[mingw-libltdl: 17/42] - Fix CVE-2009-3736 (#563980, #537941) - Change define macros into global macros

epienbro epienbro at fedoraproject.org
Wed Mar 7 19:30:21 UTC 2012 

commit d83395cf6436f2df5a7bdc696d2a2ef7be7ff4bc
Author: Hans Ulrich Niedermann <ndim at fedoraproject.org>
Date:   Thu Feb 11 19:18:27 2010 +0000

    - Fix CVE-2009-3736 (#563980, #537941)
    - Change define macros into global macros

 ...of-libltdl-changes-from-the-2.26b-release.patch |  119 ++++++++++++++++++++
 mingw32-libltdl.spec                               |   26 +++--
 2 files changed, 136 insertions(+), 9 deletions(-)
---
diff --git a/libtool-1.5.26-Backport-of-libltdl-changes-from-the-2.26b-release.patch b/libtool-1.5.26-Backport-of-libltdl-changes-from-the-2.26b-release.patch
new file mode 100644
index 0000000..912a128
--- /dev/null
+++ b/libtool-1.5.26-Backport-of-libltdl-changes-from-the-2.26b-release.patch
@@ -0,0 +1,119 @@
+From 29b48580df75f0c5baa2962548a4c101ec7ed7ec Mon Sep 17 00:00:00 2001
+From: Peter O'Gorman <peter at pogma.com>
+Date: Tue, 24 Nov 2009 11:27:45 -0600
+Subject: [PATCH] Backport of libltdl changes from the 2.26b release.
+
+* libltdl/,tdl.c: Backport changes.
+---
+ ChangeLog      |    5 +++++
+ libltdl/ltdl.c |   23 +++++++++++++++--------
+ 2 files changed, 20 insertions(+), 8 deletions(-)
+
+diff --git a/ChangeLog b/ChangeLog
+index e164eda..98bed36 100644
+--- a/ChangeLog
++++ b/ChangeLog
+@@ -1,3 +1,8 @@
++2009-11-24  Peter O'Gorman  <peter at pogma.com>
++
++	Backport of libltdl changes from the 2.26b release.
++	* libltdl/,tdl.c: Backport changes.
++
+ 2008-02-27  Peter O'Gorman  <peter at pogma.com>
+ 
+ 	* libtool.m4 [darwin]: Really use _lt_dar_allow_undefined for
+diff --git a/libltdl/ltdl.c b/libltdl/ltdl.c
+index b747b70..2ef8e0e 100644
+--- a/libltdl/ltdl.c
++++ b/libltdl/ltdl.c
+@@ -2192,7 +2192,8 @@ static	int	trim		      LT_PARAMS((char **dest,
+ static	int	try_dlopen	      LT_PARAMS((lt_dlhandle *handle,
+ 						 const char *filename));
+ static	int	tryall_dlopen	      LT_PARAMS((lt_dlhandle *handle,
+-						 const char *filename));
++						 const char *filename,
++						 const char * useloader));
+ static	int	unload_deplibs	      LT_PARAMS((lt_dlhandle handle));
+ static	int	lt_argz_insert	      LT_PARAMS((char **pargz,
+ 						 size_t *pargz_len,
+@@ -2390,9 +2391,10 @@ lt_dlexit ()
+ }
+ 
+ static int
+-tryall_dlopen (handle, filename)
++tryall_dlopen (handle, filename, useloader)
+      lt_dlhandle *handle;
+      const char *filename;
++     const char *useloader;
+ {
+   lt_dlhandle	 cur;
+   lt_dlloader   *loader;
+@@ -2459,6 +2461,11 @@ tryall_dlopen (handle, filename)
+ 
+   while (loader)
+     {
++      if (useloader && strcmp(loader->loader_name, useloader))
++	{
++	  loader = loader->next;
++	  continue;
++	}
+       lt_user_data data = loader->dlloader_data;
+ 
+       cur->module = loader->module_open (data, filename);
+@@ -2528,7 +2535,7 @@ tryall_dlopen_module (handle, prefix, dirname, dlname)
+       error += tryall_dlopen_module (handle,
+ 				     (const char *) 0, prefix, filename);
+     }
+-  else if (tryall_dlopen (handle, filename) != 0)
++  else if (tryall_dlopen (handle, filename, NULL) != 0)
+     {
+       ++error;
+     }
+@@ -2549,7 +2556,7 @@ find_module (handle, dir, libdir, dlname, old_name, installed)
+   /* Try to open the old library first; if it was dlpreopened,
+      we want the preopened version of it, even if a dlopenable
+      module is available.  */
+-  if (old_name && tryall_dlopen (handle, old_name) == 0)
++  if (old_name && tryall_dlopen (handle, old_name, "dlpreload") == 0)
+     {
+       return 0;
+     }
+@@ -2813,7 +2820,7 @@ find_handle_callback (filename, data, ignored)
+ 
+   /* Try to dlopen the file, but do not continue searching in any
+      case.  */
+-  if (tryall_dlopen (handle, filename) != 0)
++  if (tryall_dlopen (handle, filename,NULL) != 0)
+     *handle = 0;
+ 
+   return 1;
+@@ -3103,7 +3110,7 @@ try_dlopen (phandle, filename)
+       /* lt_dlclose()ing yourself is very bad!  Disallow it.  */
+       LT_DLSET_FLAG (*phandle, LT_DLRESIDENT_FLAG);
+ 
+-      if (tryall_dlopen (&newhandle, 0) != 0)
++      if (tryall_dlopen (&newhandle, 0, NULL) != 0)
+ 	{
+ 	  LT_DLFREE (*phandle);
+ 	  return 1;
+@@ -3225,7 +3232,7 @@ try_dlopen (phandle, filename)
+ 	    }
+ #endif
+ 	}
+-      if (!file)
++      else
+ 	{
+ 	  file = fopen (filename, LT_READTEXT_MODE);
+ 	}
+@@ -3412,7 +3419,7 @@ try_dlopen (phandle, filename)
+ #endif
+ 		   )))
+ 	{
+-          if (tryall_dlopen (&newhandle, filename) != 0)
++          if (tryall_dlopen (&newhandle, filename, NULL) != 0)
+             {
+               newhandle = NULL;
+             }
+-- 
+1.6.2.5
+
diff --git a/mingw32-libltdl.spec b/mingw32-libltdl.spec
index d9e9b20..acec6f4 100644
--- a/mingw32-libltdl.spec
+++ b/mingw32-libltdl.spec
@@ -1,19 +1,19 @@
-%define __strip %{_mingw32_strip}
-%define __objdump %{_mingw32_objdump}
-%define _use_internal_dependency_generator 0
-%define __find_requires %{_mingw32_findrequires}
-%define __find_provides %{_mingw32_findprovides}
-%define __debug_install_post %{_mingw32_debug_install_post}
+%global __strip %{_mingw32_strip}
+%global __objdump %{_mingw32_objdump}
+%global _use_internal_dependency_generator 0
+%global __find_requires %{_mingw32_findrequires}
+%global __find_provides %{_mingw32_findprovides}
+%global __debug_install_post %{_mingw32_debug_install_post}
 
