Ignore MALLOC_CONF in set{uid,gid,cap} binaries.
This eliminates the malloc tunables as tools for an attacker. Closes #173
This commit is contained in:
parent
e12eaf93dc
commit
b74041fb6e
18
configure.ac
18
configure.ac
@ -1108,6 +1108,24 @@ fi
|
||||
|
||||
CPPFLAGS="$CPPFLAGS -D_REENTRANT"
|
||||
|
||||
dnl Check if the GNU-specific secure_getenv function exists.
|
||||
AC_CHECK_FUNC([secure_getenv],
|
||||
[have_secure_getenv="1"],
|
||||
[have_secure_getenv="0"]
|
||||
)
|
||||
if test "x$have_secure_getenv" = "x1" ; then
|
||||
AC_DEFINE([JEMALLOC_HAVE_SECURE_GETENV], [ ])
|
||||
fi
|
||||
|
||||
dnl Check if the Solaris/BSD issetugid function exists.
|
||||
AC_CHECK_FUNC([issetugid],
|
||||
[have_issetugid="1"],
|
||||
[have_issetugid="0"]
|
||||
)
|
||||
if test "x$have_issetugid" = "x1" ; then
|
||||
AC_DEFINE([JEMALLOC_HAVE_ISSETUGID], [ ])
|
||||
fi
|
||||
|
||||
dnl Check whether the BSD-specific _malloc_thread_cleanup() exists. If so, use
|
||||
dnl it rather than pthreads TSD cleanup functions to support cleanup during
|
||||
dnl thread exit, in order to avoid pthreads library recursion during
|
||||
|
@ -66,6 +66,16 @@
|
||||
*/
|
||||
#undef JEMALLOC_OSSPIN
|
||||
|
||||
/*
|
||||
* Defined if secure_getenv(3) is available.
|
||||
*/
|
||||
#undef JEMALLOC_HAVE_SECURE_GETENV
|
||||
|
||||
/*
|
||||
* Defined if issetugid(2) is available.
|
||||
*/
|
||||
#undef JEMALLOC_HAVE_ISSETUGID
|
||||
|
||||
/*
|
||||
* Defined if _malloc_thread_cleanup() exists. At least in the case of
|
||||
* FreeBSD, pthread_key_create() allocates, which if used during malloc
|
||||
|
@ -648,6 +648,27 @@ stats_print_atexit(void)
|
||||
* Begin initialization functions.
|
||||
*/
|
||||
|
||||
#ifndef JEMALLOC_HAVE_SECURE_GETENV
|
||||
# ifdef JEMALLOC_HAVE_ISSETUGID
|
||||
static char *
|
||||
secure_getenv(const char *name)
|
||||
{
|
||||
|
||||
if (issetugid() == 0)
|
||||
return (getenv(name));
|
||||
else
|
||||
return (NULL);
|
||||
}
|
||||
# else
|
||||
static char *
|
||||
secure_getenv(const char *name)
|
||||
{
|
||||
|
||||
return (getenv(name));
|
||||
}
|
||||
# endif
|
||||
#endif
|
||||
|
||||
static unsigned
|
||||
malloc_ncpus(void)
|
||||
{
|
||||
@ -824,7 +845,7 @@ malloc_conf_init(void)
|
||||
#endif
|
||||
;
|
||||
|
||||
if ((opts = getenv(envname)) != NULL) {
|
||||
if ((opts = secure_getenv(envname)) != NULL) {
|
||||
/*
|
||||
* Do nothing; opts is already initialized to
|
||||
* the value of the MALLOC_CONF environment
|
||||
|
Loading…
Reference in New Issue
Block a user