This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/17715] New: Robustify TZ file parser and reduce attack surface
- From: "fweimer at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Mon, 15 Dec 2014 18:45:20 +0000
- Subject: [Bug libc/17715] New: Robustify TZ file parser and reduce attack surface
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=17715
Bug ID: 17715
Summary: Robustify TZ file parser and reduce attack surface
Product: glibc
Version: 2.21
URL: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=7727
05
Status: NEW
Severity: normal
Priority: P2
Component: libc
Assignee: unassigned at sourceware dot org
Reporter: fweimer at redhat dot com
CC: drepper.fsp at gmail dot com
Flags: security+
Created attachment 8016
--> https://sourceware.org/bugzilla/attachment.cgi?id=8016&action=edit
crashtz
After this Debian bug report,
<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772705>
we should clean up the TZ file parser and investigate ways to reduce its attack
surface. For example, POSIX does not require that an absolute path can be
specified in the TZ environment variable. We already clear TZDIR in AT_SECURE
mode, so accepting absolute files here may be a glibc bug (like the directory
traversal in the locale code, bug 17137).
--
You are receiving this mail because:
You are on the CC list for the bug.