Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/sys-libs/glibc/files/2.3.4/glibc-sec-hotfix-20040916.patch
diff options
context:
space:
mode:
Diffstat (limited to 'sys-libs/glibc/files/2.3.4/glibc-sec-hotfix-20040916.patch')
-rw-r--r--sys-libs/glibc/files/2.3.4/glibc-sec-hotfix-20040916.patch95
1 files changed, 0 insertions, 95 deletions
diff --git a/sys-libs/glibc/files/2.3.4/glibc-sec-hotfix-20040916.patch b/sys-libs/glibc/files/2.3.4/glibc-sec-hotfix-20040916.patch
deleted file mode 100644
index 3858a0f9c9d1..000000000000
--- a/sys-libs/glibc/files/2.3.4/glibc-sec-hotfix-20040916.patch
+++ /dev/null
@@ -1,95 +0,0 @@
-diff -Nru glibc-2.3.3.old/elf/rtld.c glibc-2.3.3/elf/rtld.c
---- glibc-2.3.3.old/elf/rtld.c 2004-09-16 15:02:16.000000000 -0400
-+++ glibc-2.3.3/elf/rtld.c 2004-09-16 15:04:58.000000000 -0400
-@@ -2041,6 +2041,30 @@
- GLRO(dl_profile_output)
- = &"/var/tmp\0/var/profile"[INTUSE(__libc_enable_secure) ? 9 : 0];
-
-+ /* Extra security for SUID binaries. Remove all dangerous environment
-+ variables. */
-+ if (__builtin_expect (INTUSE(__libc_enable_secure), 0))
-+ {
-+ static const char unsecure_envvars[] =
-+#ifdef EXTRA_UNSECURE_ENVVARS
-+ EXTRA_UNSECURE_ENVVARS
-+#endif
-+ UNSECURE_ENVVARS;
-+ const char *nextp;
-+
-+ nextp = unsecure_envvars;
-+ do
-+ {
-+ unsetenv (nextp);
-+ /* We could use rawmemchr but this need not be fast. */
-+ nextp = (char *) (strchr) (nextp, '\0') + 1;
-+ }
-+ while (*nextp != '\0');
-+
-+ if (__access ("/etc/suid-debug", F_OK) != 0)
-+ unsetenv ("MALLOC_CHECK_");
-+ }
-+
- while ((envline = _dl_next_ld_env_entry (&runp)) != NULL)
- {
- size_t len = 0;
-@@ -2188,33 +2212,10 @@
- /* The caller wants this information. */
- *modep = mode;
-
-- /* Extra security for SUID binaries. Remove all dangerous environment
-- variables. */
-- if (__builtin_expect (INTUSE(__libc_enable_secure), 0))
-- {
-- static const char unsecure_envvars[] =
--#ifdef EXTRA_UNSECURE_ENVVARS
-- EXTRA_UNSECURE_ENVVARS
--#endif
-- UNSECURE_ENVVARS;
-- const char *nextp;
--
-- nextp = unsecure_envvars;
-- do
-- {
-- unsetenv (nextp);
-- /* We could use rawmemchr but this need not be fast. */
-- nextp = (char *) (strchr) (nextp, '\0') + 1;
-- }
-- while (*nextp != '\0');
--
-- if (__access ("/etc/suid-debug", F_OK) != 0)
-- unsetenv ("MALLOC_CHECK_");
-- }
- /* If we have to run the dynamic linker in debugging mode and the
- LD_DEBUG_OUTPUT environment variable is given, we write the debug
- messages to this file. */
-- else if (any_debug && debug_output != NULL)
-+ if (any_debug && debug_output != NULL)
- {
- #ifdef O_NOFOLLOW
- const int flags = O_WRONLY | O_APPEND | O_CREAT | O_NOFOLLOW;
-diff -Nru glibc-2.3.3.old/malloc/malloc.c glibc-2.3.3/malloc/malloc.c
---- glibc-2.3.3.old/malloc/malloc.c 2004-09-16 15:03:22.000000000 -0400
-+++ glibc-2.3.3/malloc/malloc.c 2004-09-16 15:04:58.000000000 -0400
-@@ -321,6 +321,10 @@
- #define assert(x) ((void)0)
- #endif
-
-+#include <abort-instr.h>
-+#ifndef ABORT_INSTRUCTION
-+#define ABORT_INSTRUCTION
-+#endif
-
- /*
- INTERNAL_SIZE_T is the word-size used for internal bookkeeping
-diff -Nru glibc-2.3.3.old/sysdeps/generic/unsecvars.h glibc-2.3.3/sysdeps/generic/unsecvars.h
---- glibc-2.3.3.old/sysdeps/generic/unsecvars.h 2004-09-16 15:03:11.000000000 -0400
-+++ glibc-2.3.3/sysdeps/generic/unsecvars.h 2004-09-16 15:04:58.000000000 -0400
-@@ -3,6 +3,8 @@
- with a '\0' explicitly. */
- #define UNSECURE_ENVVARS \
- "LD_PRELOAD\0" \
-+ "LD_DEBUG\0" \
-+ "LD_TRACE_PRELINKING\0" \
- "LD_LIBRARY_PATH\0" \
- "LD_ORIGIN_PATH\0" \
- "LD_DEBUG_OUTPUT\0" \