r5964 - in glibc-package/trunk/debian: . patches patches/any
Author: adconrad
Date: 2014-02-24 01:37:13 +0000 (Mon, 24 Feb 2014)
New Revision: 5964
Added:
glibc-package/trunk/debian/patches/any/local-no-malloc-backtrace.diff
Modified:
glibc-package/trunk/debian/changelog
glibc-package/trunk/debian/patches/series
Log:
debian/patches/any/local-no-malloc-backtrace.diff: Lower the default
for MALLOC_CHECK_ to 1, and add it to the list of insecure variables
that can't be set for suid binaries. This allows us to not backtrace
malloc failures by default (Closes: #739913, LP: #1266492) and skips
backtrace for suid binaries where an attacker calling into a corrupt
malloc internal data structure with malloc could lead to Bad Things.
Modified: glibc-package/trunk/debian/changelog
===================================================================
--- glibc-package/trunk/debian/changelog 2014-02-23 13:48:13 UTC (rev 5963)
+++ glibc-package/trunk/debian/changelog 2014-02-24 01:37:13 UTC (rev 5964)
@@ -2,7 +2,12 @@
!!! PLEASE MOVE ALL MAJOR DEVELOPMENT TO THE 2.19 BRANCH OR UPSTREAM !!!
- *
+ * debian/patches/any/local-no-malloc-backtrace.diff: Lower the default
+ for MALLOC_CHECK_ to 1, and add it to the list of insecure variables
+ that can't be set for suid binaries. This allows us to not backtrace
+ malloc failures by default (Closes: #739913, LP: #1266492) and skips
+ backtrace for suid binaries where an attacker calling into a corrupt
+ malloc internal data structure with malloc could lead to Bad Things.
-- Aurelien Jarno <aurel32@debian.org> Sun, 23 Feb 2014 14:47:58 +0100
Added: glibc-package/trunk/debian/patches/any/local-no-malloc-backtrace.diff
===================================================================
--- glibc-package/trunk/debian/patches/any/local-no-malloc-backtrace.diff (rev 0)
+++ glibc-package/trunk/debian/patches/any/local-no-malloc-backtrace.diff 2014-02-24 01:37:13 UTC (rev 5964)
@@ -0,0 +1,50 @@
+Description: disable backtraces on malloc errors
+Author: Steve Beattie <sbeattie@ubuntu.com>
+Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=16159
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1266492
+Forwarded: no, needs testing first
+
+Disable backtrace's by default when malloc internal errors have
+occurred; backtraces end up calling malloc themselves which causes a
+deadlock on the internal glibc malloc lock. It's also a bad idea to use
+malloc if an attacker has corrupted malloc's internal data structures.
+
+MALLOC_CHECK_ is also added to the list of environment variables to
+filter for setuid binaries.
+
+For debugging purposes, people can manually add MALLOC_CHECK_=3 to their
+environment to get the backtracing behavior back.
+---
+ malloc/malloc.c | 5 ++++-
+ sysdeps/generic/unsecvars.h | 1 +
+ 2 files changed, 5 insertions(+), 1 deletion(-)
+
+Index: b/malloc/malloc.c
+===================================================================
+--- a/malloc/malloc.c
++++ b/malloc/malloc.c
+@@ -1863,8 +1863,11 @@ void weak_variable (*__after_morecore_ho
+
+ /* ---------------- Error behavior ------------------------------------ */
+
++
++/* we don't want to emit a backtrace on error, see
++ https://sourceware.org/bugzilla/show_bug.cgi?id=16159, so set to 1 */
+ #ifndef DEFAULT_CHECK_ACTION
+-#define DEFAULT_CHECK_ACTION 3
++#define DEFAULT_CHECK_ACTION 1
+ #endif
+
+ static int check_action = DEFAULT_CHECK_ACTION;
+Index: b/sysdeps/generic/unsecvars.h
+===================================================================
+--- a/sysdeps/generic/unsecvars.h
++++ b/sysdeps/generic/unsecvars.h
+@@ -17,6 +17,7 @@
+ "LD_USE_LOAD_BIAS\0" \
+ "LOCALDOMAIN\0" \
+ "LOCPATH\0" \
++ "MALLOC_CHECK_\0" \
+ "MALLOC_TRACE\0" \
+ "NIS_PATH\0" \
+ "NLSPATH\0" \
Modified: glibc-package/trunk/debian/patches/series
===================================================================
--- glibc-package/trunk/debian/patches/series 2014-02-23 13:48:13 UTC (rev 5963)
+++ glibc-package/trunk/debian/patches/series 2014-02-24 01:37:13 UTC (rev 5964)
@@ -266,3 +266,4 @@
any/cvs-vfscanf-0e+0.diff
any/cvs-ptrace_peeksiginfo_args.diff
any/local-ldconfig-ignore-ld.so.diff
+any/local-no-malloc-backtrace.diff
Reply to: