gnu/packages/patches/glibc-CVE-2017-1000366-pt1.patch

   1 From f6110a8fee2ca36f8e2d2abecf3cba9fa7b8ea7d Mon Sep 17 00:00:00 2001
   2 From: Florian Weimer <fweimer@redhat.com>
   3 Date: Mon, 19 Jun 2017 17:09:55 +0200
   4 Subject: [PATCH] CVE-2017-1000366: Ignore LD_LIBRARY_PATH for AT_SECURE=1
   5  programs [BZ #21624]
   6
   7 LD_LIBRARY_PATH can only be used to reorder system search paths, which
   8 is not useful functionality.
   9
  10 This makes an exploitable unbounded alloca in _dl_init_paths unreachable
  11 for AT_SECURE=1 programs.
  12
  13 patch from:
  14 https://sourceware.org/git/?p=glibc.git;a=commit;h=f6110a8fee2ca36f8e2d2abecf3cba9fa7b8ea7d
  15 ---
  16  ChangeLog  | 7 +++++++
  17  elf/rtld.c | 3 ++-
  18  2 files changed, 9 insertions(+), 1 deletion(-)
  19
  20 diff --git a/elf/rtld.c b/elf/rtld.c
  21 index 2446a87..2269dbe 100644
  22 --- a/elf/rtld.c
  23 +++ b/elf/rtld.c
  24 @@ -2422,7 +2422,8 @@ process_envvars (enum mode *modep)
  25
  26         case 12:
  27           /* The library search path.  */
  28 -         if (memcmp (envline, "LIBRARY_PATH", 12) == 0)
  29 +         if (!__libc_enable_secure
  30 +             && memcmp (envline, "LIBRARY_PATH", 12) == 0)
  31             {
  32               library_path = &envline[13];
  33               break;
  34 --
  35 2.9.3
  36