Date: Wed, 2 Dec 2009 10:38:24 +0300 From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> To: Jille Timmermans <jille@quis.cx> Cc: freebsd-security@freebsd.org, Vasim Valejev <vasim@resume-bank.ru> Subject: Re: LD_PRELOAD temporary patch Message-ID: <tmgJWERczYloTQ2b8fjl8QgKuIA@Ll2tHa60cb%2BhiG8R4R8/VS21128> In-Reply-To: <4B15463F.406@quis.cx> References: <025901ca728f$f7565340$0132a8c0@fb4e97440cc340b> <2l7ppaOshvDTrwINE81EpiKZPIo@HdC2pNlxoZEC2oqxdWvElH3kUBc> <4B15463F.406@quis.cx>
next in thread | previous in thread | raw e-mail | index | archive | help
Jille, good day. Tue, Dec 01, 2009 at 05:37:19PM +0100, Jille Timmermans wrote: > Eygene Ryabinkin schreef: > > If you're talking about rtld-elf local root, then the real issue > > is that return values of unsetenv() are not checked and unsetenv() > > could fail, thus leaving LD_PRELOAD and friends left unmodified. > > > Isn't the real issue that unsetenv() works differently from getenv()? > If they both said 'your environment is crappy' there wouldn't have been > a problem, would it? You can't really rely on such behaviour: if you will, it will tie you to the implementation details, because standards aren't defining such interrelations (at least I can't find them: [1], [2], [3]). I think that the rule is the following: if something can return/set error value and you want to be sure that the call succeeded, you must check that value and act accorgingly. [1] http://www.opengroup.org/onlinepubs/000095399/functions/getenv.html [2] http://www.opengroup.org/onlinepubs/000095399/functions/unsetenv.html [3] http://www.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ #
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?tmgJWERczYloTQ2b8fjl8QgKuIA>