wok-current diff glibc/stuff/CVE-2025-4802.patch @ rev 25775
Patch glibc (CVE-2025-4802)
| author | Stanislas Leduc <shann@slitaz.org> |
|---|---|
| date | Thu May 22 19:19:31 2025 +0000 (5 months ago) |
| parents | |
| children | e92a5b32321f |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/glibc/stuff/CVE-2025-4802.patch Thu May 22 19:19:31 2025 +0000 1.3 @@ -0,0 +1,87 @@ 1.4 +From 5451fa962cd0a90a0e2ec1d8910a559ace02bba0 Mon Sep 17 00:00:00 2001 1.5 +From: Adhemerval Zanella <adhemerval.zanella@linaro.org> 1.6 +Date: Mon, 6 Nov 2023 17:25:49 -0300 1.7 +Subject: elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static 1.8 + 1.9 +It mimics the ld.so behavior. 1.10 + 1.11 +Checked on x86_64-linux-gnu. 1.12 +Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org> 1.13 +Adjust for backport to glibc 2.28 1.14 +--- 1.15 + elf/dl-support.c | 32 ++++++++++++++++---------------- 1.16 + 1 file changed, 16 insertions(+), 16 deletions(-) 1.17 + 1.18 +diff --git a/elf/dl-support.c b/elf/dl-support.c 1.19 +index 31a608df87..837fa1c836 100644 1.20 +--- a/elf/dl-support.c 1.21 ++++ b/elf/dl-support.c 1.22 +@@ -317,12 +317,34 @@ 1.23 + if (HP_SMALL_TIMING_AVAIL) 1.24 + HP_TIMING_NOW (_dl_cpuclock_offset); 1.25 + 1.26 +- _dl_verbose = *(getenv ("LD_WARN") ?: "") == '\0' ? 0 : 1; 1.27 +- 1.28 + /* Set up the data structures for the system-supplied DSO early, 1.29 + so they can influence _dl_init_paths. */ 1.30 + setup_vdso (NULL, NULL); 1.31 + 1.32 ++ if (__libc_enable_secure) 1.33 ++ { 1.34 ++ static const char unsecure_envvars[] = 1.35 ++ UNSECURE_ENVVARS 1.36 ++#ifdef EXTRA_UNSECURE_ENVVARS 1.37 ++ EXTRA_UNSECURE_ENVVARS 1.38 ++#endif 1.39 ++ ; 1.40 ++ const char *cp = unsecure_envvars; 1.41 ++ 1.42 ++ while (cp < unsecure_envvars + sizeof (unsecure_envvars)) 1.43 ++ { 1.44 ++ __unsetenv (cp); 1.45 ++ cp = (const char *) __rawmemchr (cp, '\0') + 1; 1.46 ++ } 1.47 ++ 1.48 ++#if !HAVE_TUNABLES 1.49 ++ if (__access ("/etc/suid-debug", F_OK) != 0) 1.50 ++ __unsetenv ("MALLOC_CHECK_"); 1.51 ++#endif 1.52 ++ } 1.53 ++ 1.54 ++ _dl_verbose = *(getenv ("LD_WARN") ?: "") == '\0' ? 0 : 1; 1.55 ++ 1.56 + /* Initialize the data structures for the search paths for shared 1.57 + objects. */ 1.58 + _dl_init_paths (getenv ("LD_LIBRARY_PATH")); 1.59 +@@ -340,28 +362,6 @@ 1.60 + if (_dl_profile_output == NULL || _dl_profile_output[0] == '\0') 1.61 + _dl_profile_output 1.62 + = &"/var/tmp\0/var/profile"[__libc_enable_secure ? 9 : 0]; 1.63 +- 1.64 +- if (__libc_enable_secure) 1.65 +- { 1.66 +- static const char unsecure_envvars[] = 1.67 +- UNSECURE_ENVVARS 1.68 +-#ifdef EXTRA_UNSECURE_ENVVARS 1.69 +- EXTRA_UNSECURE_ENVVARS 1.70 +-#endif 1.71 +- ; 1.72 +- const char *cp = unsecure_envvars; 1.73 +- 1.74 +- while (cp < unsecure_envvars + sizeof (unsecure_envvars)) 1.75 +- { 1.76 +- __unsetenv (cp); 1.77 +- cp = (const char *) __rawmemchr (cp, '\0') + 1; 1.78 +- } 1.79 +- 1.80 +-#if !HAVE_TUNABLES 1.81 +- if (__access ("/etc/suid-debug", F_OK) != 0) 1.82 +- __unsetenv ("MALLOC_CHECK_"); 1.83 +-#endif 1.84 +- } 1.85 + 1.86 + #ifdef DL_PLATFORM_INIT 1.87 + DL_PLATFORM_INIT; 1.88 + 1.89 +-- 1.90 +cgit