GNU C Library master sources branch, fedora/2.12/master, updated. fedora/glibc-2.12-3-17-g5ee956f

schwab@sourceware.org schwab@sourceware.org
Tue Oct 19 14:45:00 GMT 2010


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, fedora/2.12/master has been updated
       via  5ee956f94120182a02fcc0db1e33e2f54d72ce56 (commit)
       via  2232b90f0bd3a41b4d63cac98a5b60abbfaccd46 (commit)
       via  d0c2399f06367a52fa8bde54ccf7cd6e9b6f331a (commit)
       via  fc0ed7b647474cdd16efe8cbbc9eb9ccf8a7b3c8 (commit)
       via  e6620c0a4451cd24e04b9cc12d462c54b914503f (commit)
       via  b422509e58a21f1343e49f6f52e224520fab98a1 (commit)
      from  49f6afe59ae6d8cb88e0dd821ff284ede16e28a6 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://sources.redhat.com/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=5ee956f94120182a02fcc0db1e33e2f54d72ce56

commit 5ee956f94120182a02fcc0db1e33e2f54d72ce56
Author: Andreas Schwab <schwab@redhat.com>
Date:   Tue Oct 19 15:40:43 2010 +0200

    2.12.1-3

diff --git a/fedora/glibc.spec.in b/fedora/glibc.spec.in
index f5ac3f1..9a13fea 100644
--- a/fedora/glibc.spec.in
+++ b/fedora/glibc.spec.in
@@ -20,7 +20,7 @@
 Summary: The GNU libc libraries
 Name: glibc
 Version: %{glibcversion}
-Release: 2
+Release: 3
 # GPLv2+ is used in a bunch of programs, LGPLv2+ is used for libraries.
 # Things that are linked directly into dynamically linked programs
 # and shared libraries (e.g. crt files, lib*_nonshared.a) have an additional
@@ -1028,6 +1028,13 @@ rm -f *.filelist*
 %endif
 
 %changelog
+* Tue Oct 19 2010 Andreas Schwab <schwab@redhat.com> - 2.12.1-3
+- Update from 2.12 branch
+  - Fix strstr and memmem algorithm (BZ#12092, #641124)
+  - Fix handling of tail bytes of buffer in SSE2/SSSE3 x86-64 version
+    strncmp (BZ#12077)
+- Never expand $ORIGIN in privileged programs (#643306, CVE-2010-3847)
+
 * Fri Aug 20 2010 Andreas Schwab <schwab@redhat.com> - 2.12.1-2
 - Update from 2.12 branch
   - Fix ifunc thunk for strspn on x86 in static libc

http://sources.redhat.com/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=2232b90f0bd3a41b4d63cac98a5b60abbfaccd46

commit 2232b90f0bd3a41b4d63cac98a5b60abbfaccd46
Author: Andreas Schwab <schwab@redhat.com>
Date:   Mon Oct 18 11:46:00 2010 +0200

    Never expand $ORIGIN in privileged programs

diff --git a/ChangeLog b/ChangeLog
index 9ac682b..a9ac1f0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2010-10-18  Andreas Schwab  <schwab@redhat.com>
+
+	* elf/dl-load.c (is_dst): Remove last parameter.
+	(_dl_dst_count): Ignore $ORIGIN in privileged programs.
+	(_dl_dst_substitute): Likewise.
+
 2010-10-06  Ulrich Drepper  <drepper@gmail.com>
 
 	* string/bug-strstr1.c: New file.
diff --git a/elf/dl-load.c b/elf/dl-load.c
index 0adddf5..1cc6f25 100644
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -169,8 +169,7 @@ local_strdup (const char *s)
 
 
 static size_t
-is_dst (const char *start, const char *name, const char *str,
-	int is_path, int secure)
+is_dst (const char *start, const char *name, const char *str, int is_path)
 {
   size_t len;
   bool is_curly = false;
@@ -199,11 +198,6 @@ is_dst (const char *start, const char *name, const char *str,
 	   && (!is_path || name[len] != ':'))
     return 0;
 
-  if (__builtin_expect (secure, 0)
-      && ((name[len] != '\0' && (!is_path || name[len] != ':'))
-	  || (name != start + 1 && (!is_path || name[-2] != ':'))))
-    return 0;
-
   return len;
 }
 
@@ -218,13 +212,12 @@ _dl_dst_count (const char *name, int is_path)
     {
       size_t len;
 
-      /* $ORIGIN is not expanded for SUID/GUID programs (except if it
-	 is $ORIGIN alone) and it must always appear first in path.  */
+      /* $ORIGIN is not expanded for SUID/GUID programs.  */
       ++name;
-      if ((len = is_dst (start, name, "ORIGIN", is_path,
-			 INTUSE(__libc_enable_secure))) != 0
-	  || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0
-	  || (len = is_dst (start, name, "LIB", is_path, 0)) != 0)
+      if (((len = is_dst (start, name, "ORIGIN", is_path)) != 0
+	   && !INTUSE(__libc_enable_secure))
+	  || (len = is_dst (start, name, "PLATFORM", is_path)) != 0
+	  || (len = is_dst (start, name, "LIB", is_path)) != 0)
 	++cnt;
 
       name = strchr (name + len, '$');
@@ -256,9 +249,12 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result,
 	  size_t len;
 
 	  ++name;
-	  if ((len = is_dst (start, name, "ORIGIN", is_path,
-			     INTUSE(__libc_enable_secure))) != 0)
+	  if ((len = is_dst (start, name, "ORIGIN", is_path)) != 0)
 	    {
+	      /* Ignore this path element in SUID/SGID programs.  */
+	      if (INTUSE(__libc_enable_secure))
+		repl = (const char *) -1;
+	      else
 #ifndef SHARED
 	      if (l == NULL)
 		repl = _dl_get_origin ();
@@ -266,9 +262,9 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result,
 #endif
 		repl = l->l_origin;
 	    }
-	  else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0)
+	  else if ((len = is_dst (start, name, "PLATFORM", is_path)) != 0)
 	    repl = GLRO(dl_platform);
-	  else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0)
+	  else if ((len = is_dst (start, name, "LIB", is_path)) != 0)
 	    repl = DL_DST_LIB;
 
 	  if (repl != NULL && repl != (const char *) -1)

http://sources.redhat.com/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=d0c2399f06367a52fa8bde54ccf7cd6e9b6f331a

commit d0c2399f06367a52fa8bde54ccf7cd6e9b6f331a
Merge: 49f6afe fc0ed7b
Author: Andreas Schwab <schwab@redhat.com>
Date:   Fri Oct 8 13:26:45 2010 +0200

    Merge remote branch 'origin/release/2.12/master' into fedora/2.12/master


-----------------------------------------------------------------------

Summary of changes:
 ChangeLog               |   25 ++++++++
 elf/dl-load.c           |   30 ++++------
 fedora/glibc.spec.in    |    9 +++-
 string/Makefile         |    4 +-
 string/bug-strstr1.c    |   26 +++++++++
 string/str-two-way.h    |    2 +-
 string/stratcliff.c     |  144 +++++++++++++++++++++++++++++++++++------------
 sysdeps/x86_64/strcmp.S |   32 +++++-----
 wcsmbs/wcsatcliff.c     |    2 +
 9 files changed, 201 insertions(+), 73 deletions(-)
 create mode 100644 string/bug-strstr1.c


hooks/post-receive
-- 
GNU C Library master sources



More information about the Glibc-cvs mailing list