 
 # Define this to run tests (requires Wine, and won't work inside mock or Koji).
 # Note: As of libtool-1.5.26, libltdl does not contain any tests at all.
-%define run_tests 0
+%global run_tests 0
 
 Summary:  Runtime libraries for GNU Libtool Dynamic Module Loader
 Name:     mingw32-libltdl
 Version:  1.5.26
-Release:  15%{?dist}
+Release:  16%{?dist}
 Group:    System Environment/Libraries
 # Even though the source package contains files under
 # "GPLv2+ and LGPLv2+ and GFDL", the binary RPM only ships LGPLv2+ code.
@@ -28,6 +28,9 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-%(%{__id_u} -n)
 # into running a prepared binary in that directory:
 Patch2:  libtool-1.5.24-relativepath.patch
 
+# CVE-2009-3736 (may load & exec code from current dir)
+Patch3:  libtool-1.5.26-Backport-of-libltdl-changes-from-the-2.26b-release.patch
+
 BuildRequires:  mingw32-filesystem >= 53
 BuildRequires:  mingw32-binutils
 BuildRequires:  mingw32-gcc
@@ -58,7 +61,8 @@ the rest of the GNU Autotools (including GNU Autoconf and GNU Automake).
 
 %prep
 %setup -n libtool-%{version} -q
-%patch2 -p1
+%patch2 -p1 -b .relativepath
+%patch3 -p1 -b .CVE-2009-3736
 
 %build
 export PATH=%{_mingw32_bindir}:$PATH
@@ -105,6 +109,10 @@ rm -rf %{buildroot}
 
 
 %changelog
+* Thu Feb 11 2010 Hans Ulrich Niedermann <hun at n-dimensional.de> - 1.5.26-16
+- Fix CVE-2009-3736 (#563980, #537941)
+- Change define macros into global macros
+
 * Sat Jan  2 2010 Hans Ulrich Niedermann <hun at n-dimensional.de> - 1.5.26-15
 - Automatically generate debuginfo subpackage

More information about the scm-commits mailing list