From mboxrd@z Thu Jan 1 00:00:00 1970 From: david.goulet@polymtl.ca (David Goulet) Date: Wed, 29 Sep 2010 12:32:27 -0400 Subject: [ltt-dev] [PATCH UST] Fix insecure library loading (Debian Bug #598309, CVE-2010-3386) In-Reply-To: <20100929150622.GA6625@Krystal> References: <20100929132755.GA20790@starquasia> <20100929150622.GA6625@Krystal> Message-ID: <4CA36A1B.9000403@polymtl.ca> I think you should add the CVE code to the commit message : CVE-2010-3386 David On 10-09-29 11:06 AM, Mathieu Desnoyers wrote: > Thanks to Raphael Geissert for spotting this, and to Jon Bernard for forwarding > the information to us. > > Signed-off-by: Mathieu Desnoyers > CC: Raphael Geissert > CC: Jon Bernard > --- > usttrace | 47 +++++++++++++++++++++++++++++++++++++---------- > 1 file changed, 37 insertions(+), 10 deletions(-) > > Index: ust/usttrace > =================================================================== > --- ust.orig/usttrace > +++ ust/usttrace > @@ -132,27 +132,54 @@ fi > > if [ "$arg_preload_libust" = "1" ]; > then > - if [ -n "${LIBUST_PATH%libust.so}" ] ; then > - export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:${LIBUST_PATH%libust.so}" > + if [ -n "${LIBUST_PATH%libust.so}" ]; > + then > + if [ -n "$LD_LIBRARY_PATH" ]; > + then > + export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:${LIBUST_PATH%libust.so}" > + else > + export LD_LIBRARY_PATH="${LIBUST_PATH%libust.so}" > + fi > + fi > + if [ -n "$LIBUST_PATH" ]; > + then > + if [ -n "$LD_PRELOAD" ]; > + then > + export LD_PRELOAD="$LD_PRELOAD:$LIBUST_PATH" > + else > + export LD_PRELOAD="$LIBUST_PATH" > + fi > fi > - export LD_PRELOAD="$LD_PRELOAD:$LIBUST_PATH" > fi > > - if [ "$arg_ld_std_ust" = "1" ]; > + if [ "$arg_ld_std_ust" = "1" ]&& [ -n "${LIBUST_PATH%libust.so}" ]; > then > - if [ -n "$${LIBUST_PATH%libust.so}" ] ; then > - export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:${LIBUST_PATH%libust.so}" > + if [ -n "$LD_LIBRARY_PATH" ]; > + then > + export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:${LIBUST_PATH%libust.so}" > + else > + export LD_LIBRARY_PATH="${LIBUST_PATH%libust.so}" > fi > fi > > - if [ "$arg_preload_malloc" = "1" ]; > + if [ "$arg_preload_malloc" = "1" ]&& [ -n $LIBMALLOCWRAP_PATH ]; > then > - export LD_PRELOAD="$LD_PRELOAD:$LIBMALLOCWRAP_PATH" > + if [ -n "$LD_PRELOAD" ]; > + then > + export LD_PRELOAD="$LD_PRELOAD:$LIBMALLOCWRAP_PATH" > + else > + export LD_PRELOAD="$LIBMALLOCWRAP_PATH" > + fi > fi > > - if [ "$arg_preload_fork" = "1" ]; > + if [ "$arg_preload_fork" = "1" ]&& [ -n $LIBINTERFORK_PATH ]; > then > - export LD_PRELOAD="$LD_PRELOAD:$LIBINTERFORK_PATH" > + if [ -n "$LD_PRELOAD" ]; > + then > + export LD_PRELOAD="$LD_PRELOAD:$LIBINTERFORK_PATH" > + else > + export LD_PRELOAD="$LIBINTERFORK_PATH" > + fi > fi > > # Execute the command > -- David Goulet LTTng project, DORSAL Lab. PGP/GPG : 1024D/16BD8563 BE3C 672B 9331 9796 291A 14C6 4AF7 C14B 16BD 8563