rpms/gcc/F-12 gcc44-CVE-2009-3736.patch, NONE, 1.1 gcc.spec, 1.94, 1.95

Jakub Jelinek jakub at fedoraproject.org
Wed Dec 2 22:55:27 UTC 2009 

Author: jakub

Update of /cvs/pkgs/rpms/gcc/F-12
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv29193

Modified Files:
	gcc.spec 
Added Files:
	gcc44-CVE-2009-3736.patch 
Log Message:
4.4.2-13

gcc44-CVE-2009-3736.patch:
 acinclude.m4 |    2 +-
 configure    |    8 ++++----
 ltdl.c       |   23 +++++++++++++++--------
 3 files changed, 20 insertions(+), 13 deletions(-)

--- NEW FILE gcc44-CVE-2009-3736.patch ---
2009-12-02  Jakub Jelinek  <jakub at redhat.com>

	* acinclude.m4: Regenerated to pick:
	2007-06-22 Ralf Wildenhues <Ralf.Wildenhues at gmx.de>

	* libtool.m4 (AC_LIBTOOL_SYS_DYNAMIC_LINKER) [linux]:
	Ignore lines in ld.so.conf starting with 'hwcap '.

	* configure: Regenerated.

	2009-11-24  Peter O'Gorman  <peter at pogma.com>

	Backport of libltdl changes from the 2.26b release.
	* ltdl.c: Backport changes.

--- libjava/libltdl/ltdl.c.jj	2008-09-05 12:57:53.000000000 +0200
+++ libjava/libltdl/ltdl.c	2009-12-02 18:19:11.000000000 +0100
@@ -2175,7 +2175,8 @@ static	int	trim		      LT_PARAMS((char *
 static	int	try_dlopen	      LT_PARAMS((lt_dlhandle *handle,
 						 const char *filename));
 static	int	tryall_dlopen	      LT_PARAMS((lt_dlhandle *handle,
-						 const char *filename));
+						 const char *filename,
+						 const char * useloader));
 static	int	unload_deplibs	      LT_PARAMS((lt_dlhandle handle));
 static	int	lt_argz_insert	      LT_PARAMS((char **pargz,
 						 size_t *pargz_len,
@@ -2361,9 +2362,10 @@ lt_dlexit ()
 }
 
 static int
-tryall_dlopen (handle, filename)
+tryall_dlopen (handle, filename, useloader)
      lt_dlhandle *handle;
      const char *filename;
+     const char *useloader;
 {
   lt_dlhandle	 cur;
   lt_dlloader   *loader;
@@ -2430,6 +2432,11 @@ tryall_dlopen (handle, filename)
 
   while (loader)
     {
+      if (useloader && strcmp(loader->loader_name, useloader))
+	{
+	  loader = loader->next;
+	  continue;
+	}
       lt_user_data data = loader->dlloader_data;
 
       cur->module = loader->module_open (data, filename);
@@ -2499,7 +2506,7 @@ tryall_dlopen_module (handle, prefix, di
       error += tryall_dlopen_module (handle,
 				     (const char *) 0, prefix, filename);
     }
-  else if (tryall_dlopen (handle, filename) != 0)
+  else if (tryall_dlopen (handle, filename, NULL) != 0)
     {
       ++error;
     }
@@ -2520,7 +2527,7 @@ find_module (handle, dir, libdir, dlname
   /* Try to open the old library first; if it was dlpreopened,
      we want the preopened version of it, even if a dlopenable
      module is available.  */
-  if (old_name && tryall_dlopen (handle, old_name) == 0)
+  if (old_name && tryall_dlopen (handle, old_name, "dlpreload") == 0)
     {
       return 0;
     }
@@ -2784,7 +2791,7 @@ find_handle_callback (filename, data, ig
 
   /* Try to dlopen the file, but do not continue searching in any
      case.  */
-  if (tryall_dlopen (handle, filename) != 0)
+  if (tryall_dlopen (handle, filename,NULL) != 0)
     *handle = 0;
 
   return 1;
@@ -3072,7 +3079,7 @@ try_dlopen (phandle, filename)
       /* lt_dlclose()ing yourself is very bad!  Disallow it.  */
       LT_DLSET_FLAG (*phandle, LT_DLRESIDENT_FLAG);
 
