vlc | branch: master | David Fuhrmann <[email protected]> | Mon Jan 7 19:43:17 2019 +0100| [2ed07256dbbf21bf33cd5f9a58478178a4f0987d] | committer: David Fuhrmann
contrib: bluray: Add an explicit path to find shared libraries This is needed because runtime hardening does not automatically look for libraries outside of the own application bundle anymore. > http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=2ed07256dbbf21bf33cd5f9a58478178a4f0987d --- ...ibrary-paths-Explicitly-add-usr-local-lib.patch | 34 ++++++++++++++++++++++ contrib/src/bluray/rules.mak | 1 + 2 files changed, 35 insertions(+) diff --git a/contrib/src/bluray/0001-library-paths-Explicitly-add-usr-local-lib.patch b/contrib/src/bluray/0001-library-paths-Explicitly-add-usr-local-lib.patch new file mode 100644 index 0000000000..a3323d4ed6 --- /dev/null +++ b/contrib/src/bluray/0001-library-paths-Explicitly-add-usr-local-lib.patch @@ -0,0 +1,34 @@ +From bbf867237c7fa326b5467afaad08f18a56a79935 Mon Sep 17 00:00:00 2001 +From: David Fuhrmann <[email protected]> +Date: Mon, 7 Jan 2019 19:30:56 +0100 +Subject: [PATCH] library paths: Explicitly add /usr/local/lib + +Hardened runtime prevents the program to load any libraries outside +of the application bundle by default. Specifically, it also ignores +DYLD_FALLBACK_PATH which would contain /usr/local/lib. +To allow usage of a library outside of the application bundle, add +/usr/local/lib explicitly. +--- + src/file/dl_posix.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/file/dl_posix.c b/src/file/dl_posix.c +index b97f12fe..49813856 100644 +--- a/src/file/dl_posix.c ++++ b/src/file/dl_posix.c +@@ -69,10 +69,11 @@ void *dl_dlopen(const char *path, const char *version) + @loader_path - location of current library/binary (ex. libbluray.dylib) + @executable_path - location of running binary (ex. /Applications/Some.app/Contents/MacOS) + @rpath - search rpaths of running binary (man install_name_path) ++ /usr/local/lib/ - explicitly added path, as runtime hardened programs ignore DYLD_FALLBACK_PATH now + */ + static const char *search_paths[] = {"", "@loader_path/lib/", "@loader_path/", "@executable_path/", + "@executable_path/lib/", "@executable_path/../lib/", +- "@executable_path/../Resources/", "@rpath/", NULL}; ++ "@executable_path/../Resources/", "@rpath/", "/usr/local/lib/", NULL}; + version = NULL; + #else + static const char ext[] = ".so"; +-- +2.17.2 (Apple Git-113) + diff --git a/contrib/src/bluray/rules.mak b/contrib/src/bluray/rules.mak index 67937b2038..4211c38b70 100644 --- a/contrib/src/bluray/rules.mak +++ b/contrib/src/bluray/rules.mak @@ -51,6 +51,7 @@ bluray: libbluray-$(BLURAY_VERSION).tar.bz2 .sum-bluray $(APPLY) $(SRC)/bluray/0001-Implement-dl_get_path-for-darwin-macOS.patch $(APPLY) $(SRC)/bluray/0001-keep-on-with-menuless-user-selected-streams-between-.patch $(APPLY) $(SRC)/bluray/0001-install-bdjo_data-header.patch + $(APPLY) $(SRC)/bluray/0001-library-paths-Explicitly-add-usr-local-lib.patch $(call pkg_static,"src/libbluray.pc.in") $(MOVE) _______________________________________________ vlc-commits mailing list [email protected] https://mailman.videolan.org/listinfo/vlc-commits
