Fix local root vulnerability.

Security: Advisory will be coming soon. X-MFC-After: 30 seconds
author: cperciva <cperciva@FreeBSD.org> 2009-12-01 02:57:06 +0000
committer: cperciva <cperciva@FreeBSD.org> 2009-12-01 02:57:06 +0000
commit: dbccfb34d9a4442db60f517065d3c3f6596eb745 (patch)
tree: 78deeb0432a9f1429974257081eb66d1477babc8 /libexec
parent: 1f48c677b57a5904d8da8f832f04e5037fb047bb (diff)
download: FreeBSD-src-dbccfb34d9a4442db60f517065d3c3f6596eb745.zip
FreeBSD-src-dbccfb34d9a4442db60f517065d3c3f6596eb745.tar.gz
1 files changed, 6 insertions, 6 deletions
diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c
index bffae60..cab8c87d 100644
--- a/libexec/rtld-elf/rtld.c
+++ b/libexec/rtld-elf/rtld.c
@@ -366,12 +366,12 @@ _rtld(Elf_Addr *sp, func_ptr_type *exit_proc, Obj_Entry **objp)
      * future processes to honor the potentially un-safe variables.
      */
     if (!trust) {
-        unsetenv(LD_ "PRELOAD");
-        unsetenv(LD_ "LIBMAP");
-        unsetenv(LD_ "LIBRARY_PATH");
-        unsetenv(LD_ "LIBMAP_DISABLE");
-        unsetenv(LD_ "DEBUG");
-        unsetenv(LD_ "ELF_HINTS_PATH");
+        if (unsetenv(LD_ "PRELOAD") || unsetenv(LD_ "LIBMAP") ||
+	    unsetenv(LD_ "LIBRARY_PATH") || unsetenv(LD_ "LIBMAP_DISABLE") ||
+	    unsetenv(LD_ "DEBUG") || unsetenv(LD_ "ELF_HINTS_PATH")) {
+		_rtld_error("environment corrupt; aborting");
+		die();
+	}
     }
     ld_debug = getenv(LD_ "DEBUG");
     libmap_disable = getenv(LD_ "LIBMAP_DISABLE") != NULL;
author	cperciva <cperciva@FreeBSD.org>	2009-12-01 02:57:06 +0000
committer	cperciva <cperciva@FreeBSD.org>	2009-12-01 02:57:06 +0000
commit	dbccfb34d9a4442db60f517065d3c3f6596eb745 (patch)
tree	78deeb0432a9f1429974257081eb66d1477babc8 /libexec
parent	1f48c677b57a5904d8da8f832f04e5037fb047bb (diff)
download	FreeBSD-src-dbccfb34d9a4442db60f517065d3c3f6596eb745.zip FreeBSD-src-dbccfb34d9a4442db60f517065d3c3f6596eb745.tar.gz