LD_PRELOAD temporary patch
Eygene Ryabinkin
rea-fbsd at codelabs.ru
Tue Dec 1 16:00:20 UTC 2009
Good evening.
Tue, Dec 01, 2009 at 05:09:57PM +0300, Vasim Valejev wrote:
> I've used that patch to close the hole. This patch is temporary and
> doesn't fix real trouble maker - problem in new version in getenv()
If you're talking about rtld-elf local root, then the real issue
is that return values of unsetenv() are not checked and unsetenv()
could fail, thus leaving LD_PRELOAD and friends left unmodified.
> (after 6.3 it got changed to something monstrous and non-working right
> if environment has only one variable),
Sorry, what do you mean by this? Does the attached script print 'VAR =
variable' for you as it does for me on 8.0-BETA2 (and undoubtly, on
8.0)? If yes then getenv() works properly with a single environment
variable. Perhaps you meant something else?
--
Eygene
_ ___ _.--. #
\`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard
/ ' ` , __.--' # to read the on-line manual
)/' _/ \ `-_, / # while single-stepping the kernel.
`-'" `"\_ ,_.-;_.-\_ ', fsc/as #
_.-'_./ {_.' ; / # -- FreeBSD Developers handbook
{_.-``-' {_/ #
More information about the freebsd-security
mailing list