Attachment 197130 Details for Bug 276986 – pulseaudio-0.9.16-Remove-exploitable-LD_BIND_NOW-hack.patch

[patch] pulseaudio-0.9.16-Remove-exploitable-LD_BIND_NOW-hack.patch

pulseaudio-0.9.16-Remove-exploitable-LD_BIND_NOW-hack.patch (text/plain), 3.19 KB, created by Robert Buchholz (RETIRED) on 2009-07-07 23:37:00 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Robert Buchholz (RETIRED)

Created: 2009-07-07 23:37:00 UTC

Size: 3.19 KB

patch

obsolete

>From fdd11d6cc0f4c75f75c62fb7d419d157ce00c956 Mon Sep 17 00:00:00 2001
>From: =?utf-8?q?Diego=20Elio=20'Flameeyes'=20Petten=C3=B2?= <flameeyes@gmail.com>
>Date: Tue, 7 Jul 2009 20:51:53 +0200
>Subject: [PATCH] Remove exploitable LD_BIND_NOW hack.
>
>Instead of trying to re-execute pulseaudio itself with LD_BIND_NOW set,
>just find the correct flag for the linker to request immediate bindings
>(all ELF files support that option), and use that when linking the daemon.
>
>Reduce the amount of compiled and executed code as well.
>---
> configure.ac      |    6 ++++++
> src/Makefile.am   |    4 ++--
> src/daemon/main.c |   22 ----------------------
> 3 files changed, 8 insertions(+), 24 deletions(-)
>
>diff --git a/configure.ac b/configure.ac
>index 9c96d1c..cc7f674 100644
>--- a/configure.ac
>+++ b/configure.ac
>@@ -113,6 +113,12 @@ CC_CHECK_LDFLAGS([${tmp_ldflag}],
>     [VERSIONING_LDFLAGS='-Wl,-version-script=$(srcdir)/map-file'])
> AC_SUBST([VERSIONING_LDFLAGS])
> 
>+dnl Use immediate (now) bindings; avoids the funky re-call in itself
>+dnl  the -z now syntax is lifted from Sun's linker and works with GNU's too
>+dnl  other linkes might be added later
>+CC_CHECK_LDFLAGS([-Wl,-z,now], [IMMEDIATE_LDFLAGS="-Wl,-z,now"])
>+AC_SUBST([IMMEDIATE_LDFLAGS])
>+
> dnl Check for the proper way to build libraries that have no undefined
> dnl symbols; on some hosts this needs to be avoided but the macro
> dnl takes care of it.
>diff --git a/src/Makefile.am b/src/Makefile.am
>index 7ebf1f8..ac627c8 100644
>--- a/src/Makefile.am
>+++ b/src/Makefile.am
>@@ -183,9 +183,9 @@ PREOPEN_LIBS = $(modlibexec_LTLIBRARIES)
> endif
> 
> if FORCE_PREOPEN
>-pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f))
>+pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f))
> else
>-pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f))
>+pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f))
> endif
> 
> ###################################
>diff --git a/src/daemon/main.c b/src/daemon/main.c
>index eb378d2..0f6fc90 100644
>--- a/src/daemon/main.c
>+++ b/src/daemon/main.c
>@@ -401,28 +401,6 @@ int main(int argc, char *argv[]) {
>     pa_log_set_level(PA_LOG_NOTICE);
>     pa_log_set_flags(PA_LOG_COLORS|PA_LOG_PRINT_FILE|PA_LOG_PRINT_LEVEL, PA_LOG_RESET);
> 
>-#if defined(__linux__) && defined(__OPTIMIZE__)
>-    /*
>-       Disable lazy relocations to make usage of external libraries
>-       more deterministic for our RT threads. We abuse __OPTIMIZE__ as
>-       a check whether we are a debug build or not.
>-    */
>-
>-    if (!getenv("LD_BIND_NOW")) {
>-        char *rp;
>-
>-        /* We have to execute ourselves, because the libc caches the
>-         * value of $LD_BIND_NOW on initialization. */
>-
>-        pa_set_env("LD_BIND_NOW", "1");
>-
>-        if ((rp = pa_readlink("/proc/self/exe")))
>-            pa_assert_se(execv(rp, argv) == 0);
>-        else
>-            pa_log_warn("Couldn't read /proc/self/exe, cannot self execute. Running in a chroot()?");
>-    }
>-#endif
>-
>     if ((e = getenv("PULSE_PASSED_FD"))) {
>         passed_fd = atoi(e);
> 
>-- 
>1.6.3.3
>

Actions: View | Diff

Attachments on bug 276986: 197128 | 197130 | 197344