From patchwork Thu Jun 12 11:53:20 2014
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Stefan Liebler <stli@linux.vnet.ibm.com>
X-Patchwork-Id: 1465
Received: (qmail 28119 invoked by alias); 12 Jun 2014 11:53:39 -0000
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Unsubscribe: <mailto:libc-alpha-unsubscribe-##L=##H@sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>,
	<http://sourceware.org/ml/#faqs>
Sender: libc-alpha-owner@sourceware.org
Delivered-To: mailing list libc-alpha@sourceware.org
Received: (qmail 28106 invoked by uid 89); 12 Jun 2014 11:53:38 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-2.4 required=5.0 tests=AWL, BAYES_00,
	RCVD_IN_DNSWL_NONE, RP_MATCHES_RCVD, SPF_HELO_PASS,
	SPF_PASS autolearn=ham version=3.3.2
X-HELO: plane.gmane.org
To: libc-alpha@sourceware.org
From: Stefan Liebler <stli@linux.vnet.ibm.com>
Subject: Re: [PATCH] posix_spawn_file_actions_addopen needs to copy the path
	argument (BZ 17048)
Date: Thu, 12 Jun 2014 13:53:20 +0200
Lines: 52
Message-ID: <lnc4bg$qk0$1@ger.gmane.org>
References: <5398C182.4040906@redhat.com>
Mime-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
	rv:24.0) Gecko/20100101 Thunderbird/24.5.0
In-Reply-To: <5398C182.4040906@redhat.com>

On 06/11/2014 10:52 PM, Florian Weimer wrote:
> POSIX requires that we make a copy, so we allocate a new string and free
> it in posix_spawn_file_actions_destroy.
>
> The reporters (David Reid, Alex Gaynor, and Glyph Lefkowitz) are
> concerned that not the old behavior could result in security
> vulnerabilities in applications, and I agree that this cannot be ruled out.
>

Hi,

on s390 the test elf/check-localplt fails with this patch due to a call 
to strdup@plt in function posix_spawn_file_actions_addopen.

Including string.h solves the issue on s390/s390x.
Please retest and commit.

Bye
---
2014-06-12  Stefan Liebler  <stli@linux.vnet.ibm.com>

	* posix/spawn_faction_addopen.c:
	Include string.h to avoid strdup@plt call.
---

diff --git a/posix/spawn_faction_addopen.c b/posix/spawn_faction_addopen.c
index 40800b8..eba158c 100644
--- a/posix/spawn_faction_addopen.c
+++ b/posix/spawn_faction_addopen.c
@@ -18,6 +18,7 @@
 #include <errno.h>
 #include <spawn.h>
 #include <unistd.h>
+#include <string.h>
 
 #include "spawn_int.h"