On 12/03/2009 08:01 PM, Pieter de Boer wrote: > Jamie Landeg Jones wrote: >> >> However, I'd still apply the patch in case some other way to exploit >> the non-checking of the unsetenv return status crops up elsewhere. >> >> It can't do any harm. > > The problem with that is, on 6.x, unsetenv() returns 'void', so there's > no return value to check on. > > On 6.x (I've looked at 6.4-RELEASE-p7, it may be different in other > versions), the unsetenv() uses __findenv() in a while loop to remove the > given setting. The getenv() function also uses __findenv() to find the > given environment setting. The issue described in the advisory simply > doesn't exist in 6(.4-RELEASE-p7).
patch doesn't complain on the diff, but compiling gives me the following error on 6.4-STABLE (i386): # make depend rm -f .depend mkdep -f .depend -a -DFREEBSD_ELF -DIN_RTLD -I/usr/src/libexec/rtld-elf/i386 -I/usr/src/libexec/rtld-elf -DPIC /usr/src/libexec/rtld-elf/i386/rtld_start.S /usr/src/libexec/rtld-elf/i386/reloc.c /usr/src/libexec/rtld-elf/rtld.c /usr/src/libexec/rtld-elf/rtld_lock.c /usr/src/libexec/rtld-elf/map_object.c /usr/src/libexec/rtld-elf/malloc.c /usr/src/libexec/rtld-elf/xmalloc.c /usr/src/libexec/rtld-elf/debug.c /usr/src/libexec/rtld-elf/libmap.c echo ld-elf.so.1: /usr/lib/libc_pic.a >> .depend test# make cc -O2 -fno-strict-aliasing -pipe -Wall -DFREEBSD_ELF -DIN_RTLD -I/usr/src/libexec/rtld-elf/i386 -I/usr/src/libexec/rtld-elf -elf -fpic -DPIC -std=gnu99 -Wformat=2 -Wno-format-extra-args -Werror -c /usr/src/libexec/rtld-elf/i386/rtld_start.S cc -O2 -fno-strict-aliasing -pipe -Wall -DFREEBSD_ELF -DIN_RTLD -I/usr/src/libexec/rtld-elf/i386 -I/usr/src/libexec/rtld-elf -elf -fpic -DPIC -std=gnu99 -Wformat=2 -Wno-format-extra-args -Werror -c /usr/src/libexec/rtld-elf/i386/reloc.c cc -O2 -fno-strict-aliasing -pipe -Wall -DFREEBSD_ELF -DIN_RTLD -I/usr/src/libexec/rtld-elf/i386 -I/usr/src/libexec/rtld-elf -elf -fpic -DPIC -std=gnu99 -Wformat=2 -Wno-format-extra-args -Werror -c /usr/src/libexec/rtld-elf/rtld.c /usr/src/libexec/rtld-elf/rtld.c: In function `_rtld': /usr/src/libexec/rtld-elf/rtld.c:352: error: void value not ignored as it ought to be /usr/src/libexec/rtld-elf/rtld.c:352: error: void value not ignored as it ought to be /usr/src/libexec/rtld-elf/rtld.c:353: error: void value not ignored as it ought to be /usr/src/libexec/rtld-elf/rtld.c:353: error: void value not ignored as it ought to be /usr/src/libexec/rtld-elf/rtld.c:354: error: void value not ignored as it ought to be *** Error code 1 Stop in /usr/src/libexec/rtld-elf. # Best, Timo _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
