This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Improve DST handling (Bug 23102, Bug 21942, Bug 18018, Bug, 23259, CVE-2011-0536 ).
- From: Florian Weimer <fweimer at redhat dot com>
- To: Carlos O'Donell <carlos at redhat dot com>, GNU C Library <libc-alpha at sourceware dot org>, Andreas Schwab <schwab at suse dot de>, "Dmitry V. Levin" <ldv at altlinux dot org>
- Date: Wed, 6 Jun 2018 16:15:36 +0200
- Subject: Re: [PATCH] Improve DST handling (Bug 23102, Bug 21942, Bug 18018, Bug, 23259, CVE-2011-0536 ).
- References: <9cf43cb6-511c-ec6c-9a87-e89a467238d9@redhat.com>
On 06/06/2018 07:02 AM, Carlos O'Donell wrote:
+/* Passed the start of a DST sequence at the first '$' occurrence.
+ See the DL_DST_COUNT macro which inlines the strchr to find the
+ first occurrence of '$' and optimizes that likely case that there
+ is no DST. If there is a DST we call into _dl_dst_count to count
+ the number of DSTs. We count all known DSTs regardless of
+ __libc_enable_secure; the caller is responsible for enforcing
+ the security of the substitution rules (usually
+ _dl_dst_substitute). */
Maybe kill DL_DST_COUNT? It doesn't look useful to me.
+ /* All DSTs must follow ELF gABI rules, see is_dst (). */
+ if ((len = is_dst (name, "ORIGIN")) != 0
+ || (len = is_dst (name, "PLATFORM")) != 0
+ || (len = is_dst (name, "LIB")) != 0)
++cnt;
len is never read, so you can remove the variable.
Thanks,
Florian