From owner-freebsd-security@FreeBSD.ORG Wed Dec 2 07:38:29 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A1A9E106566B for ; Wed, 2 Dec 2009 07:38:29 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id 4F6E08FC14 for ; Wed, 2 Dec 2009 07:38:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=codelabs.ru; s=two; h=Sender:In-Reply-To:Content-Type:MIME-Version:References:Reply-To:Message-ID:Subject:Cc:To:From:Date; bh=CB5OeVt2oi/c2ptFgQyT69nSPl0G+KmGJ1B3V5U6bkc=; b=TQqYa0+D9NvWLHUjwQEs+KPulvDEA760ju6s+qr+RGlh4lkMhypPVzYGT5KfXyH90+diwy6I+necXbGenm3TvndfARxQTPMMIbjZ+rbTACrJkU/r7nXxwptUV1Ak/BV1oZklTb32dNMWMk/cgPB9FKR2k7epdiy4EqeTzxD9QnjLKFPlQ1xCgAfRzLX+xcTJ46OYWUGJNgRVZUiQY08Vrlmamc3N/L+aRP+OQINf2FxS67Jy1aotXBm1Ct3S+1Wzoengrw+IezG3NOzgtzWZ9rnX5S23YpOqTblCZG5SH9rVJlX6bIzGErCzYE5e2xi2aLwcBP6LL5XxnuhT5I/NTw==; Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25]) by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1NFjn8-0009oM-Ct; Wed, 02 Dec 2009 10:38:26 +0300 Date: Wed, 2 Dec 2009 10:38:24 +0300 From: Eygene Ryabinkin To: Jille Timmermans Message-ID: References: <025901ca728f$f7565340$0132a8c0@fb4e97440cc340b> <2l7ppaOshvDTrwINE81EpiKZPIo@HdC2pNlxoZEC2oqxdWvElH3kUBc> <4B15463F.406@quis.cx> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4B15463F.406@quis.cx> Sender: rea-fbsd@codelabs.ru Cc: freebsd-security@freebsd.org, Vasim Valejev Subject: Re: LD_PRELOAD temporary patch X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: rea-fbsd@codelabs.ru List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Dec 2009 07:38:29 -0000 Jille, good day. Tue, Dec 01, 2009 at 05:37:19PM +0100, Jille Timmermans wrote: > Eygene Ryabinkin schreef: > > If you're talking about rtld-elf local root, then the real issue > > is that return values of unsetenv() are not checked and unsetenv() > > could fail, thus leaving LD_PRELOAD and friends left unmodified. > > > Isn't the real issue that unsetenv() works differently from getenv()? > If they both said 'your environment is crappy' there wouldn't have been > a problem, would it? You can't really rely on such behaviour: if you will, it will tie you to the implementation details, because standards aren't defining such interrelations (at least I can't find them: [1], [2], [3]). I think that the rule is the following: if something can return/set error value and you want to be sure that the call succeeded, you must check that value and act accorgingly. [1] http://www.opengroup.org/onlinepubs/000095399/functions/getenv.html [2] http://www.opengroup.org/onlinepubs/000095399/functions/unsetenv.html [3] http://www.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ #