diff options
| author | Florian Weimer <fweimer@redhat.com> | 2014-06-11 23:12:52 +0200 |
|---|---|---|
| committer | Florian Weimer <fweimer@redhat.com> | 2014-06-11 23:13:42 +0200 |
| commit | 89e435f3559c53084498e9baad22172b64429362 (patch) | |
| tree | 6bd069da0346ea8cb18e506b8e10252bc3a8b33a /ChangeLog | |
| parent | c3a2ebe1f7541cc35937621e08c28ff88afd0845 (diff) | |
| download | glibc-89e435f3559c53084498e9baad22172b64429362.zip glibc-89e435f3559c53084498e9baad22172b64429362.tar.gz glibc-89e435f3559c53084498e9baad22172b64429362.tar.bz2 | |
posix_spawn_file_actions_addopen needs to copy the path argument (BZ 17048)
POSIX requires that we make a copy, so we allocate a new string
and free it in posix_spawn_file_actions_destroy.
Reported by David Reid, Alex Gaynor, and Glyph Lefkowitz. This bug
may have security implications.
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 13 |
1 files changed, 13 insertions, 0 deletions
@@ -1,3 +1,16 @@ +2014-06-11 Florian Weimer <fweimer@redhat.com> + + [BZ #17048] + * posix/spawn_int.h (struct __spawn_action): Make the path string + non-const to support deallocation. + * posix/spawn_faction_addopen.c + (posix_spawn_file_actions_addopen): Make a copy of the pathname. + * posix/spawn_faction_destroy.c + (posix_spawn_file_actions_destroy): Adjust comment. Deallocate + path in all spawn_do_open actions. + * posix/tst-spawn.c (do_test): Exercise the copy operation in + posix_spawn_file_actions_addopen. + 2014-06-11 Chris Metcalf <cmetcalf@tilera.com> * sysdeps/unix/sysv/linux/tile/pt-vfork.c: New file. |