This is an automated email from the git hooks/post-receive script. aurel32 pushed a commit to branch sid in repository glibc.
commit d002c3adbde645d2078290510cf71d487a4d20cd Author: Aurelien Jarno <aurel...@aurel32.net> Date: Sun Jun 18 18:54:29 2017 +0200 CVE-2017-1000366: workaround the lack of PATH_MAX on Hurd --- debian/patches/any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff | 8 ++++++-- debian/patches/any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff | 8 ++++++-- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/debian/patches/any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff b/debian/patches/any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff index 02c5c92..68e2798 100644 --- a/debian/patches/any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff +++ b/debian/patches/any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff @@ -16,7 +16,7 @@ diff --git a/elf/rtld.c b/elf/rtld.c index 30f0cae..89d8573 100644 --- a/elf/rtld.c +++ b/elf/rtld.c -@@ -116,13 +116,91 @@ dso_name_valid_for_suid (const char *p) +@@ -116,13 +116,95 @@ dso_name_valid_for_suid (const char *p) return *p != '\0'; } @@ -45,7 +45,11 @@ index 30f0cae..89d8573 100644 + + /* Scratch buffer for returning a name which is part of + audit_list_string. */ ++#ifdef PATH_MAX + char fname[PATH_MAX]; ++#else ++ char fname[4096]; ++#endif +}; + +/* Initialize an audit list iterator. */ @@ -67,7 +71,7 @@ index 30f0cae..89d8573 100644 + { + /* Split audit list at colon. */ + size_t len = strcspn (iter->audit_list_tail, ":"); -+ if (len > 0 && len < PATH_MAX) ++ if (len > 0 && len < sizeof(iter->fname)) + { + memcpy (iter->fname, iter->audit_list_tail, len); + iter->fname[len] = '\0'; diff --git a/debian/patches/any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff b/debian/patches/any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff index f6a56df..76be2a3 100644 --- a/debian/patches/any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff +++ b/debian/patches/any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff @@ -38,7 +38,7 @@ index 824b6cf..30f0cae 100644 /* List of auditing DSOs. */ static struct audit_list -@@ -716,6 +732,42 @@ static const char *preloadlist attribute_relro; +@@ -716,6 +732,46 @@ static const char *preloadlist attribute_relro; /* Nonzero if information about versions has to be printed. */ static int version_info attribute_relro; @@ -53,13 +53,17 @@ index 824b6cf..30f0cae 100644 +{ + unsigned int npreloads = 0; + const char *p = preloadlist; ++#ifdef PATH_MAX + char fname[PATH_MAX]; ++#else ++ char fname[4096]; ++#endif + + while (*p != '\0') + { + /* Split preload list at space/colon. */ + size_t len = strcspn (p, " :"); -+ if (len > 0 && len < PATH_MAX) ++ if (len > 0 && len < sizeof(fname)) + { + memcpy (fname, p, len); + fname[len] = '\0'; -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-glibc/glibc.git