[pulseaudio-commits] [SCM] PulseAudio Sound Server branch, 0.9.15-stable, updated. v0.9.15-30-ga29c6f8

Colin Guthrie gitmailer-noreply at 0pointer.de
Thu Jul 16 10:04:07 PDT 2009 

This is an automated email from the git hooks/post-receive script. It was
generated because of a push to the "PulseAudio Sound Server" repository.

The 0.9.15-stable branch has been updated
      from  dce6af5fefbcd68d52f6ff42509213406f62c57f (commit)

- Log -----------------------------------------------------------------
a29c6f8 Add missing headers' include to build on FreeBSD 7.1.
abf6dfb Remove exploitable LD_BIND_NOW hack (CVE-2009-1894).
-----------------------------------------------------------------------

Summary of changes:
 configure.ac                  |    6 ++++++
 src/Makefile.am               |    4 ++--
 src/daemon/main.c             |   22 ----------------------
 src/modules/rtp/rtsp_client.c |    1 +
 src/pulsecore/parseaddr.c     |    2 ++
 5 files changed, 11 insertions(+), 24 deletions(-)

-----------------------------------------------------------------------

commit abf6dfbc625006f08fb30fef5814d0c7eb57e2ee
Author: Diego Elio 'Flameeyes' Pettenò <flameeyes at gmail.com>
Date:   Tue Jul 7 20:51:53 2009 +0200

    Remove exploitable LD_BIND_NOW hack (CVE-2009-1894).
    
    Instead of trying to re-execute pulseaudio itself with LD_BIND_NOW set,
    just find the correct flag for the linker to request immediate bindings
    (all ELF files support that option), and use that when linking the daemon.
    
    Reduce the amount of compiled and executed code as well.

diff --git a/configure.ac b/configure.ac
index 25cee57..690c2a8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -114,6 +114,12 @@ CC_CHECK_LDFLAGS([${tmp_ldflag}],
     [VERSIONING_LDFLAGS='-Wl,-version-script=$(srcdir)/map-file'])
 AC_SUBST([VERSIONING_LDFLAGS])
 
+dnl Use immediate (now) bindings; avoids the funky re-call in itself
+dnl  the -z now syntax is lifted from Sun's linker and works with GNU's too
+dnl  other linkes might be added later
+CC_CHECK_LDFLAGS([-Wl,-z,now], [IMMEDIATE_LDFLAGS="-Wl,-z,now"])
+AC_SUBST([IMMEDIATE_LDFLAGS])
+
 dnl Check whether to build tests by default (as compile-test) or not
 AC_ARG_ENABLE([default-build-tests],
     AS_HELP_STRING([--disable-default-build-tests], [Build test programs only during make check]))
diff --git a/src/Makefile.am b/src/Makefile.am
index 0d4f53a..413cae1 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -153,9 +153,9 @@ PREOPEN_LIBS = $(modlibexec_LTLIBRARIES)
 endif
 
 if FORCE_PREOPEN
-pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f))
+pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f))
 else
-pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f))
+pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f))
 endif
 
 if HAVE_POLKIT
diff --git a/src/daemon/main.c b/src/daemon/main.c
index c456e6d..4499ea3 100644
--- a/src/daemon/main.c
+++ b/src/daemon/main.c
@@ -399,28 +399,6 @@ int main(int argc, char *argv[]) {
     pa_log_set_level(PA_LOG_NOTICE);
     pa_log_set_flags(PA_LOG_COLORS|PA_LOG_PRINT_FILE|PA_LOG_PRINT_LEVEL, PA_LOG_RESET);
 
-#if defined(__linux__) && defined(__OPTIMIZE__)
-    /*
-       Disable lazy relocations to make usage of external libraries
-       more deterministic for our RT threads. We abuse __OPTIMIZE__ as
-       a check whether we are a debug build or not.
-    */
-
-    if (!getenv("LD_BIND_NOW")) {
-        char *rp;
-
-        /* We have to execute ourselves, because the libc caches the
-         * value of $LD_BIND_NOW on initialization. */
-
-        pa_set_env("LD_BIND_NOW", "1");
-
-        if ((rp = pa_readlink("/proc/self/exe")))
-            pa_assert_se(execv(rp, argv) == 0);
-        else
-            pa_log_warn("Couldn't read /proc/self/exe, cannot self execute. Running in a chroot()?");
-    }
-#endif
-
 #ifdef HAVE_GETUID
     real_root = getuid() == 0;
     suid_root = !real_root && geteuid() == 0;

commit a29c6f86e0853ba65013c029c3bd68b7eb65092f
Author: Diego Elio 'Flameeyes' Pettenò <flameeyes at gmail.com>
Date:   Fri May 15 23:42:43 2009 +0200

    Add missing headers' include to build on FreeBSD 7.1.

diff --git a/src/modules/rtp/rtsp_client.c b/src/modules/rtp/rtsp_client.c
index 629328a..cb037de 100644
--- a/src/modules/rtp/rtsp_client.c
+++ b/src/modules/rtp/rtsp_client.c
@@ -30,6 +30,7 @@
 #include <arpa/inet.h>
 #include <unistd.h>
 #include <sys/ioctl.h>
+#include <netinet/in.h>
 
 #ifdef HAVE_SYS_FILIO_H
 #include <sys/filio.h>
diff --git a/src/pulsecore/parseaddr.c b/src/pulsecore/parseaddr.c
index 5b53122..4ec3389 100644
--- a/src/pulsecore/parseaddr.c
+++ b/src/pulsecore/parseaddr.c
@@ -25,6 +25,8 @@
 
 #include <string.h>
 #include <stdlib.h>
+#include <arpa/inet.h>
+#include <sys/socket.h>
 
 #include <pulse/xmalloc.h>
 #include <pulse/util.h>

-- 
hooks/post-receive
PulseAudio Sound Server

More information about the pulseaudio-commits mailing list