diff options
author | Siddhesh Poyarekar <siddhesh@sourceware.org> | 2017-01-10 16:35:58 +0530 |
---|---|---|
committer | Siddhesh Poyarekar <siddhesh@sourceware.org> | 2017-01-10 16:35:58 +0530 |
commit | d054a81ab3a2515a45d28e6c26d2b190ff74e8ec (patch) | |
tree | 1172391755a62da02db8db79eb21598384d506a0 /nscd/nscd.conf | |
parent | cc25c8b4c1196a8c29e9a45b1e096b99a87b7f8c (diff) | |
download | glibc-d054a81ab3a2515a45d28e6c26d2b190ff74e8ec.zip glibc-d054a81ab3a2515a45d28e6c26d2b190ff74e8ec.tar.gz glibc-d054a81ab3a2515a45d28e6c26d2b190ff74e8ec.tar.bz2 |
tunables: Avoid getenv calls and disable glibc.malloc.check by default
Builds with --enable-tunables failed on i686 because a call to getenv
got snuck into tunables, which pulled in strncmp. This patch fixes
this build failure by making the glibc.malloc.check check even
simpler. The previous approach was convoluted where the tunable was
disabled using an unsetenv and overwriting the tunable value with
colons. The easier way is to simply mark the tunable as insecure by
default (i.e. won't be read for AT_SECURE programs) and then enabled
only when the /etc/suid-debug file is found.
This also ends up removing a bunch of functions that were specially
reimplemented (strlen, unsetenv) to avoid calling into string
routines.
Tested on x86_64 and i686.
* elf/dl-tunables.c (tunables_unsetenv): Remove function.
(min_strlen): Likewise.
(disable_tunable): Likewise.
(maybe_disable_malloc_check): Rename to
maybe_enable_malloc_check.
(maybe_enable_malloc_check): Enable glibc.malloc.check tunable
if /etc/suid-debug file exists.
(__tunables_init): Update caller.
* elf/dl-tunables.list (glibc.malloc.check): Don't mark as
secure.
Diffstat (limited to 'nscd/nscd.conf')
0 files changed, 0 insertions, 0 deletions