete Analysis: 0.446 minutes
        Concolic Analysis: 20.383 minutes
        Total Analysis: 20.844 minutes
        Localization: 0 minutes

CRepair exited with an error after 20.990 minutes