This is the mail archive of the libc-hacker@sourceware.cygnus.com mailing list for the glibc project.
Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Hi! If a user runs a suid/sgid program with LD_LIBRARY_PATH set, so that all fields of it go away because they are insecure, open_path segfaults because it does not expect the path list to be empty. We can either fix open_path to use a while () {} loop instead of do {} while (), or make sure env_path_list is killed if it has 0 list. I don't think RPATH/RUNPATH can have 0 elements, so IMHO it is better not to slow down things for all 3 cases but only for LD_LIBRARY_PATH. 2000-05-22 Jakub Jelinek <jakub@redhat.com> * elf/dl-load.c (_dl_init_paths): If env_path_list has 0 elements, free it and set to (void *) -1. --- libc/elf/dl-load.c.jj Tue May 9 13:47:25 2000 +++ libc/elf/dl-load.c Mon May 22 14:43:19 2000 @@ -636,6 +636,11 @@ _dl_init_paths (const char *llp) (void) fillin_rpath (local_strdup (llp), env_path_list, ":;", __libc_enable_secure, "LD_LIBRARY_PATH", NULL); + if (env_path_list[0] == NULL) + { + free (env_path_list); + env_path_list = (void *) -1; + } } else env_path_list = (void *) -1; Jakub
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |