This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Missing security fix in elf/dl-open.c?

From: Florian Weimer <fweimer at redhat dot com>
To: GNU C Library <libc-alpha at sourceware dot org>
Date: Tue, 24 Feb 2015 18:11:16 +0100
Subject: Missing security fix in elf/dl-open.c?
Authentication-results: sourceware.org; auth=none

Some downstreams include this hunk in their patches related to
CVE-2010-3847 and CVE-2011-0536:

Index: glibc-2.12-2-gc4ccff1/elf/dl-object.c
===================================================================
--- glibc-2.12-2-gc4ccff1.orig/elf/dl-object.c
+++ glibc-2.12-2-gc4ccff1/elf/dl-object.c
@@ -214,6 +214,9 @@ _dl_new_object (char *realname, const ch
     out:
       new->l_origin = origin;
     }
+  else if (INTUSE(__libc_enable_secure) && type == lt_executable)
+    /* The origin of a privileged program cannot be trusted.  */
+    new->l_origin = (char *) -1;

   return new;
 }

I can't find this in glibc master.  Is the hunk above needed, or is it
just hardening?

-- 
Florian Weimer / Red Hat Product Security

Follow-Ups:
- Re: Missing security fix in elf/dl-open.c?
  - From: Carlos O'Donell

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]