From ff252cb48d9bd827d262eb2633fecaff47c6fe5c Mon Sep 17 00:00:00 2001 From: Diego Elio 'Flameeyes' Pettenò Date: Sat, 4 Jul 2009 13:12:32 +0200 Subject: Check for the library containing the backtrace() function. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On FreeBSD the backtrace() function as well as the execinfo.h headers are provided by libexecinfo (an optional package). PulseAudio “automagically” identifies execinfo.h and proceeds to use it, but then will fail to link against the library. Thanks to Alexis Ballier for reporting. --- configure.ac | 1 + 1 file changed, 1 insertion(+) diff --git a/configure.ac b/configure.ac index 00121f82..9c96d1c5 100644 --- a/configure.ac +++ b/configure.ac @@ -388,6 +388,7 @@ AC_SEARCH_LIBS([timer_create], [rt]) # BSD AC_SEARCH_LIBS([connect], [socket]) +AC_SEARCH_LIBS([backtrace], [execinfo]) # Non-standard -- cgit From 61fefd67dab01011d97a06b7e3dd51101d5f5749 Mon Sep 17 00:00:00 2001 From: Colin Guthrie Date: Sun, 12 Jul 2009 20:43:21 +0100 Subject: introspect: Fix two memory issues in port handling code. First one is a simple typo on an error condition that would have likely caused issues if it ever cropped up. Second issue is that port information is never actually freed if everything works fine. --- src/pulse/introspect.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/pulse/introspect.c b/src/pulse/introspect.c index 3414f7de..27a587cb 100644 --- a/src/pulse/introspect.c +++ b/src/pulse/introspect.c @@ -212,8 +212,8 @@ static void context_get_sink_info_callback(pa_pdispatch *pd, uint32_t command, u pa_tagstruct_getu32(t, &i.ports[0][j].priority) < 0) { pa_context_fail(o->context, PA_ERR_PROTOCOL); - pa_xfree(i.ports); pa_xfree(i.ports[0]); + pa_xfree(i.ports); pa_proplist_free(i.proplist); goto finish; } @@ -250,6 +250,10 @@ static void context_get_sink_info_callback(pa_pdispatch *pd, uint32_t command, u cb(o->context, &i, 0, o->userdata); } + if (i.ports) { + pa_xfree(i.ports[0]); + pa_xfree(i.ports); + } pa_proplist_free(i.proplist); } } @@ -479,6 +483,10 @@ static void context_get_source_info_callback(pa_pdispatch *pd, uint32_t command, cb(o->context, &i, 0, o->userdata); } + if (i.ports) { + pa_xfree(i.ports[0]); + pa_xfree(i.ports); + } pa_proplist_free(i.proplist); } } -- cgit From 84200b423ebfa7e2dad9b1b65f64eac7bf3d2114 Mon Sep 17 00:00:00 2001 From: Diego Elio 'Flameeyes' Pettenò Date: Tue, 7 Jul 2009 20:51:53 +0200 Subject: Remove exploitable LD_BIND_NOW hack (CVE-2009-1894). Instead of trying to re-execute pulseaudio itself with LD_BIND_NOW set, just find the correct flag for the linker to request immediate bindings (all ELF files support that option), and use that when linking the daemon. Reduce the amount of compiled and executed code as well. --- configure.ac | 6 ++++++ src/Makefile.am | 4 ++-- src/daemon/main.c | 22 ---------------------- 3 files changed, 8 insertions(+), 24 deletions(-) diff --git a/configure.ac b/configure.ac index 9c96d1c5..cc7f674a 100644 --- a/configure.ac +++ b/configure.ac @@ -113,6 +113,12 @@ CC_CHECK_LDFLAGS([${tmp_ldflag}], [VERSIONING_LDFLAGS='-Wl,-version-script=$(srcdir)/map-file']) AC_SUBST([VERSIONING_LDFLAGS]) +dnl Use immediate (now) bindings; avoids the funky re-call in itself +dnl the -z now syntax is lifted from Sun's linker and works with GNU's too +dnl other linkes might be added later +CC_CHECK_LDFLAGS([-Wl,-z,now], [IMMEDIATE_LDFLAGS="-Wl,-z,now"]) +AC_SUBST([IMMEDIATE_LDFLAGS]) + dnl Check for the proper way to build libraries that have no undefined dnl symbols; on some hosts this needs to be avoided but the macro dnl takes care of it. diff --git a/src/Makefile.am b/src/Makefile.am index 7ebf1f8a..ac627c84 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -183,9 +183,9 @@ PREOPEN_LIBS = $(modlibexec_LTLIBRARIES) endif if FORCE_PREOPEN -pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f)) +pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f)) else -pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f)) +pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f)) endif ################################### diff --git a/src/daemon/main.c b/src/daemon/main.c index eb378d24..0f6fc907 100644 --- a/src/daemon/main.c +++ b/src/daemon/main.c @@ -401,28 +401,6 @@ int main(int argc, char *argv[]) { pa_log_set_level(PA_LOG_NOTICE); pa_log_set_flags(PA_LOG_COLORS|PA_LOG_PRINT_FILE|PA_LOG_PRINT_LEVEL, PA_LOG_RESET); -#if defined(__linux__) && defined(__OPTIMIZE__) - /* - Disable lazy relocations to make usage of external libraries - more deterministic for our RT threads. We abuse __OPTIMIZE__ as - a check whether we are a debug build or not. - */ - - if (!getenv("LD_BIND_NOW")) { - char *rp; - - /* We have to execute ourselves, because the libc caches the - * value of $LD_BIND_NOW on initialization. */ - - pa_set_env("LD_BIND_NOW", "1"); - - if ((rp = pa_readlink("/proc/self/exe"))) - pa_assert_se(execv(rp, argv) == 0); - else - pa_log_warn("Couldn't read /proc/self/exe, cannot self execute. Running in a chroot()?"); - } -#endif - if ((e = getenv("PULSE_PASSED_FD"))) { passed_fd = atoi(e); -- cgit