Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fix CVE-2010-3369 insecure library loading

  • Loading branch information...
commit 7afca5ade49f8112592b0495c4c31f9951ae6fc2 1 parent 04304e5
@jaalto jaalto authored Andrew Jorgensen committed
Showing with 34 additions and 4 deletions.
  1. +17 −2 build/mdb-symbolreader.in
  2. +17 −2 build/mdb.in
View
19 build/mdb-symbolreader.in
@@ -1,3 +1,18 @@
#!/bin/sh
-export LD_LIBRARY_PATH="@libdir@:${LD_LIBRARY_PATH}"
-exec @mono@ --debug @twodir@/mdb-symbolreader.exe $*
+
+Pathclean ()
+{
+ # Vulnerability fix for insecure path content
+ # Make sure "::", "^:" or ":$" is not left in path arg $1
+
+ local tmp
+ tmp=$(echo "$1" | sed -e 's/::\+// ; s/^:// ; s/:$//' )
+
+ [ "$tmp" ] && echo "$tmp"
+}
+
+LD_LIBRARY_PATH="@libdir@${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
+LD_LIBRARY_PATH=$(Pathclean "$LD_LIBRARY_PATH")
+export LD_LIBRARY_PATH
+
+exec @mono@ --debug @twodir@/mdb-symbolreader.exe "$@"
View
19 build/mdb.in
@@ -1,3 +1,18 @@
#!/bin/sh
-export LD_LIBRARY_PATH="@libdir@:${LD_LIBRARY_PATH}"
-exec @mono@ --debug @twodir@/mdb.exe $*
+
+Pathclean ()
+{
+ # Vulnerability fix for insecure path content
+ # Make sure "::", "^:" or ":$" is not left in path arg $1
+
+ local tmp
+ tmp=$(echo "$1" | sed -e 's/::\+// ; s/^:// ; s/:$//' )
+
+ [ "$tmp" ] && echo "$tmp"
+}
+
+LD_LIBRARY_PATH="@libdir@${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
+LD_LIBRARY_PATH=$(Pathclean "$LD_LIBRARY_PATH")
+export LD_LIBRARY_PATH
+
+exec @mono@ --debug @twodir@/mdb.exe "$@"
Please sign in to comment.
Something went wrong with that request. Please try again.