Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 123536 Details for
Bug 183844
sys-libs/glibc: integer overflow in ld.so CVE-2007-3508
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
ignore HWCAP_MASK for suid/sgid
glibc-hwcap-mask-secure.diff (text/plain), 985 bytes, created by
Tavis Ormandy (RETIRED)
on 2007-07-01 15:30:21 UTC
(
hide
)
Description:
ignore HWCAP_MASK for suid/sgid
Filename:
MIME Type:
Creator:
Tavis Ormandy (RETIRED)
Created:
2007-07-01 15:30:21 UTC
Size:
985 bytes
patch
obsolete
>diff -ruNp elf/rtld.c elf/rtld.c >--- elf/rtld.c 2007-07-01 16:21:55.000000000 +0100 >+++ elf/rtld.c 2007-07-01 16:20:38.000000000 +0100 >@@ -2587,7 +2587,8 @@ process_envvars (enum mode *modep) > > case 10: > /* Mask for the important hardware capabilities. */ >- if (memcmp (envline, "HWCAP_MASK", 10) == 0) >+ if (!INTUSE(__libc_enable_secure) >+ && memcmp (envline, "HWCAP_MASK", 10) == 0) > GLRO(dl_hwcap_mask) = __strtoul_internal (&envline[11], NULL, > 0, 0); > break; >diff -ruNp sysdeps/generic/unsecvars.h sysdeps/generic/unsecvars.h >--- sysdeps/generic/unsecvars.h 2005-01-06 22:40:19.000000000 +0000 >+++ sysdeps/generic/unsecvars.h 2007-07-01 16:21:21.000000000 +0100 >@@ -9,6 +9,7 @@ > "LD_DEBUG\0" \ > "LD_DEBUG_OUTPUT\0" \ > "LD_DYNAMIC_WEAK\0" \ >+ "LD_HWCAP_MASK\0" \ > "LD_LIBRARY_PATH\0" \ > "LD_ORIGIN_PATH\0" \ > "LD_PRELOAD\0" \
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=123536">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 183844
: 123536