-      if (tryall_dlopen (&newhandle, 0) != 0)
+      if (tryall_dlopen (&newhandle, 0, NULL) != 0)
 	{
 	  LT_DLFREE (*phandle);
 	  return 1;
@@ -3194,7 +3201,7 @@ try_dlopen (phandle, filename)
 	    }
 #endif
 	}
-      if (!file)
+      else
 	{
 	  file = fopen (filename, LT_READTEXT_MODE);
 	}
@@ -3378,7 +3385,7 @@ try_dlopen (phandle, filename)
 #endif
 		   )))
 	{
-          if (tryall_dlopen (&newhandle, filename) != 0)
+          if (tryall_dlopen (&newhandle, filename, NULL) != 0)
             {
               newhandle = NULL;
             }
--- libjava/libltdl/acinclude.m4.jj	2008-09-05 12:57:53.000000000 +0200
+++ libjava/libltdl/acinclude.m4	2009-12-02 19:47:40.000000000 +0100
@@ -1527,7 +1527,7 @@ linux*)
 
   # Append ld.so.conf contents to the search path
   if test -f /etc/ld.so.conf; then
-    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:,\t]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[	 ]*hwcap[	 ]/d;s/[:,	]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
     sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff} $lt_ld_extra"
   fi
 
--- libjava/libltdl/configure.jj	2009-09-01 11:05:06.000000000 +0200
+++ libjava/libltdl/configure	2009-12-02 19:50:23.000000000 +0100
@@ -9160,7 +9160,7 @@ linux*)
 
   # Append ld.so.conf contents to the search path
   if test -f /etc/ld.so.conf; then
-    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:,\t]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[	 ]*hwcap[	 ]/d;s/[:,	]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
     sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff} $lt_ld_extra"
   fi
 
@@ -12576,7 +12576,7 @@ linux*)
 
   # Append ld.so.conf contents to the search path
   if test -f /etc/ld.so.conf; then
-    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:,\t]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[	 ]*hwcap[	 ]/d;s/[:,	]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
     sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff} $lt_ld_extra"
   fi
 
@@ -15489,7 +15489,7 @@ linux*)
 
   # Append ld.so.conf contents to the search path
   if test -f /etc/ld.so.conf; then
-    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:,\t]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[	 ]*hwcap[	 ]/d;s/[:,	]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
     sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff} $lt_ld_extra"
   fi
 
@@ -17916,7 +17916,7 @@ linux*)
 
   # Append ld.so.conf contents to the search path
   if test -f /etc/ld.so.conf; then
-    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:,\t]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[	 ]*hwcap[	 ]/d;s/[:,	]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
     sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff} $lt_ld_extra"
   fi
 


Index: gcc.spec
===================================================================
RCS file: /cvs/pkgs/rpms/gcc/F-12/gcc.spec,v
retrieving revision 1.94
retrieving revision 1.95
diff -u -p -r1.94 -r1.95
--- gcc.spec	2 Dec 2009 14:58:27 -0000	1.94
+++ gcc.spec	2 Dec 2009 22:55:26 -0000	1.95
@@ -3,7 +3,7 @@
 %global gcc_version 4.4.2
 # Note, gcc_release must be integer, if you want to add suffixes to
 # %{release}, append them after %{gcc_release} on Release: line.
-%global gcc_release 12
+%global gcc_release 13
 %global _unpackaged_files_terminate_build 0
 %global multilib_64_archs sparc64 ppc64 s390x x86_64
 %global include_gappletviewer 1
@@ -161,6 +161,7 @@ Patch16: gcc44-unwind-debug-hook.patch
 Patch17: gcc44-pr38757.patch
 Patch18: gcc44-libstdc++-docs.patch
 Patch19: gcc44-ppc64-aixdesc.patch
+Patch20: gcc44-CVE-2009-3736.patch
 
 Patch1000: fastjar-0.97-segfault.patch
 
@@ -466,6 +467,7 @@ which are required to compile with the G
 %patch18 -p0 -b .libstdc++-docs~
 %endif
 %patch19 -p0 -b .ppc64-aixdesc~
+%patch20 -p0 -b .CVE-2009-3736~
 
 # This testcase doesn't compile.
 rm libjava/testsuite/libjava.lang/PR35020*
@@ -1849,6 +1851,9 @@ fi
 %doc rpm.doc/changelogs/libmudflap/ChangeLog*
 
 %changelog
+* Wed Dec  2 2009 Jakub Jelinek <jakub at redhat.com> 4.4.2-13
+- fix security issues in libltdl bundled within libgcj (CVE-2009-3736)
+
 * Wed Dec  2 2009 Jakub Jelinek <jakub at redhat.com> 4.4.2-12
 - update from gcc-4_4-branch
   - PRs c++/42234, fortran/41278, fortran/41807, fortran/42162, target/42113,

More information about the fedora-extras-commits mailing list