From abf6dfbc625006f08fb30fef5814d0c7eb57e2ee Mon Sep 17 00:00:00 2001
From: Diego Elio 'Flameeyes' Pettenò <flameeyes@gmail.com>
Date: Tue, 7 Jul 2009 20:51:53 +0200
Subject: Remove exploitable LD_BIND_NOW hack (CVE-2009-1894).

Instead of trying to re-execute pulseaudio itself with LD_BIND_NOW set,
just find the correct flag for the linker to request immediate bindings
(all ELF files support that option), and use that when linking the daemon.

Reduce the amount of compiled and executed code as well.
---
 src/Makefile.am | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/Makefile.am')

diff --git a/src/Makefile.am b/src/Makefile.am
index 0d4f53af..413cae1e 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -153,9 +153,9 @@ PREOPEN_LIBS = $(modlibexec_LTLIBRARIES)
 endif
 
 if FORCE_PREOPEN
-pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f))
+pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f))
 else
-pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f))
+pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f))
 endif
 
 if HAVE_POLKIT
-- 
cgit