r4318 - in glibc-package/branches/glibc-branch-lenny/debian: . patches patches/any
Author: aurel32
Date: 2010-06-03 07:50:25 +0000 (Thu, 03 Jun 2010)
New Revision: 4318
Added:
glibc-package/branches/glibc-branch-lenny/debian/patches/any/cvs-ld-elf.diff
Modified:
glibc-package/branches/glibc-branch-lenny/debian/changelog
glibc-package/branches/glibc-branch-lenny/debian/patches/series
Log:
* patches/any/cvs-ld-elf.diff: fix integer signedness error in ld.so
(CVE-2010-0830).
Modified: glibc-package/branches/glibc-branch-lenny/debian/changelog
===================================================================
--- glibc-package/branches/glibc-branch-lenny/debian/changelog 2010-06-03 07:37:00 UTC (rev 4317)
+++ glibc-package/branches/glibc-branch-lenny/debian/changelog 2010-06-03 07:50:25 UTC (rev 4318)
@@ -2,6 +2,8 @@
* patches/any/cvs-mntent.diff: fix mntent newline processing error
(CVE-2010-0296).
+ * patches/any/cvs-ld-elf.diff: fix integer signedness error in ld.so
+ (CVE-2010-0830).
-- Aurelien Jarno <aurel32@debian.org> Thu, 03 Jun 2010 09:32:40 +0200
Added: glibc-package/branches/glibc-branch-lenny/debian/patches/any/cvs-ld-elf.diff
===================================================================
--- glibc-package/branches/glibc-branch-lenny/debian/patches/any/cvs-ld-elf.diff (rev 0)
+++ glibc-package/branches/glibc-branch-lenny/debian/patches/any/cvs-ld-elf.diff 2010-06-03 07:50:25 UTC (rev 4318)
@@ -0,0 +1,48 @@
+2010-01-18 Andreas Schwab <schwab@redhat.com>
+
+ * elf/dynamic-link.h (elf_get_dynamic_info): Use correct type when
+ casting d_tag.
+
+
+diff --git a/elf/dynamic-link.h b/elf/dynamic-link.h
+index dff0655..6d7e142 100644
+--- a/elf/dynamic-link.h
++++ b/elf/dynamic-link.h
+@@ -78,6 +78,11 @@
+ {
+ ElfW(Dyn) *dyn = l->l_ld;
+ ElfW(Dyn) **info;
++#if __ELF_NATIVE_CLASS == 32
++ typedef Elf32_Word d_tag_utype;
++#elif __ELF_NATIVE_CLASS == 64
++ typedef Elf64_Xword d_tag_utype;
++#endif
+
+ #ifndef RTLD_BOOTSTRAP
+ if (dyn == NULL)
+@@ -88,20 +93,20 @@
+
+ while (dyn->d_tag != DT_NULL)
+ {
+- if (dyn->d_tag < DT_NUM)
++ if ((d_tag_utype) dyn->d_tag < DT_NUM)
+ info[dyn->d_tag] = dyn;
+ else if (dyn->d_tag >= DT_LOPROC &&
+ dyn->d_tag < DT_LOPROC + DT_THISPROCNUM)
+ info[dyn->d_tag - DT_LOPROC + DT_NUM] = dyn;
+- else if ((Elf32_Word) DT_VERSIONTAGIDX (dyn->d_tag) < DT_VERSIONTAGNUM)
++ else if ((d_tag_utype) DT_VERSIONTAGIDX (dyn->d_tag) < DT_VERSIONTAGNUM)
+ info[VERSYMIDX (dyn->d_tag)] = dyn;
+- else if ((Elf32_Word) DT_EXTRATAGIDX (dyn->d_tag) < DT_EXTRANUM)
++ else if ((d_tag_utype) DT_EXTRATAGIDX (dyn->d_tag) < DT_EXTRANUM)
+ info[DT_EXTRATAGIDX (dyn->d_tag) + DT_NUM + DT_THISPROCNUM
+ + DT_VERSIONTAGNUM] = dyn;
+- else if ((Elf32_Word) DT_VALTAGIDX (dyn->d_tag) < DT_VALNUM)
++ else if ((d_tag_utype) DT_VALTAGIDX (dyn->d_tag) < DT_VALNUM)
+ info[DT_VALTAGIDX (dyn->d_tag) + DT_NUM + DT_THISPROCNUM
+ + DT_VERSIONTAGNUM + DT_EXTRANUM] = dyn;
+- else if ((Elf32_Word) DT_ADDRTAGIDX (dyn->d_tag) < DT_ADDRNUM)
++ else if ((d_tag_utype) DT_ADDRTAGIDX (dyn->d_tag) < DT_ADDRNUM)
+ info[DT_ADDRTAGIDX (dyn->d_tag) + DT_NUM + DT_THISPROCNUM
+ + DT_VERSIONTAGNUM + DT_EXTRANUM + DT_VALNUM] = dyn;
+ ++dyn;
Modified: glibc-package/branches/glibc-branch-lenny/debian/patches/series
===================================================================
--- glibc-package/branches/glibc-branch-lenny/debian/patches/series 2010-06-03 07:37:00 UTC (rev 4317)
+++ glibc-package/branches/glibc-branch-lenny/debian/patches/series 2010-06-03 07:50:25 UTC (rev 4318)
@@ -234,3 +234,4 @@
any/cvs-realloc.diff -p1
any/submitted-nis-shadow.diff -p1
any/cvs-mntent.diff -p1
+any/cvs-ld-elf.diff -p1
Reply to: