Date: Tue, 01 Dec 2009 17:37:19 +0100 From: Jille Timmermans <jille@quis.cx> To: rea-fbsd@codelabs.ru Cc: freebsd-security@freebsd.org, Vasim Valejev <vasim@resume-bank.ru> Subject: Re: LD_PRELOAD temporary patch Message-ID: <4B15463F.406@quis.cx> In-Reply-To: <2l7ppaOshvDTrwINE81EpiKZPIo@HdC2pNlxoZEC2oqxdWvElH3kUBc> References: <025901ca728f$f7565340$0132a8c0@fb4e97440cc340b> <2l7ppaOshvDTrwINE81EpiKZPIo@HdC2pNlxoZEC2oqxdWvElH3kUBc>
next in thread | previous in thread | raw e-mail | index | archive | help
Eygene Ryabinkin schreef: > Good evening. > > Tue, Dec 01, 2009 at 05:09:57PM +0300, Vasim Valejev wrote: > >> I've used that patch to close the hole. This patch is temporary and >> doesn't fix real trouble maker - problem in new version in getenv() >> > > If you're talking about rtld-elf local root, then the real issue > is that return values of unsetenv() are not checked and unsetenv() > could fail, thus leaving LD_PRELOAD and friends left unmodified. > Isn't the real issue that unsetenv() works differently from getenv() ? If they both said 'your environment is crappy' there wouldn't have been a problem, would it ? If I'm correct, rtld isn't that wrong: It seems like a sane assumption to me that if you can't delete it, you can't retreive it either. (There are exceptions to this rule, like problems with freeing the memory, but that isn't a problem in this case) -- Jille > >> (after 6.3 it got changed to something monstrous and non-working right >> if environment has only one variable), >> > > Sorry, what do you mean by this? Does the attached script print 'VAR = > variable' for you as it does for me on 8.0-BETA2 (and undoubtly, on > 8.0)? If yes then getenv() works properly with a single environment > variable. Perhaps you meant something else? > > ------------------------------------------------------------------------ > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B15463F.406>