packages/glibc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!439 realpath: Avoid overwriting preexisting error (CVE-2021-3998)

Browse Source 
From: @liqingqing_1229 
Reviewed-by: @yang_yanchao 
Signed-off-by: @yang_yanchao
This commit is contained in:
openeuler-ci-bot 2022-05-28 12:13:43 +00:00 committed by Gitee
commit 018e7b964c
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 38 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
glibc.spec
View File

@ -66,7 +66,7 @@
##############################################################################
Name: glibc
Version: 2.34
Release: 81
Release: 82
Summary: The GNU libc libraries
License: %{all_license}
URL: http://www.gnu.org/software/glibc/
@ -221,6 +221,7 @@ Patch133: posix-glob.c-update-from-gnulib.patch
Patch134: linux-Fix-fchmodat-with-AT_SYMLINK_NOFOLLOW-for-64-b.patch
Patch135: linux-Fix-posix_spawn-return-code-if-clone-fails-BZ-.patch
Patch136: backport-elf-Fix-use-after-free-in-ldconfig-BZ-26779.patch
Patch137: realpath-Avoid-overwriting-preexisting-error-CVE-2021-3998.patch
Patch9000: turn-default-value-of-x86_rep_stosb_threshold_form_2K_to_1M.patch
Patch9001: delete-no-hard-link-to-avoid-all_language-package-to.patch
@ -1389,6 +1390,9 @@ fi
%endif
%changelog
* Sat May 28 2022 QingqingLi <liqingqing3@huawei.com> - 2.34-82
- realpath: Avoid overwriting preexisting error (CVE-2021-3998)
* Fri May 20 2022 xujing <xujing125@huawei.com> - 2.34-81
- elf: Fix use-after-free in ldconfig [BZ #26779]

33
realpath-Avoid-overwriting-preexisting-error-CVE-2021-3998.patch Normal file
View File

@ -0,0 +1,33 @@
From d084965adc7baa8ea804427cccf973cea556d697 Mon Sep 17 00:00:00 2001
From: Siddhesh Poyarekar <siddhesh@sourceware.org>
Date: Mon, 24 Jan 2022 21:36:41 +0530
Subject: [PATCH] realpath: Avoid overwriting preexisting error (CVE-2021-3998)
Set errno and failure for paths that are too long only if no other error
occurred earlier.
Related: BZ #28770
Reviewed-by: Andreas Schwab <schwab@linux-m68k.org>
Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
(cherry picked from commit 84d2d0fe20bdf94feed82b21b4d7d136db471f03)
---
stdlib/canonicalize.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/stdlib/canonicalize.c b/stdlib/canonicalize.c
index 7a23a51..e2d4244 100644
--- a/stdlib/canonicalize.c
+++ b/stdlib/canonicalize.c
@@ -404,7 +404,7 @@ error:
{
if (dest - rname <= get_path_max ())
rname = strcpy (resolved, rname);
- else
+ else if (!failed)
{
failed = true;
__set_errno (ENAMETOOLONG);
--
1.8.3.1