OpenE2K
/
glibc
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

CVE-2017-1000366: Ignore LD_LIBRARY_PATH for AT_SECURE=1 programs [BZ #21624] 

LD_LIBRARY_PATH can only be used to reorder system search paths, which
is not useful functionality.

This makes an exploitable unbounded alloca in _dl_init_paths unreachable
for AT_SECURE=1 programs.
This commit is contained in:
Florian Weimer 2017-06-19 17:09:55 +02:00
parent b08a6a0dea
commit f6110a8fee
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ChangeLog
View File

@ -1,3 +1,10 @@
2017-06-19 Florian Weimer <fweimer@redhat.com>
[BZ #21624]
CVE-2017-1000366
* elf/rtld.c (process_envvars): Ignore LD_LIBRARY_PATH for
__libc_enable_secure.
2017-06-19 Stefan Liebler <stli@linux.vnet.ibm.com>
[BZ #21539]

3
elf/rtld.c
View File

@ -2422,7 +2422,8 @@ process_envvars (enum mode *modep)
case 12:
/* The library search path. */
if (memcmp (envline, "LIBRARY_PATH", 12) == 0)
if (!__libc_enable_secure
&& memcmp (envline, "LIBRARY_PATH", 12) == 0)
{
library_path = &envline[13];
break;