--- /dev/null
+;2010-10-18 Andreas Schwab <schwab@redhat.com>
+;
+; * elf/dl-load.c (is_dst): Remove last parameter.
+; (_dl_dst_count): Ignore $ORIGIN in privileged programs.
+; (_dl_dst_substitute): Likewise.
+--- glibc-2.12.1-7-gfc0ed7b/elf/dl-load.c
++++ glibc-2.12.1-3/elf/dl-load.c
+@@ -169,8 +169,7 @@ local_strdup (const char *s)
+
+
+ static size_t
+-is_dst (const char *start, const char *name, const char *str,
+- int is_path, int secure)
++is_dst (const char *start, const char *name, const char *str, int is_path)
+ {
+ size_t len;
+ bool is_curly = false;
+@@ -199,11 +198,6 @@ is_dst (const char *start, const char *name, const char *str,
+ && (!is_path || name[len] != ':'))
+ return 0;
+
+- if (__builtin_expect (secure, 0)
+- && ((name[len] != '\0' && (!is_path || name[len] != ':'))
+- || (name != start + 1 && (!is_path || name[-2] != ':'))))
+- return 0;
+-
+ return len;
+ }
+
+@@ -218,13 +212,12 @@ _dl_dst_count (const char *name, int is_path)
+ {
+ size_t len;
+
+- /* $ORIGIN is not expanded for SUID/GUID programs (except if it
+- is $ORIGIN alone) and it must always appear first in path. */
++ /* $ORIGIN is not expanded for SUID/GUID programs. */
+ ++name;
+- if ((len = is_dst (start, name, "ORIGIN", is_path,
+- INTUSE(__libc_enable_secure))) != 0
+- || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0
+- || (len = is_dst (start, name, "LIB", is_path, 0)) != 0)
++ if (((len = is_dst (start, name, "ORIGIN", is_path)) != 0
++ && !INTUSE(__libc_enable_secure))
++ || (len = is_dst (start, name, "PLATFORM", is_path)) != 0
++ || (len = is_dst (start, name, "LIB", is_path)) != 0)
+ ++cnt;
+
+ name = strchr (name + len, '$');
+@@ -256,9 +249,12 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result,
+ size_t len;
+
+ ++name;
+- if ((len = is_dst (start, name, "ORIGIN", is_path,
+- INTUSE(__libc_enable_secure))) != 0)
++ if ((len = is_dst (start, name, "ORIGIN", is_path)) != 0)
+ {
++ /* Ignore this path element in SUID/SGID programs. */
++ if (INTUSE(__libc_enable_secure))
++ repl = (const char *) -1;
++ else
+ #ifndef SHARED
+ if (l == NULL)
+ repl = _dl_get_origin ();
+@@ -266,9 +262,9 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result,
+ #endif
+ repl = l->l_origin;
+ }
+- else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0)
++ else if ((len = is_dst (start, name, "PLATFORM", is_path)) != 0)
+ repl = GLRO(dl_platform);
+- else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0)
++ else if ((len = is_dst (start, name, "LIB", is_path)) != 0)
+ repl = DL_DST_LIB;
+
+ if (repl != NULL && repl != (const char *) -1)
+
projects / packages / glibc.git / commitdiff