lib/glibc
1
0
Fork 0
mirror of https://sourceware.org/git/glibc.git synced 2025-07-29 11:41:21 +03:00
Code Activity

Update.

Browse Source 
* elf/dl-open.c (add_to_global): Remove stale comment.

	* elf/dl-load.c (fillin_rpath): In SUID binaries, don't mark
	non-system-dirs in LD_LIBRARY_PATH as nonexisting, simply drop them.
This commit is contained in:
Ulrich Drepper
2001-08-11 02:42:19 +00:00
parent dad4a4b3ef
commit 07ba734927
3 changed files with 38 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -1,5 +1,10 @@
2001-08-10 Ulrich Drepper <drepper@redhat.com> 2001-08-10 Ulrich Drepper <drepper@redhat.com>
* elf/dl-open.c (add_to_global): Remove stale comment.
* elf/dl-load.c (fillin_rpath): In SUID binaries, don't mark
non-system-dirs in LD_LIBRARY_PATH as nonexisting, simply drop them.
* libio/iovdprintf.c (_IO_vdprintf): Call __fsetlocking for temporary * libio/iovdprintf.c (_IO_vdprintf): Call __fsetlocking for temporary
stream. stream.
* libio/obprintf.c (_IO_obstack_vprintf): Likewise. * libio/obprintf.c (_IO_obstack_vprintf): Likewise.

66
elf/dl-load.c
View File

@ -396,6 +396,35 @@ fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
if (len > 0 && cp[len - 1] != '/') if (len > 0 && cp[len - 1] != '/')
cp[len++] = '/'; cp[len++] = '/';
/* Make sure we don't use untrusted directories if we run SUID. */
if (__builtin_expect (check_trusted, 0))
{
const char *trun = system_dirs;
size_t idx;
int unsecure = 1;
/* All trusted directories must be complete names. */
if (cp[0] == '/')
{
for (idx = 0; idx < nsystem_dirs_len; ++idx)
{
if (len == system_dirs_len[idx]
&& memcmp (trun, cp, len) == 0)
{
/* Found it. */
unsecure = 0;
break;
}
trun += system_dirs_len[idx] + 1;
}
}
if (unsecure)
/* Simply drop this directory. */
continue;
}
/* See if this directory is already known. */ /* See if this directory is already known. */
for (dirp = _dl_all_dirs; dirp != NULL; dirp = dirp->next) for (dirp = _dl_all_dirs; dirp != NULL; dirp = dirp->next)
if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0) if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0)
@ -434,41 +463,10 @@ fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
if (len > max_dirnamelen) if (len > max_dirnamelen)
max_dirnamelen = len; max_dirnamelen = len;
/* Make sure we don't use untrusted directories if we run SUID. */ /* We have to make sure all the relative directories are
if (__builtin_expect (check_trusted, 0)) never ignored. The current directory might change and
{ all our saved information would be void. */
const char *trun = system_dirs;
size_t idx;
/* By default we don't trust anything. */
init_val = nonexisting;
/* All trusted directories must be complete names. */
if (cp[0] == '/')
{
for (idx = 0; idx < nsystem_dirs_len; ++idx)
{
if (len == system_dirs_len[idx]
&& memcmp (trun, cp, len) == 0)
/* Found it. */
break;
trun += system_dirs_len[idx] + 1;
}
if (idx < nsystem_dirs_len)
/* It's a trusted directory so allow checking for it. */
init_val = unknown;
}
}
else
/* We don't have to check for trusted directories and can
accept everything. We have to make sure all the
relative directories are never ignored. The current
directory might change and all our saved information
would be void. */
init_val = cp[0] != '/' ? existing : unknown; init_val = cp[0] != '/' ? existing : unknown;
for (cnt = 0; cnt < ncapstr; ++cnt) for (cnt = 0; cnt < ncapstr; ++cnt)
dirp->status[cnt] = init_val; dirp->status[cnt] = init_val;

1
elf/dl-open.c
View File

@ -156,7 +156,6 @@ add_to_global (struct link_map *new)
} }
} }
/* XXX Do we have to add something to r_dupsearchlist??? --drepper */
return 0; return 0;
} }