packages/glibc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[backport]rtld: copy terminating null in tunables_strdup (bug 28256)

Browse Source 
Signed-off-by: Lv Ying <lvying6@huawei.com>
(cherry picked from commit ff7eb18d6c589301f4c58dc8ef176901e97eed70)
This commit is contained in:
Lv Ying 2021-09-29 11:45:34 +08:00 committed by openeuler-sync-bot
parent 36856ae4f3
commit 0d74df5e58
2 changed files with 34 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
backport-rtld-copy-terminating-null-in-tunables_strdup-bug-28.patch Normal file
View File

@ -0,0 +1,28 @@
From ef8e2a0633bb701a89dd4967e1a87dc33bb7032c Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@linux-m68k.org>
Date: Mon, 23 Aug 2021 10:19:52 +0200
Subject: [PATCH] rtld: copy terminating null in tunables_strdup (bug 28256)
Avoid triggering a false positive from valgrind by copying the terminating
null in tunables_strdup. At this point the heap is still clean, but
valgrind is stricter here.
---
elf/dl-tunables.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c
index 4c9d36e39807..2494a4826af2 100644
--- a/elf/dl-tunables.c
+++ b/elf/dl-tunables.c
@@ -52,8 +52,6 @@ tunables_strdup (const char *in)
if (out == (void *)-1)
return NULL;
- i--;
-
while (i-- > 0)
out[i] = in[i];
--
2.18.4

7
glibc.spec
View File

@ -59,7 +59,7 @@
############################################################################## ##############################################################################
Name: glibc Name: glibc
Version: 2.28 Version: 2.28
Release: 77 Release: 78
Summary: The GNU libc libraries Summary: The GNU libc libraries
License: %{all_license} License: %{all_license}
URL: http://www.gnu.org/software/glibc/ URL: http://www.gnu.org/software/glibc/
@ -136,6 +136,7 @@ Patch52: backport-_dl_exception_create_format-Add-missing-va_end.patch
Patch53: backport-CVE-2021-38604-0001-librt-add-test-bug-28213.patch Patch53: backport-CVE-2021-38604-0001-librt-add-test-bug-28213.patch
Patch54: backport-CVE-2021-38604-0002-librt-fix-null-pointer-deference.patch Patch54: backport-CVE-2021-38604-0002-librt-fix-null-pointer-deference.patch
Patch55: backport-ldconfig-avoid-leak-on-empty-paths-in-config-file.patch Patch55: backport-ldconfig-avoid-leak-on-empty-paths-in-config-file.patch
Patch56: backport-rtld-copy-terminating-null-in-tunables_strdup-bug-28.patch
Provides: ldconfig rtld(GNU_HASH) bundled(gnulib) Provides: ldconfig rtld(GNU_HASH) bundled(gnulib)
@ -1160,6 +1161,10 @@ fi
%doc hesiod/README.hesiod %doc hesiod/README.hesiod
%changelog %changelog
* Wed Sep 29 2021 Lv Ying<lvying6@huawei.com> - 2.28-78
- ldconfig: avoid leak on empty paths in config file
https://sourceware.org/git/?p=glibc.git;a=commit;h=a4f5a3103fc3e7974dbe35b411cba9f670807cde
* Tue Aug 31 2021 Lv Ying<lvying6@huawei.com> - 2.28-77 * Tue Aug 31 2021 Lv Ying<lvying6@huawei.com> - 2.28-77
- ldconfig: avoid leak on empty paths in config file - ldconfig: avoid leak on empty paths in config file
https://sourceware.org/git/?p=glibc.git;a=commit;h=b0234d79e7d82475d1666f25326ec045c045b3ed https://sourceware.org/git/?p=glibc.git;a=commit;h=b0234d79e7d82475d1666f25326ec045c045b3ed