LD_PRELOAD temporary patch
Jille Timmermans
jille at quis.cx
Tue Dec 1 17:10:11 UTC 2009
Eygene Ryabinkin schreef:
> Good evening.
>
> Tue, Dec 01, 2009 at 05:09:57PM +0300, Vasim Valejev wrote:
>
>> I've used that patch to close the hole. This patch is temporary and
>> doesn't fix real trouble maker - problem in new version in getenv()
>>
>
> If you're talking about rtld-elf local root, then the real issue
> is that return values of unsetenv() are not checked and unsetenv()
> could fail, thus leaving LD_PRELOAD and friends left unmodified.
>
Isn't the real issue that unsetenv() works differently from getenv() ?
If they both said 'your environment is crappy' there wouldn't have been
a problem, would it ?
If I'm correct, rtld isn't that wrong: It seems like a sane assumption
to me that if you can't delete it, you can't retreive it either. (There
are exceptions to this rule, like problems with freeing the memory, but
that isn't a problem in this case)
-- Jille
>
>> (after 6.3 it got changed to something monstrous and non-working right
>> if environment has only one variable),
>>
>
> Sorry, what do you mean by this? Does the attached script print 'VAR =
> variable' for you as it does for me on 8.0-BETA2 (and undoubtly, on
> 8.0)? If yes then getenv() works properly with a single environment
> variable. Perhaps you meant something else?
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
More information about the freebsd-security
mailing list