wok-4.x annotate glibc/stuff/patches/glibc-2.22-CVE-2017-1000366.patch @ rev 12476

Up glibc (2.22) with CVE patchs
author Stanislas Leduc <shann@slitaz.org>
date Wed Mar 15 11:41:38 2023 +0000 (15 months ago)
parents
children
rev   line source
shann@12476 1 Based on:
shann@12476 2 https://sourceware.org/bugzilla/show_bug.cgi?id=CVE-2017-1000366
shann@12476 3 https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=patch;h=efa26d9c13a6fabd34a05139e1d8b2e441b2fae9
shann@12476 4
shann@12476 5 From efa26d9c13a6fabd34a05139e1d8b2e441b2fae9 Mon Sep 17 00:00:00 2001
shann@12476 6 From: Florian Weimer <fweimer@redhat.com>
shann@12476 7 Date: Mon, 19 Jun 2017 18:34:53 +0200
shann@12476 8 Subject: [PATCH] CVE-2017-1000366: Ignore LD_LIBRARY_PATH for AT_SECURE=1
shann@12476 9 programs [BZ #21624]
shann@12476 10
shann@12476 11 LD_LIBRARY_PATH can only be used to reorder system search paths, which
shann@12476 12 is not useful functionality.
shann@12476 13
shann@12476 14 This makes an exploitable unbounded alloca in _dl_init_paths unreachable
shann@12476 15 for AT_SECURE=1 programs.
shann@12476 16
shann@12476 17 ---
shann@12476 18 elf/rtld.c | 3 ++-
shann@12476 19 1 file changed, 2 insertions(+), 1 deletion(-)
shann@12476 20
shann@12476 21 diff --git a/elf/rtld.c b/elf/rtld.c
shann@12476 22 index 69873c2..5043046 100644
shann@12476 23 --- a/elf/rtld.c
shann@12476 24 +++ b/elf/rtld.c
shann@12476 25 @@ -2441,7 +2441,8 @@ process_envvars (enum mode *modep)
shann@12476 26
shann@12476 27 case 12:
shann@12476 28 /* The library search path. */
shann@12476 29 - if (memcmp (envline, "LIBRARY_PATH", 12) == 0)
shann@12476 30 + if (!__libc_enable_secure
shann@12476 31 + && memcmp (envline, "LIBRARY_PATH", 12) == 0)
shann@12476 32 {
shann@12476 33 library_path = &envline[13];
shann@12476 34 break;
shann@12476 35 --
shann@12476 36 2.17.1
shann@12476 37