From 11bc173765a22d460e090f46278ab4b96551a43b Mon Sep 17 00:00:00 2001 From: Rich Felker Date: Wed, 26 Jun 2013 10:17:29 -0400 Subject: fix dynamic linker handling of empty path file or error reading path file previously, the path string was being used despite being invalid. with this change, empty path file or error reading the path file is treated as an empty path. this is preferable to falling back to a default path, so that attacks to prevent reading of the path file could not result in loading incorrect and possibly dangerous (outdated or mismatching ABI) libraries from. the code to strip the final newline has also been removed; now that newline is accepted as a delimiter, it's harmless to leave it in place. --- src/ldso/dynlink.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/ldso/dynlink.c b/src/ldso/dynlink.c index 8472343a..eac07d9c 100644 --- a/src/ldso/dynlink.c +++ b/src/ldso/dynlink.c @@ -478,10 +478,9 @@ static struct dso *load_library(const char *name) if (!sys_path) { FILE *f = fopen(ETC_LDSO_PATH, "rbe"); if (f) { - if (getdelim(&sys_path, (size_t[1]){0}, 0, f) > 0) { - size_t l = strlen(sys_path); - if (l && sys_path[l-1]=='\n') - sys_path[l-1] = 0; + if (getdelim(&sys_path, (size_t[1]){0}, 0, f) <= 0) { + if (sys_path) free(sys_path); + sys_path = ""; } fclose(f); } -- cgit v1.2.3-70-g09d2