Bug 1287752

Summary: find_elf_note invalid read if setenv has been called before libproc init
Product: Red Hat Enterprise Linux 7 Reporter: Branislav Náter <bnater>
Component: procps-ngAssignee: Jan Rybar <jrybar>
Status: CLOSED ERRATA QA Contact: Jan Houska <jhouska>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.3CC: albert, bnater, jkejda, ovasik, pandrade, sgaikwad, thatsafunnyname
Target Milestone: rcKeywords: Patch, Upstream
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: procps-ng-3.3.10-8.el7 Doc Type: Bug Fix
Doc Text:
Previously, behavior of the libproc library was unreliable when it was loaded with the dlopen() call after the environment was changed with the setenv() call. As a consequence, an invalid memory access error could occur in libproc. With this update, the find_elf_note() function obtains the auxiliary vector values using a different and safer method based on parsing the /proc/self/auxv file, and the described problem no longer occurs.
 Story Points: ---
Clone Of: 1163404 Environment:
Last Closed: 2016-11-04 06:36:59 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1163404, 1305230    
Attachments:
Description Flags
procps-ng-3.3.10-find_elf_note-memory-error-fix.patch
none
Modified patch resolving obtaining of env. variables. none

Comment 2 Jaromír Cápík 2016-01-14 12:57:12 UTC 
Created attachment 1114795 [details]
procps-ng-3.3.10-find_elf_note-memory-error-fix.patch
Comment 3 Jaromír Cápík 2016-01-14 13:15:24 UTC 
Fixed in Fedora rawhide (f24).
Comment 6 Jan Rybar 2016-07-07 12:10:47 UTC 
Created attachment 1177260 [details]
Modified patch resolving obtaining of env. variables.
Comment 11 errata-xmlrpc 2016-11-04 06:36:59 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2447.html