[pulseaudio-commits] [SCM] PulseAudio Sound Server branch, master, updated. v0.9.16-test2-4-g7e4509f

Colin Guthrie gitmailer-noreply at 0pointer.de
Thu Jul 16 09:44:07 PDT 2009 

This is an automated email from the git hooks/post-receive script. It was
generated because of a push to the "PulseAudio Sound Server" repository.

The master branch has been updated
      from  61fefd67dab01011d97a06b7e3dd51101d5f5749 (commit)

- Log -----------------------------------------------------------------
7e4509f Merge commit 'flameeyes/master'
84200b4 Remove exploitable LD_BIND_NOW hack (CVE-2009-1894).
ff252cb Check for the library containing the backtrace() function.
-----------------------------------------------------------------------

Summary of changes:
 configure.ac      |    7 +++++++
 src/Makefile.am   |    4 ++--
 src/daemon/main.c |   22 ----------------------
 3 files changed, 9 insertions(+), 24 deletions(-)

-----------------------------------------------------------------------

commit ff252cb48d9bd827d262eb2633fecaff47c6fe5c
Author: Diego Elio 'Flameeyes' Pettenò <flameeyes at gmail.com>
Date:   Sat Jul 4 13:12:32 2009 +0200

    Check for the library containing the backtrace() function.
    
    On FreeBSD the backtrace() function as well as the execinfo.h headers are
    provided by libexecinfo (an optional package). PulseAudio “automagically”
    identifies execinfo.h and proceeds to use it, but then will fail to link
    against the library.
    
    Thanks to Alexis Ballier for reporting.

diff --git a/configure.ac b/configure.ac
index 00121f8..9c96d1c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -388,6 +388,7 @@ AC_SEARCH_LIBS([timer_create], [rt])
 
 # BSD
 AC_SEARCH_LIBS([connect], [socket])
+AC_SEARCH_LIBS([backtrace], [execinfo])
 
 # Non-standard
 

commit 84200b423ebfa7e2dad9b1b65f64eac7bf3d2114
Author: Diego Elio 'Flameeyes' Pettenò <flameeyes at gmail.com>
Date:   Tue Jul 7 20:51:53 2009 +0200

    Remove exploitable LD_BIND_NOW hack (CVE-2009-1894).
    
    Instead of trying to re-execute pulseaudio itself with LD_BIND_NOW set,
    just find the correct flag for the linker to request immediate bindings
    (all ELF files support that option), and use that when linking the daemon.
    
    Reduce the amount of compiled and executed code as well.

diff --git a/configure.ac b/configure.ac
index 9c96d1c..cc7f674 100644
--- a/configure.ac
+++ b/configure.ac
@@ -113,6 +113,12 @@ CC_CHECK_LDFLAGS([${tmp_ldflag}],
     [VERSIONING_LDFLAGS='-Wl,-version-script=$(srcdir)/map-file'])
 AC_SUBST([VERSIONING_LDFLAGS])
 
+dnl Use immediate (now) bindings; avoids the funky re-call in itself
+dnl  the -z now syntax is lifted from Sun's linker and works with GNU's too
+dnl  other linkes might be added later
+CC_CHECK_LDFLAGS([-Wl,-z,now], [IMMEDIATE_LDFLAGS="-Wl,-z,now"])
+AC_SUBST([IMMEDIATE_LDFLAGS])
+
 dnl Check for the proper way to build libraries that have no undefined
 dnl symbols; on some hosts this needs to be avoided but the macro
 dnl takes care of it.
diff --git a/src/Makefile.am b/src/Makefile.am
index 7ebf1f8..ac627c8 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -183,9 +183,9 @@ PREOPEN_LIBS = $(modlibexec_LTLIBRARIES)
 endif
 
 if FORCE_PREOPEN
-pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f))
+pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f))
 else
-pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f))
+pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f))
 endif
 
 ###################################
diff --git a/src/daemon/main.c b/src/daemon/main.c
index eb378d2..0f6fc90 100644
--- a/src/daemon/main.c
+++ b/src/daemon/main.c
@@ -401,28 +401,6 @@ int main(int argc, char *argv[]) {
     pa_log_set_level(PA_LOG_NOTICE);
     pa_log_set_flags(PA_LOG_COLORS|PA_LOG_PRINT_FILE|PA_LOG_PRINT_LEVEL, PA_LOG_RESET);
 
-#if defined(__linux__) && defined(__OPTIMIZE__)
-    /*
-       Disable lazy relocations to make usage of external libraries
-       more deterministic for our RT threads. We abuse __OPTIMIZE__ as
-       a check whether we are a debug build or not.
-    */
-
-    if (!getenv("LD_BIND_NOW")) {
-        char *rp;
-
-        /* We have to execute ourselves, because the libc caches the
-         * value of $LD_BIND_NOW on initialization. */
-
-        pa_set_env("LD_BIND_NOW", "1");
-
-        if ((rp = pa_readlink("/proc/self/exe")))
-            pa_assert_se(execv(rp, argv) == 0);
-        else
-            pa_log_warn("Couldn't read /proc/self/exe, cannot self execute. Running in a chroot()?");
-    }
-#endif
-
     if ((e = getenv("PULSE_PASSED_FD"))) {
         passed_fd = atoi(e);
 

commit 7e4509f9e5a1add8bd7efaf69cefd35a291b6253
Merge: 61fefd6 84200b4
Author: Colin Guthrie <cguthrie at mandriva.org>
Date:   Thu Jul 16 17:41:25 2009 +0100

    Merge commit 'flameeyes/master'


-- 
hooks/post-receive
PulseAudio Sound Server

More information about the pulseaudio-commits mailing list