mirrors/pulseaudio
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pulseaudio/pulseaudio.git synced 2025-11-23 06:59:53 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Remove exploitable LD_BIND_NOW hack (CVE-2009-1894).

Browse source 
Instead of trying to re-execute pulseaudio itself with LD_BIND_NOW set,
just find the correct flag for the linker to request immediate bindings
(all ELF files support that option), and use that when linking the daemon.

Reduce the amount of compiled and executed code as well.
This commit is contained in:
Diego Elio 'Flameeyes' Pettenò 2009-07-07 20:51:53 +02:00
parent ff252cb48d
commit 84200b423e
3 changed files with 8 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/Makefile.am
View file

@ -183,9 +183,9 @@ PREOPEN_LIBS = $(modlibexec_LTLIBRARIES)
endif
if FORCE_PREOPEN
pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f))
pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f))
else
pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f))
pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f))
endif
###################################