diff options
author | Ulrich Drepper <drepper@redhat.com> | 2001-08-11 02:42:19 +0000 |
---|---|---|
committer | Ulrich Drepper <drepper@redhat.com> | 2001-08-11 02:42:19 +0000 |
commit | 07ba7349279441bd084c8661a4e53c19cba12bf6 (patch) | |
tree | a4023b82f5897fee2563fc81bffd09942854ee7d | |
parent | dad4a4b3ef5b920e7f60cc0410a0c74453327ef7 (diff) | |
download | glibc-07ba7349279441bd084c8661a4e53c19cba12bf6.tar.gz glibc-07ba7349279441bd084c8661a4e53c19cba12bf6.tar.xz glibc-07ba7349279441bd084c8661a4e53c19cba12bf6.zip |
Update.
* elf/dl-open.c (add_to_global): Remove stale comment. * elf/dl-load.c (fillin_rpath): In SUID binaries, don't mark non-system-dirs in LD_LIBRARY_PATH as nonexisting, simply drop them.
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | elf/dl-load.c | 68 | ||||
-rw-r--r-- | elf/dl-open.c | 1 |
3 files changed, 38 insertions, 36 deletions
diff --git a/ChangeLog b/ChangeLog index 41c5cb943a..2fac8704ae 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,10 @@ 2001-08-10 Ulrich Drepper <drepper@redhat.com> + * elf/dl-open.c (add_to_global): Remove stale comment. + + * elf/dl-load.c (fillin_rpath): In SUID binaries, don't mark + non-system-dirs in LD_LIBRARY_PATH as nonexisting, simply drop them. + * libio/iovdprintf.c (_IO_vdprintf): Call __fsetlocking for temporary stream. * libio/obprintf.c (_IO_obstack_vprintf): Likewise. diff --git a/elf/dl-load.c b/elf/dl-load.c index b9ef523b49..d72ba64a3f 100644 --- a/elf/dl-load.c +++ b/elf/dl-load.c @@ -396,6 +396,35 @@ fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep, if (len > 0 && cp[len - 1] != '/') cp[len++] = '/'; + /* Make sure we don't use untrusted directories if we run SUID. */ + if (__builtin_expect (check_trusted, 0)) + { + const char *trun = system_dirs; + size_t idx; + int unsecure = 1; + + /* All trusted directories must be complete names. */ + if (cp[0] == '/') + { + for (idx = 0; idx < nsystem_dirs_len; ++idx) + { + if (len == system_dirs_len[idx] + && memcmp (trun, cp, len) == 0) + { + /* Found it. */ + unsecure = 0; + break; + } + + trun += system_dirs_len[idx] + 1; + } + } + + if (unsecure) + /* Simply drop this directory. */ + continue; + } + /* See if this directory is already known. */ for (dirp = _dl_all_dirs; dirp != NULL; dirp = dirp->next) if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0) @@ -434,41 +463,10 @@ fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep, if (len > max_dirnamelen) max_dirnamelen = len; - /* Make sure we don't use untrusted directories if we run SUID. */ - if (__builtin_expect (check_trusted, 0)) - { - const char *trun = system_dirs; - size_t idx; - - /* By default we don't trust anything. */ - init_val = nonexisting; - - /* All trusted directories must be complete names. */ - if (cp[0] == '/') - { - for (idx = 0; idx < nsystem_dirs_len; ++idx) - { - if (len == system_dirs_len[idx] - && memcmp (trun, cp, len) == 0) - /* Found it. */ - break; - - trun += system_dirs_len[idx] + 1; - } - - if (idx < nsystem_dirs_len) - /* It's a trusted directory so allow checking for it. */ - init_val = unknown; - } - } - else - /* We don't have to check for trusted directories and can - accept everything. We have to make sure all the - relative directories are never ignored. The current - directory might change and all our saved information - would be void. */ - init_val = cp[0] != '/' ? existing : unknown; - + /* We have to make sure all the relative directories are + never ignored. The current directory might change and + all our saved information would be void. */ + init_val = cp[0] != '/' ? existing : unknown; for (cnt = 0; cnt < ncapstr; ++cnt) dirp->status[cnt] = init_val; diff --git a/elf/dl-open.c b/elf/dl-open.c index ea35647e08..2f4c97b3c0 100644 --- a/elf/dl-open.c +++ b/elf/dl-open.c @@ -156,7 +156,6 @@ add_to_global (struct link_map *new) } } - /* XXX Do we have to add something to r_dupsearchlist??? --drepper */ return 0; } |