This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Don't allow attackers to inject arbitrary data into stack through LD_DEBUG
- From: Andreas Schwab <schwab at linux-m68k dot org>
- To: Alex Dowad <alexinbeijing at gmail dot com>
- Cc: libc-alpha at sourceware dot org
- Date: Mon, 10 Aug 2015 01:01:02 +0200
- Subject: Re: [PATCH] Don't allow attackers to inject arbitrary data into stack through LD_DEBUG
- Authentication-results: sourceware.org; auth=none
- References: <1439153945-22973-1-git-send-email-alexinbeijing at gmail dot com>
Alex Dowad <alexinbeijing@gmail.com> writes:
> diff --git a/elf/rtld.c b/elf/rtld.c
> index 6dcbabc..ee194a6 100644
> --- a/elf/rtld.c
> +++ b/elf/rtld.c
> @@ -2408,6 +2408,8 @@ process_dl_debug (const char *dl_debug)
> char *copy = strndupa (dl_debug, len);
> _dl_error_printf ("\
> warning: debug option `%s' unknown; try LD_DEBUG=help\n", copy);
Use %.*s instead.
Andreas.
--
Andreas Schwab, schwab@linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."