summaryrefslogtreecommitdiff
path: root/gnu/packages/patches/glibc-CVE-2017-1000366-pt1.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/glibc-CVE-2017-1000366-pt1.patch')
-rw-r--r--gnu/packages/patches/glibc-CVE-2017-1000366-pt1.patch36
1 files changed, 0 insertions, 36 deletions
diff --git a/gnu/packages/patches/glibc-CVE-2017-1000366-pt1.patch b/gnu/packages/patches/glibc-CVE-2017-1000366-pt1.patch
deleted file mode 100644
index 71e80968be..0000000000
--- a/gnu/packages/patches/glibc-CVE-2017-1000366-pt1.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From f6110a8fee2ca36f8e2d2abecf3cba9fa7b8ea7d Mon Sep 17 00:00:00 2001
-From: Florian Weimer <fweimer@redhat.com>
-Date: Mon, 19 Jun 2017 17:09:55 +0200
-Subject: [PATCH] CVE-2017-1000366: Ignore LD_LIBRARY_PATH for AT_SECURE=1
- programs [BZ #21624]
-
-LD_LIBRARY_PATH can only be used to reorder system search paths, which
-is not useful functionality.
-
-This makes an exploitable unbounded alloca in _dl_init_paths unreachable
-for AT_SECURE=1 programs.
-
-patch from:
-https://sourceware.org/git/?p=glibc.git;a=commit;h=f6110a8fee2ca36f8e2d2abecf3cba9fa7b8ea7d
----
- ChangeLog | 7 +++++++
- elf/rtld.c | 3 ++-
- 2 files changed, 9 insertions(+), 1 deletion(-)
-
-diff --git a/elf/rtld.c b/elf/rtld.c
-index 2446a87..2269dbe 100644
---- a/elf/rtld.c
-+++ b/elf/rtld.c
-@@ -2422,7 +2422,8 @@ process_envvars (enum mode *modep)
-
- case 12:
- /* The library search path. */
-- if (memcmp (envline, "LIBRARY_PATH", 12) == 0)
-+ if (!__libc_enable_secure
-+ && memcmp (envline, "LIBRARY_PATH", 12) == 0)
- {
- library_path = &envline[13];
- break;
---
-2.9.3
-
generated by cgit v1.2.3 (git 2.45.0) at 2024-06-12 09:48:21 +0000