aboutsummaryrefslogtreecommitdiff
path: root/share/security/patches/SA-09:16/rtld.patch
diff options
context:
space:
mode:
Diffstat (limited to 'share/security/patches/SA-09:16/rtld.patch')
-rw-r--r--share/security/patches/SA-09:16/rtld.patch23
1 files changed, 23 insertions, 0 deletions
diff --git a/share/security/patches/SA-09:16/rtld.patch b/share/security/patches/SA-09:16/rtld.patch
new file mode 100644
index 0000000000..3f53585620
--- /dev/null
+++ b/share/security/patches/SA-09:16/rtld.patch
@@ -0,0 +1,23 @@
+Index: libexec/rtld-elf/rtld.c
+===================================================================
+--- libexec/rtld-elf/rtld.c (revision 199978)
++++ libexec/rtld-elf/rtld.c (revision 199979)
+@@ -366,12 +366,12 @@
+ * future processes to honor the potentially un-safe variables.
+ */
+ if (!trust) {
+- unsetenv(LD_ "PRELOAD");
+- unsetenv(LD_ "LIBMAP");
+- unsetenv(LD_ "LIBRARY_PATH");
+- unsetenv(LD_ "LIBMAP_DISABLE");
+- unsetenv(LD_ "DEBUG");
+- unsetenv(LD_ "ELF_HINTS_PATH");
++ if (unsetenv(LD_ "PRELOAD") || unsetenv(LD_ "LIBMAP") ||
++ unsetenv(LD_ "LIBRARY_PATH") || unsetenv(LD_ "LIBMAP_DISABLE") ||
++ unsetenv(LD_ "DEBUG") || unsetenv(LD_ "ELF_HINTS_PATH")) {
++ _rtld_error("environment corrupt; aborting");
++ die();
++ }
+ }
+ ld_debug = getenv(LD_ "DEBUG");
+ libmap_disable = getenv(LD_ "LIBMAP_DISABLE") != NULL;
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-16 21:17:11 +0000