From f6110a8fee2ca36f8e2d2abecf3cba9fa7b8ea7d Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Mon, 19 Jun 2017 17:09:55 +0200
Subject: [PATCH] CVE-2017-1000366: Ignore LD_LIBRARY_PATH for AT_SECURE=1
 programs [BZ #21624]

LD_LIBRARY_PATH can only be used to reorder system search paths, which
is not useful functionality.

This makes an exploitable unbounded alloca in _dl_init_paths unreachable
for AT_SECURE=1 programs.

patch from:
https://sourceware.org/git/?p=glibc.git;a=commit;h=f6110a8fee2ca36f8e2d2abecf3cba9fa7b8ea7d
---
 ChangeLog  | 7 +++++++
 elf/rtld.c | 3 ++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/elf/rtld.c b/elf/rtld.c
index 2446a87..2269dbe 100644
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -2422,7 +2422,8 @@ process_envvars (enum mode *modep)
 
 	case 12:
 	  /* The library search path.  */
-	  if (memcmp (envline, "LIBRARY_PATH", 12) == 0)
+	  if (!__libc_enable_secure
+	      && memcmp (envline, "LIBRARY_PATH", 12) == 0)
 	    {
 	      library_path = &envline[13];
 	      break;
-- 
2.9.3

ef='/guix/refs/?id=955e7d628d6759e8be0d5fb2d8ca9ab4c99a54bf'>refs</a><a class='active' href='/guix/log/tests/elm.scm'>log</a><a href='/guix/tree/tests/elm.scm?id=955e7d628d6759e8be0d5fb2d8ca9ab4c99a54bf'>tree</a><a href='/guix/commit/tests/elm.scm?id=955e7d628d6759e8be0d5fb2d8ca9ab4c99a54bf'>commit</a><a href='/guix/diff/tests/elm.scm?id=955e7d628d6759e8be0d5fb2d8ca9ab4c99a54bf'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/tests/elm.scm'>
<input type='hidden' name='id' value='955e7d628d6759e8be0d5fb2d8ca9ab4c99a54bf'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=955e7d628d6759e8be0d5fb2d8ca9ab4c99a54bf'>root</a>/<a href='/guix/log/tests?id=955e7d628d6759e8be0d5fb2d8ca9ab4c99a54bf'>tests</a>/<a href='/guix/log/tests/elm.scm?id=955e7d628d6759e8be0d5fb2d8ca9ab4c99a54bf'>elm.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/tests/elm.scm?id=955e7d628d6759e8be0d5fb2d8ca9ab4c99a54bf&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2022-05-22 01:07:52 +0200'>2022-05-22</span></td><td><a href='/guix/commit/tests/elm.scm?id=903c82583e1cec4c9ff09d5895c5cc646c37b661'>import: Add Elm importer.</a><span class='msg-avail'>...<span class='msg-tooltip'>* guix/import/elm.scm, guix/scripts/import/elm.scm: New files.
* Makefile.am (MODULES): Add them.
* guix/scripts/import.scm (importers): Add "elm".
* doc/guix.texi (Invoking guix import): Document Elm importer.
* doc/contributing.texi (Elm Packages): Mention it.
* tests/elm.scm ("(guix import elm)"): New test group.

Signed-off-by: Ludovic Courtès &lt;ludo@gnu.org&gt;
</span></span></td><td>Philip McGrath</td></tr>
<tr><td><span title='2022-05-22 01:07:51 +0200'>2022-05-22</span></td><td><a href='/guix/commit/tests/elm.scm?id=aefcfdd0ae2aa41adb3d1106752b6a291ef1d80f'>guix: Add elm-build-system.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/patches/elm-offline-package-registry.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/elm.scm (elm): Use it.
* guix/build-system/elm.scm, guix/build/elm-build-system.scm,
tests/elm.scm: New files.
* Makefile.scm (MODULES, SCM_TESTS): Add them.
* doc/guix.texi (Build Systems): Document 'elm-build-system'.
* doc/contributing.texi (Elm Packages): New section. Document naming
conventions and utilities.

Signed-off-by: Ludovic Courtès &lt;ludo@gnu.org&gt;
</span></span></td><td>Philip McGrath</td></tr>