diff options
Diffstat (limited to 'media-sound/pulseaudio/files/pulseaudio-0.9.9-CVE-2009-1894.patch')
-rw-r--r-- | media-sound/pulseaudio/files/pulseaudio-0.9.9-CVE-2009-1894.patch | 64 |
1 files changed, 0 insertions, 64 deletions
diff --git a/media-sound/pulseaudio/files/pulseaudio-0.9.9-CVE-2009-1894.patch b/media-sound/pulseaudio/files/pulseaudio-0.9.9-CVE-2009-1894.patch deleted file mode 100644 index affa986d2f8d..000000000000 --- a/media-sound/pulseaudio/files/pulseaudio-0.9.9-CVE-2009-1894.patch +++ /dev/null @@ -1,64 +0,0 @@ -From fdd11d6cc0f4c75f75c62fb7d419d157ce00c956 Mon Sep 17 00:00:00 2001 -From: =?utf-8?q?Diego=20Elio=20'Flameeyes'=20Petten=C3=B2?= <flameeyes@gmail.com> -Date: Tue, 7 Jul 2009 20:51:53 +0200 -Subject: [PATCH] Remove exploitable LD_BIND_NOW hack. - -Instead of trying to re-execute pulseaudio itself with LD_BIND_NOW set, -just find the correct flag for the linker to request immediate bindings -(all ELF files support that option), and use that when linking the daemon. - -Reduce the amount of compiled and executed code as well. ---- - src/Makefile.am | 4 ++-- - src/daemon/main.c | 19 ------------------- - 2 files changed, 2 insertions(+), 21 deletions(-) - -diff --git a/src/Makefile.am b/src/Makefile.am -index 2ac4f3d..7d1c431 100644 ---- a/src/Makefile.am -+++ b/src/Makefile.am -@@ -147,9 +147,9 @@ PREOPEN_LIBS = $(modlibexec_LTLIBRARIES) - endif - - if FORCE_PREOPEN --pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f)) -+pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -Wl,-z,now -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f)) - else --pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f)) -+pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -Wl,-z,now -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f)) - endif - - if HAVE_POLKIT -diff --git a/src/daemon/main.c b/src/daemon/main.c -index 4276d1d..c788917 100644 ---- a/src/daemon/main.c -+++ b/src/daemon/main.c -@@ -340,25 +340,6 @@ int main(int argc, char *argv[]) { - #endif - - --#if defined(__linux__) && defined(__OPTIMIZE__) -- /* -- Disable lazy relocations to make usage of external libraries -- more deterministic for our RT threads. We abuse __OPTIMIZE__ as -- a check whether we are a debug build or not. -- */ -- -- if (!getenv("LD_BIND_NOW")) { -- char *rp; -- -- /* We have to execute ourselves, because the libc caches the -- * value of $LD_BIND_NOW on initialization. */ -- -- putenv(pa_xstrdup("LD_BIND_NOW=1")); -- pa_assert_se(rp = pa_readlink("/proc/self/exe")); -- pa_assert_se(execv(rp, argv) == 0); -- } --#endif -- - #ifdef HAVE_GETUID - real_root = getuid() == 0; - suid_root = !real_root && geteuid() == 0; --- -1.6.3.3 - |