* [gentoo-commits] gentoo commit in src/patchsets/gcc/4.4.4/gentoo: 20_all_mudflap-setuid-env.patch README.history
@ 2010-09-11 4:06 Ryan Hill (dirtyepic)
0 siblings, 0 replies; only message in thread
From: Ryan Hill (dirtyepic) @ 2010-09-11 4:06 UTC (permalink / raw
To: gentoo-commits
dirtyepic 10/09/11 04:06:31
Modified: README.history
Added: 20_all_mudflap-setuid-env.patch
Log:
Fix mudflap setuid issue (bug #335290).
Revision Changes Path
1.10 src/patchsets/gcc/4.4.4/gentoo/README.history
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.4.4/gentoo/README.history?rev=1.10&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.4.4/gentoo/README.history?rev=1.10&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.4.4/gentoo/README.history?r1=1.9&r2=1.10
Index: README.history
===================================================================
RCS file: /var/cvsroot/gentoo/src/patchsets/gcc/4.4.4/gentoo/README.history,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- README.history 11 Sep 2010 03:46:02 -0000 1.9
+++ README.history 11 Sep 2010 04:06:31 -0000 1.10
@@ -1,3 +1,4 @@
+ + 20_all_mudflap-setuid-env.patch
+ 50_all_pr45312-kernel-miscompile.patch
+ 62_all_ia64-pr41551.patch
+ 96_all_arm-pr43440.patch
1.1 src/patchsets/gcc/4.4.4/gentoo/20_all_mudflap-setuid-env.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.4.4/gentoo/20_all_mudflap-setuid-env.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/gcc/4.4.4/gentoo/20_all_mudflap-setuid-env.patch?rev=1.1&content-type=text/plain
Index: 20_all_mudflap-setuid-env.patch
===================================================================
mudflap accepts options via $MUDFLAP_OPTIONS even when running setuid.
-viol-gdb option invokes programs upon error detection which is bad.
Note that NULL ptr derefs which are unexploitable in userspace programs,
then become exploitable.
http://gcc.gnu.org/PR41433
https://bugs.gentoo.org/335290
--- a/libmudflap/mf-runtime.c
+++ b/libmudflap/mf-runtime.c
@@ -303,6 +303,14 @@ __mf_set_default_options ()
#ifdef LIBMUDFLAPTH
__mf_opts.thread_stack = 0;
#endif
+
+ /* PR41443: Beware that the above flags will be applied to
+ setuid/setgid binaries, and cannot be overriden with
+ $MUDFLAP_OPTIONS. So the defaults must be non-exploitable.
+
+ Should we consider making the default violation_mode something
+ harsher than viol_nop? OTOH, glibc's MALLOC_CHECK_ is disabled
+ by default for these same programs. */
}
static struct mudoption
@@ -442,7 +450,7 @@ __mf_usage ()
"This is a %s%sGCC \"mudflap\" memory-checked binary.\n"
"Mudflap is Copyright (C) 2002-2010 Free Software Foundation, Inc.\n"
"\n"
- "The mudflap code can be controlled by an environment variable:\n"
+ "Unless setuid, a program's mudflap options be set by an environment variable:\n"
"\n"
"$ export MUDFLAP_OPTIONS='<options>'\n"
"$ <mudflapped_program>\n"
@@ -705,7 +713,8 @@ __mf_init ()
__mf_set_default_options ();
- ov = getenv ("MUDFLAP_OPTIONS");
+ if (getuid () == geteuid () && getgid () == getegid ()) /* PR41433, not setuid */
+ ov = getenv ("MUDFLAP_OPTIONS");
if (ov)
{
int rc = __mfu_set_options (ov);
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2010-09-11 4:06 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-09-11 4:06 [gentoo-commits] gentoo commit in src/patchsets/gcc/4.4.4/gentoo: 20_all_mudflap-setuid-env.patch README.history Ryan Hill (dirtyepic)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox