Author: robert
Date: 2006-08-20 21:21:40 -0600 (Sun, 20 Aug 2006)
New Revision: 1653
Added:
trunk/glibc/glibc-2.4-hardened_tmp-1.patch
Log:
Added glibc-2.4-hardened_tmp-1.patch
Added: trunk/glibc/glibc-2.4-hardened_tmp-1.patch
===================================================================
--- trunk/glibc/glibc-2.4-hardened_tmp-1.patch (rev 0)
+++ trunk/glibc/glibc-2.4-hardened_tmp-1.patch 2006-08-21 03:21:40 UTC (rev
1653)
@@ -0,0 +1,91 @@
+Submitted By: Robert Connolly <robert at linuxfromscratch dot org> (ashes)
+Date: 2006-08-20
+Initial Package Version: 2.3.3
+Upstream Status: Not submitted - Mktemp would need to be added to configure
+Origin: Openwall Owl Linux - glibc-2.3.2-owl-tmpfile.diff
+Description: This patch modifies Glibc to create temporary files in a
+paranoid way, including use of the Mktemp package.
+
+diff -puNr glibc-2.3.3-200406160000.orig/debug/xtrace.sh
glibc-2.3.3-200406160000/debug/xtrace.sh
+--- glibc-2.3.3-200406160000.orig/debug/xtrace.sh Tue Jun 15 21:36:24 2004
++++ glibc-2.3.3-200406160000/debug/xtrace.sh Sun Jan 9 02:22:15 2005
+@@ -161,32 +161,32 @@ if test -n "$data"; then
+ while read fct; do
+ read file
+ if test "$fct" != '??' -a "$file" != '??:0'; then
+- format_line $fct $file
++ format_line "$fct" "$file"
+ fi
+ done
+ else
+- fifo=$(mktemp -u ${TMPDIR:-/tmp}/xtrace.XXXXXX)
++ fifo="`mktemp -ut xtrace.XXXXXXXXXX`" || exit
++ trap 'rm -f -- "$fifo"' EXIT
++ trap 'trap - EXIT; rm -f -- "$fifo"; exit 1' HUP INT QUIT TERM PIPE
+ mkfifo -m 0600 $fifo || exit 1
+- trap 'rm $fifo; exit 1' SIGINT SIGTERM SIGPIPE
+
+ # Now start the program and let it write to the FIFO.
+ $TERMINAL_PROG -T "xtrace - $program $*" -e /bin/sh -c
"LD_PRELOAD=$pcprofileso PCPROFILE_OUTPUT=$fifo $program $*; read < $fifo" &
+ termpid=$!
+- $pcprofiledump -u $fifo |
++ $pcprofiledump -u "$fifo" |
+ while read line; do
+- echo $line |
++ echo "$line" |
+ sed 's/this = \([^,]*\).*/\1/' |
+- addr2line -fC -e $program
++ addr2line -fC -e "$program"
+ done |
+ while read fct; do
+ read file
+ if test "$fct" != '??' -a "$file" != '??:0'; then
+- format_line $fct $file
++ format_line "$fct" "$file"
+ fi
+ done
+ read -p "Press return here to close $TERMINAL_PROG($program)."
+- echo > $fifo
+- rm $fifo
++ echo > "$fifo"
+ fi
+
+ exit 0
+diff -puNr glibc-2.3.3-200406160000.orig/malloc/memusage.sh
glibc-2.3.3-200406160000/malloc/memusage.sh
+--- glibc-2.3.3-200406160000.orig/malloc/memusage.sh Tue Jun 1 11:32:19 2004
++++ glibc-2.3.3-200406160000/malloc/memusage.sh Sun Jan 9 02:21:44 2005
+@@ -77,6 +77,15 @@ warranty; not even for MERCHANTABILITY o
+ exit 0
+ }
+
++# these variables are local
++buffer=
++data=
++memusagestat_args=
++notimer=
++png=
++progname=
++tracemmap=
++
+ # Process arguments. But stop as soon as the program name is found.
+ while test $# -gt 0; do
+ case "$1" in
+@@ -213,15 +222,9 @@ datafile=
+ if test -n "$data"; then
+ datafile="$data"
+ elif test -n "$png"; then
+- datafile=$(mktemp ${TMPDIR:-/tmp}/memusage.XXXXXX 2> /dev/null)
+- if test $? -ne 0; then
+- # Lame, but if there is no `mktemp' program the user cannot expect more.
+- if test "$RANDOM" != "$RANDOM"; then
+- datafile=${TMPDIR:-/tmp}/memusage.$RANDOM
+- else
+- datafile=${TMPDIR:-/tmp}/memusage.$$
+- fi
+- fi
++ datafile="`mktemp -t memusage.XXXXXXXXXX`" || exit
++ trap 'rm -f -- "$datafile"' EXIT
++ trap 'trap - EXIT; rm -f -- "$datafile"; exit 1' HUP INT QUIT TERM PIPE
+ fi
+ if test -n "$datafile"; then
+ add_env="$add_env MEMUSAGE_OUTPUT=$datafile"
--
http://linuxfromscratch.org/mailman/listinfo/patches
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
