FreeBSD Security Advisory FreeBSD-SA-09:16.rtld
Timo Schoeler
timo.schoeler at riscworks.net
Thu Dec 3 19:32:48 UTC 2009
On 12/03/2009 08:15 PM, Andrew Thompson wrote:
> On Thu, Dec 03, 2009 at 08:06:40PM +0100, Timo Schoeler wrote:
>> On 12/03/2009 08:01 PM, Pieter de Boer wrote:
>>> Jamie Landeg Jones wrote:
>>>>
>>>> However, I'd still apply the patch in case some other way to exploit
>>>> the non-checking of the unsetenv return status crops up elsewhere.
>>>>
>>>> It can't do any harm.
>>>
>>> The problem with that is, on 6.x, unsetenv() returns 'void', so there's
>>> no return value to check on.
>>>
>>> On 6.x (I've looked at 6.4-RELEASE-p7, it may be different in other
>>> versions), the unsetenv() uses __findenv() in a while loop to remove the
>>> given setting. The getenv() function also uses __findenv() to find the
>>> given environment setting. The issue described in the advisory simply
>>> doesn't exist in 6(.4-RELEASE-p7).
>>
>> patch doesn't complain on the diff, but compiling gives me the following
>> error on 6.4-STABLE (i386):
>
> To quote the advisory
>
> "Affects: FreeBSD 7.0 and later."
i) there was not a big discussion on this list
ii) humans are impeccable
More information about the freebsd-security
mailing list