packages/glibc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!435 elf: Fix use-after-free in ldconfig [BZ #26779]

Browse Source 
From: @xujing99 
Reviewed-by: @liqingqing_1229 
Signed-off-by: @liqingqing_1229
This commit is contained in:
openeuler-ci-bot 2022-05-23 00:44:37 +00:00 committed by Gitee
commit 2e7b3098b8
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 36 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
backport-elf-Fix-use-after-free-in-ldconfig-BZ-26779.patch Normal file
View File

@ -0,0 +1,31 @@
From 03ad86880f68f498ee04e9ea84cd4f0d14473970 Mon Sep 17 00:00:00 2001
From: Martin Sebor <msebor@redhat.com>
Date: Tue, 25 Jan 2022 17:37:56 -0700
Subject: [PATCH] elf: Fix use-after-free in ldconfig [BZ #26779]
Conflict:NA
Reference:https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=03ad86880f68f498ee04e9ea84cd4f0d14473970
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
---
elf/ldconfig.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/elf/ldconfig.c b/elf/ldconfig.c
index d14633f5ec..57bb95ebc3 100644
--- a/elf/ldconfig.c
+++ b/elf/ldconfig.c
@@ -735,9 +735,9 @@ manual_link (char *library)
create_links (real_path, path, libname, soname);
free (soname);
out:
- free (path);
if (path != real_path)
free (real_path);
+ free (path);
}
--
2.23.0

6
glibc.spec
View File

@ -66,7 +66,7 @@
##############################################################################
Name: glibc
Version: 2.34
Release: 80
Release: 81
Summary: The GNU libc libraries
License: %{all_license}
URL: http://www.gnu.org/software/glibc/
@ -220,6 +220,7 @@ Patch132: elf-Fix-initial-exec-TLS-access-on-audit-modules-BZ-.patch
Patch133: posix-glob.c-update-from-gnulib.patch
Patch134: linux-Fix-fchmodat-with-AT_SYMLINK_NOFOLLOW-for-64-b.patch
Patch135: linux-Fix-posix_spawn-return-code-if-clone-fails-BZ-.patch
Patch136: backport-elf-Fix-use-after-free-in-ldconfig-BZ-26779.patch
Patch9000: turn-default-value-of-x86_rep_stosb_threshold_form_2K_to_1M.patch
Patch9001: delete-no-hard-link-to-avoid-all_language-package-to.patch
@ -1388,6 +1389,9 @@ fi
%endif
%changelog
* Fri May 20 2022 xujing <xujing125@huawei.com> - 2.34-81
- elf: Fix use-after-free in ldconfig [BZ #26779]
* Sat May 7 2022 Qingqing Li <liqingqing3@huawei.com> - 2.34-80
- linux: Fix posix_spawn return code if clone fails (BZ#29109)