diff options
| author | Oswald Buddenhagen <oswald.buddenhagen@nokia.com> | 2010-09-22 20:05:03 +0200 |
|---|---|---|
| committer | Oswald Buddenhagen <oswald.buddenhagen@nokia.com> | 2010-09-22 20:05:03 +0200 |
| commit | 3c00715c8e90c57953ec4a8716110f6954e524e4 (patch) | |
| tree | dfd8b2f3a21bbadc93992e12e004080df3c97dd4 | |
| parent | 245f8652b83b24b7f60881fd27e62f1c7c98becc (diff) | |
| download | qt-creator-1.3.tar.gz | |
fix security hole: don't add an empty element to LD_LIBRARY_PATH1.3
if LD_LIBRARY_PATH was empty, the wrapper script would add the empty
element to the path.
> The trailing colon is treated by ld.so as another item on the list,
> and empty items are treated as '.' (CWD). Therefore, if a user
> executes qtcreator from a directory where there's a library that would
> have normally been loaded from the standard library paths the local
> library would be loaded instead.
> This has the potential effect of arbitrary code execution.
Reviewed-by: thiago
Task-number: CVE-2010-3374
| -rwxr-xr-x | bin/qtcreator | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/bin/qtcreator b/bin/qtcreator index dc154aa199..6da961a927 100755 --- a/bin/qtcreator +++ b/bin/qtcreator @@ -31,6 +31,6 @@ fi bindir=`dirname "$me"` libdir=`cd "${bindir}/../lib" ; pwd` -LD_LIBRARY_PATH="${libdir}/qtcreator:${LD_LIBRARY_PATH}" +LD_LIBRARY_PATH="${libdir}/qtcreator${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}" export LD_LIBRARY_PATH exec "${bindir}/qtcreator.bin" ${1+"$@"} |