[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug-gettext] intl: Proof against invalid offset/length

From: Florian Weimer
Subject: Re: [bug-gettext] intl: Proof against invalid offset/length
Date: Mon, 23 Mar 2015 15:14:20 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0

On 03/21/2015 04:17 AM, Daiki Ueno wrote:
> Florian Weimer <address@hidden> writes:
>> The patch will use getauxval(AT_SECURE) or __libc_enable_secure (or
>> issetuugid on other systems, but which I cannot test).  It is not going
>> to be very portable.
> I see (though I'm a bit confused that you removed the use of
> __libc_enable_secure in CVE-2014-0475).  Can't you use secure_getenv,
> which Gnulib provides a replacement, compare the result with
> the normal getenv, and apply the pathname check if needed?

Hmm, I was under the impression that absolute paths for LANGUAGE were a
supported feature.  If that's not the case, we can just reject directory
traversal and confine lookups to the system locale directory, like we
did for the other locale files.

Florian Weimer / Red Hat Product Security

reply via email to

[Prev in Thread] Current Thread [Next in Thread]