[glibc] 04/05: CVE-2017-1000366: workaround the lack of PATH_MAX on Hurd

To: debian-glibc@lists.debian.org
Subject: [glibc] 04/05: CVE-2017-1000366: workaround the lack of PATH_MAX on Hurd
From: Aurelien Jarno <aurel32@moszumanska.debian.org>
Date: Mon, 19 Jun 2017 15:36:15 +0000
Message-id: <[🔎] E1dMyit-00038a-Dk@moszumanska.debian.org>
Reply-to: Aurelien Jarno <aurelien@aurel32.net>
In-reply-to: <[🔎] 20170619153611.4539.94363@moszumanska.debian.org>
References: <[🔎] 20170619153611.4539.94363@moszumanska.debian.org>

This is an automated email from the git hooks/post-receive script.

aurel32 pushed a commit to branch sid
in repository glibc.

commit d002c3adbde645d2078290510cf71d487a4d20cd
Author: Aurelien Jarno <aurelien@aurel32.net>
Date:   Sun Jun 18 18:54:29 2017 +0200

    CVE-2017-1000366: workaround the lack of PATH_MAX on Hurd
---
 debian/patches/any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff   | 8 ++++++--
 debian/patches/any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff | 8 ++++++--
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/debian/patches/any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff b/debian/patches/any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff
index 02c5c92..68e2798 100644
--- a/debian/patches/any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff
+++ b/debian/patches/any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff
@@ -16,7 +16,7 @@ diff --git a/elf/rtld.c b/elf/rtld.c
 index 30f0cae..89d8573 100644
 --- a/elf/rtld.c
 +++ b/elf/rtld.c
-@@ -116,13 +116,91 @@ dso_name_valid_for_suid (const char *p)
+@@ -116,13 +116,95 @@ dso_name_valid_for_suid (const char *p)
    return *p != '\0';
  }
  
@@ -45,7 +45,11 @@ index 30f0cae..89d8573 100644
 +
 +  /* Scratch buffer for returning a name which is part of
 +     audit_list_string.  */
++#ifdef PATH_MAX
 +  char fname[PATH_MAX];
++#else
++  char fname[4096];
++#endif
 +};
 +
 +/* Initialize an audit list iterator.  */
@@ -67,7 +71,7 @@ index 30f0cae..89d8573 100644
 +	{
 +	  /* Split audit list at colon.  */
 +	  size_t len = strcspn (iter->audit_list_tail, ":");
-+	  if (len > 0 && len < PATH_MAX)
++	  if (len > 0 && len < sizeof(iter->fname))
 +	    {
 +	      memcpy (iter->fname, iter->audit_list_tail, len);
 +	      iter->fname[len] = '\0';
diff --git a/debian/patches/any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff b/debian/patches/any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff
index f6a56df..76be2a3 100644
--- a/debian/patches/any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff
+++ b/debian/patches/any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff
@@ -38,7 +38,7 @@ index 824b6cf..30f0cae 100644
  
  /* List of auditing DSOs.  */
  static struct audit_list
-@@ -716,6 +732,42 @@ static const char *preloadlist attribute_relro;
+@@ -716,6 +732,46 @@ static const char *preloadlist attribute_relro;
  /* Nonzero if information about versions has to be printed.  */
  static int version_info attribute_relro;
  
@@ -53,13 +53,17 @@ index 824b6cf..30f0cae 100644
 +{
 +  unsigned int npreloads = 0;
 +  const char *p = preloadlist;
++#ifdef PATH_MAX
 +  char fname[PATH_MAX];
++#else
++  char fname[4096];
++#endif
 +
 +  while (*p != '\0')
 +    {
 +      /* Split preload list at space/colon.  */
 +      size_t len = strcspn (p, " :");
-+      if (len > 0 && len < PATH_MAX)
++      if (len > 0 && len < sizeof(fname))
 +	{
 +	  memcpy (fname, p, len);
 +	  fname[len] = '\0';

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-glibc/glibc.git

Reply to:

References:
- [glibc] branch sid updated (0262e90 -> c4f106a)
  - From: Aurelien Jarno <aurel32@moszumanska.debian.org>