This is the mail archive of the glibc-cvs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

GNU C Library master sources branch master updated. glibc-2.25-513-gf6110a8

From: fw at sourceware dot org
To: glibc-cvs at sourceware dot org
Date: 19 Jun 2017 16:27:55 -0000
Subject: GNU C Library master sources branch master updated. glibc-2.25-513-gf6110a8

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  f6110a8fee2ca36f8e2d2abecf3cba9fa7b8ea7d (commit)
      from  b08a6a0dea63742313ed3d9577c1e2d83436b196 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=f6110a8fee2ca36f8e2d2abecf3cba9fa7b8ea7d

commit f6110a8fee2ca36f8e2d2abecf3cba9fa7b8ea7d
Author: Florian Weimer <fweimer@redhat.com>
Date:   Mon Jun 19 17:09:55 2017 +0200

    CVE-2017-1000366: Ignore LD_LIBRARY_PATH for AT_SECURE=1 programs [BZ #21624]
    
    LD_LIBRARY_PATH can only be used to reorder system search paths, which
    is not useful functionality.
    
    This makes an exploitable unbounded alloca in _dl_init_paths unreachable
    for AT_SECURE=1 programs.

diff --git a/ChangeLog b/ChangeLog
index 90439b8..3b61f16 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2017-06-19  Florian Weimer  <fweimer@redhat.com>
+
+	[BZ #21624]
+	CVE-2017-1000366
+	* elf/rtld.c (process_envvars): Ignore LD_LIBRARY_PATH for
+	__libc_enable_secure.
+
 2017-06-19  Stefan Liebler  <stli@linux.vnet.ibm.com>
 
 	[BZ #21539]
diff --git a/elf/rtld.c b/elf/rtld.c
index 2446a87..2269dbe 100644
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -2422,7 +2422,8 @@ process_envvars (enum mode *modep)
 
 	case 12:
 	  /* The library search path.  */
-	  if (memcmp (envline, "LIBRARY_PATH", 12) == 0)
+	  if (!__libc_enable_secure
+	      && memcmp (envline, "LIBRARY_PATH", 12) == 0)
 	    {
 	      library_path = &envline[13];
 	      break;

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog  |    7 +++++++
 elf/rtld.c |    3 ++-
 2 files changed, 9 insertions(+), 1 deletions(-)


hooks/post-receive
-- 
GNU C Library master sources

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]