diff options
author | Ulrich Drepper <drepper@redhat.com> | 2001-07-23 01:13:01 +0000 |
---|---|---|
committer | Ulrich Drepper <drepper@redhat.com> | 2001-07-23 01:13:01 +0000 |
commit | 32463b1aa6e3974e772fb984178820c2631d0283 (patch) | |
tree | a809319eba85bbda306ad335ba73ec0699a8966b | |
parent | 8d42e2e526839af70dc5ae38f18aeaf7ffe959e9 (diff) | |
download | glibc-32463b1aa6e3974e772fb984178820c2631d0283.zip glibc-32463b1aa6e3974e772fb984178820c2631d0283.tar.gz glibc-32463b1aa6e3974e772fb984178820c2631d0283.tar.bz2 |
Update.
* elf/dl-load.c (_dl_dst_count): In SUID binaries expand $ORIGIN
if it is alone.
(_dl_dst_substitute): Likewise.
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | elf/dl-load.c | 10 |
2 files changed, 10 insertions, 4 deletions
@@ -1,5 +1,9 @@ 2001-07-22 Ulrich Drepper <drepper@redhat.com> + * elf/dl-load.c (_dl_dst_count): In SUID binaries expand $ORIGIN + if it is alone. + (_dl_dst_substitute): Likewise. + * iconv/iconvconfig.c: Remove --verbose option. Comment out mcheck_verbose call. diff --git a/elf/dl-load.c b/elf/dl-load.c index 46b7d81..b9ef523 100644 --- a/elf/dl-load.c +++ b/elf/dl-load.c @@ -180,8 +180,8 @@ _dl_dst_count (const char *name, int is_path) { size_t len = 1; - /* $ORIGIN is not expanded for SUID/GUID programs and it must - always appear first in path. + /* $ORIGIN is not expanded for SUID/GUID programs (except if it + is $ORIGIN alone) and it must always appear first in path. Note that it is no bug that the string in the second and fourth `strncmp' call is longer than the sequence which is @@ -192,7 +192,8 @@ _dl_dst_count (const char *name, int is_path) || (is_path && name[7] == ':')) && (len = 7) != 0))) { - if (__builtin_expect (!__libc_enable_secure, 1) + if ((__builtin_expect (!__libc_enable_secure, 1) + || name[len] == '\0' || (is_path && name[len] == ':')) && (name == start || (is_path && name[-1] == ':'))) ++cnt; } @@ -241,7 +242,8 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result, || (is_path && name[7] == ':')) && (len = 7) != 0))) { - if (__builtin_expect (!__libc_enable_secure, 1) + if ((__builtin_expect (!__libc_enable_secure, 1) + || name[len] == '\0' || (is_path && name[len] == ':')) && (name == start || (is_path && name[-1] == ':'))) repl = l->l_origin; } |