← Back to branch summary

~noskcaj/ubuntu/trusty/libextractor/merge

« back to all changes in this revision

Viewing changes to debian/patches/01-libtool.patch

  • Committer: Bazaar Package Importer
  • Author(s): Daniel Baumann
  • Date: 2009-12-27 14:44:18 UTC
  • mfrom: (5.3.3 squeeze)
  • Revision ID: james.westby@ubuntu.com-20091227144418-j52l2u5a634kgrpa
Tags: 0.5.23+dfsg-4
http://bugs.debian.org/559819
* Adding explicit debian source version 1.0 until switch to 3.0.
* Adding patch from Vincent Danen <vdanen@redhat.com> to fix flaw in
  embedded libtool [CVE-2009-3736] (Closes: #559819).

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/patches/01-libtool.patch
 
1
Author: Vincent Danen <vdanen@redhat.com>
 
2
Description:
 
3
 patch to fix the flaw in libtool 2.x [CVE-2009-3736] (Closes: #559819).
 
4
 
 
5
diff -Naurp libextractor.orig/libltdl/ltdl.c libextractor/libltdl/ltdl.c
 
6
--- libextractor.orig/libltdl/ltdl.c    2009-07-04 21:11:43.000000000 +0000
 
7
+++ libextractor/libltdl/ltdl.c 2009-12-27 13:32:27.000000000 +0000
 
8
@@ -529,7 +529,7 @@ find_module (lt_dlhandle *handle, const 
 
9
   /* Try to open the old library first; if it was dlpreopened,
 
10
      we want the preopened version of it, even if a dlopenable
 
11
      module is available.  */
 
12
-  if (old_name && tryall_dlopen (handle, old_name, advise, 0) == 0)
 
13
+  if (old_name && tryall_dlopen (handle, old_name, advise, lt_dlloader_find ("lt_preopen") ) == 0)
 
14
     {
 
15
       return 0;
 
16
     }
 
17
@@ -1345,7 +1345,7 @@ try_dlopen (lt_dlhandle *phandle, const 
 
18
            }
 
19
 #endif
 
20
        }
 
21
-      if (!file)
 
22
+      else
 
23
        {
 
24
          file = fopen (attempt, LT_READTEXT_MODE);
 
25
        }