Bug 730336
Summary: | The libmagic ELF Program Header table parser does not work correctly | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | David Howells <dhowells> | ||||||||
Component: | file | Assignee: | Jan Kaluža <jkaluza> | ||||||||
Status: | CLOSED ERRATA | QA Contact: | BaseOS QE Security Team <qe-baseos-security> | ||||||||
Severity: | urgent | Docs Contact: | |||||||||
Priority: | urgent | ||||||||||
Version: | 6.1 | CC: | borgan, ddumas, jwest, kbaker, mvadkert, ovasik, santiago, syeghiay | ||||||||
Target Milestone: | rc | ||||||||||
Target Release: | --- | ||||||||||
Hardware: | All | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | file-5.04-10.el6 | Doc Type: | Bug Fix | ||||||||
Doc Text: |
Prior to this update, the file utility did not parse ELF (Executable and Linkable Format) binary files correctly. If an entry in the program header table contained a file offset beyond the end of file (EOF) character, dynamically linked files were reported as being linked statically. This bug has been fixed, and the file utility now recognizes files in the described scenario correctly.
|
Story Points: | --- | ||||||||
Clone Of: | |||||||||||
: | 730676 (view as bug list) | Environment: | |||||||||
Last Closed: | 2011-09-07 13:38:55 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | |||||||||||
Bug Blocks: | 730347, 730676, 731336 | ||||||||||
Attachments: |
|
Description
David Howells
2011-08-12 14:24:42 UTC
Created attachment 518037 [details]
Test data: pre-RELRO debug file from keyutils
Created attachment 518039 [details]
Test data: post-RELRO debug file from keyutils
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unfortunately unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux. If you would like it considered as an exception in the current release, please ask your support representative. Created attachment 518249 [details]
proposed patch
Proposed patch fixes the problem for me. I will send it upstream. It works for me when applied to the RHEL-6 package. One note: the parser now goes backwards through the program header table instead of forwards. I don't think this should make a difference, though. Yeah, it goes backward but it should not cause any problem. It should not matter. This issue is reported upstream as http://bugs.gw.com/view.php?id=134 Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Prior to this update, the file utility did not parse ELF (Executable and Linkable Format) binary files correctly. If an entry in the program header table contained a file offset beyond the end of file (EOF) character, dynamically linked files were reported as being linked statically. This bug has been fixed, and the file utility now recognizes files in the described scenario correctly. (In reply to comment #18) > Prior to this update, the file utility did not parse ELF (Executable and > Linkable Format) binary files correctly. If an entry in the program header > table contained a file offset beyond the end of file (EOF) character, > dynamically linked files were reported as being linked statically. This bug has > been fixed, and the file utility now recognizes files in the described scenario > correctly. There isn't really an EOF character, per se. I would drop the word 'character' from that. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-0934.html |