Date: Fri, 4 Dec 2009 08:15:06 +1300 From: Andrew Thompson <thompsa@nz.FreeBSD.org> To: Timo Schoeler <timo.schoeler@riscworks.net> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:16.rtld Message-ID: <20091203191506.GA24957@citylink.fud.org.nz> In-Reply-To: <4B180C40.3040001@riscworks.net> References: <200912030930.nB39UhW9038238@freefall.freebsd.org> <4B179B90.10307@netfence.it> <8ABB1EE2-4521-40EC-9E85-4A0E771D6B7F@mac.com> <200912031837.nB3IbEKB036114@catflap.bishopston.net> <4B180B03.1040405@thedarkside.nl> <4B180C40.3040001@riscworks.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Dec 03, 2009 at 08:06:40PM +0100, Timo Schoeler wrote: > On 12/03/2009 08:01 PM, Pieter de Boer wrote: > > Jamie Landeg Jones wrote: > >> > >> However, I'd still apply the patch in case some other way to exploit > >> the non-checking of the unsetenv return status crops up elsewhere. > >> > >> It can't do any harm. > > > > The problem with that is, on 6.x, unsetenv() returns 'void', so there's > > no return value to check on. > > > > On 6.x (I've looked at 6.4-RELEASE-p7, it may be different in other > > versions), the unsetenv() uses __findenv() in a while loop to remove the > > given setting. The getenv() function also uses __findenv() to find the > > given environment setting. The issue described in the advisory simply > > doesn't exist in 6(.4-RELEASE-p7). > > patch doesn't complain on the diff, but compiling gives me the following > error on 6.4-STABLE (i386): To quote the advisory "Affects: FreeBSD 7.0 and later." Andrew
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091203191506.GA24957>