packages/glibc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ldconfig: avoid leak on empty paths in config file

Browse Source 
Signed-off-by: Lv Ying <lvying6@huawei.com>
(cherry picked from commit 370dee5c64d358049a76aedee5dddaef2b52bfc3)
This commit is contained in:
Lv Ying 2021-08-31 10:24:21 +08:00 committed by openeuler-sync-bot
parent 116cd38766
commit 4caae5cebe
2 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
backport-ldconfig-avoid-leak-on-empty-paths-in-config-file.patch Normal file
View File

@ -0,0 +1,33 @@
From 05d3f389a4387d293924cba1fd16b1b1324f4ca2 Mon Sep 17 00:00:00 2001
From: Siddhesh Poyarekar <siddhesh@sourceware.org>
Date: Tue, 3 Aug 2021 21:10:10 +0530
Subject: [PATCH] ldconfig: avoid leak on empty paths in config file
reference: https://sourceware.org/git/?p=glibc.git;a=commit;h=b0234d79e7d82475d1666f25326ec045c045b3ed
conflict: context add_dir is different from add_dir_1
Reviewed-by: Arjun Shankar <arjun@redhat.com>
---
elf/ldconfig.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/elf/ldconfig.c b/elf/ldconfig.c
index be87bb383dac..3f0fb84bb01b 100644
--- a/elf/ldconfig.c
+++ b/elf/ldconfig.c
@@ -402,7 +402,11 @@ add_dir (const char *line)
entry->path[--i] = '\0';
if (i == 0)
- return;
+ {
+ free (entry->path);
+ free (entry);
+ return;
+ }
char *path = entry->path;
if (opt_chroot)
--
2.18.4

7
glibc.spec
View File

@ -59,7 +59,7 @@
##############################################################################
Name: glibc
Version: 2.28
Release: 76
Release: 77
Summary: The GNU libc libraries
License: %{all_license}
URL: http://www.gnu.org/software/glibc/
@ -135,6 +135,7 @@ Patch51: backport-ldconfig-Fix-memory-leaks.patch
Patch52: backport-_dl_exception_create_format-Add-missing-va_end.patch
Patch53: backport-CVE-2021-38604-0001-librt-add-test-bug-28213.patch
Patch54: backport-CVE-2021-38604-0002-librt-fix-null-pointer-deference.patch
Patch55: backport-ldconfig-avoid-leak-on-empty-paths-in-config-file.patch
Provides: ldconfig rtld(GNU_HASH) bundled(gnulib)
@ -1159,6 +1160,10 @@ fi
%doc hesiod/README.hesiod
%changelog
* Tue Aug 31 2021 Lv Ying<lvying6@huawei.com> - 2.28-77
- ldconfig: avoid leak on empty paths in config file
https://sourceware.org/git/?p=glibc.git;a=commit;h=b0234d79e7d82475d1666f25326ec045c045b3ed
* Wed Aug 25 2021 Qingqing Li<liqingqing3@huawei.com> - 2.28-76
- fix CVE-2021-38604
https://sourceware.org/bugzilla/show_bug.cgi?id=28213