rpms / genwqe-tools

Clone
Source Code
GIT

Blame SOURCES/genwqe-user-4.0.18-disable-user-zlibpath.patch

c7 c7-alt c7-beta c8 c8-beta
  1.   b38c1b35eea11171afd7ed94231b3fa96901c664
  2.   SOURCES
  3.   genwqe-user-4.0.18-disable-user-zlibpath.patch
Blob History Raw
b38c1b 
diff -up genwqe-user-4.0.18/lib/software.c.orig genwqe-user-4.0.18/lib/software.c
b38c1b 
--- genwqe-user-4.0.18/lib/software.c.orig	2017-11-17 20:53:26.736854418 +0100
b38c1b 
+++ genwqe-user-4.0.18/lib/software.c	2017-11-17 20:55:34.200032915 +0100
b38c1b 
@@ -594,6 +594,9 @@ const z_crc_t *get_crc_table()
b38c1b 
 void zedc_sw_init(void)
b38c1b 
 {
b38c1b 
 	char *error;
b38c1b 
+
b38c1b 
+/* potential arbitrary code execution issue */
b38c1b 
+#if 0
b38c1b 
 	const char *zlib_path = getenv("ZLIB_PATH");
b38c1b
b38c1b 
 	/* User has setup environment variable to find libz.so.1 */
b38c1b 
@@ -604,6 +607,7 @@ void zedc_sw_init(void)
b38c1b 
 		if (handle != NULL)
b38c1b 
 			goto load_syms;
b38c1b 
 	}
b38c1b 
+#endif
b38c1b
b38c1b 
 	/* We saw dlopen returning non NULL value in case of passing ""! */
b38c1b 
 	if (strcmp(CONFIG_ZLIB_PATH, "") == 0) {

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation