From patchwork Sat Sep 3 20:22:23 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Aurelien Jarno X-Patchwork-Id: 665449 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3sRS9H5r6Kz9stY for ; Sun, 4 Sep 2016 06:22:59 +1000 (AEST) Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.b=SCJeJ4P+; dkim-atps=neutral DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:cc:subject:date:message-id; q=dns; s= default; b=mbJi6h7sogyQmJ5laFFe5My3sr9jtl3qM2Y86lc9vbjtaNpUgYCtZ EAM0CTa2+KKFtcNoK4csSuFyLA0yYxgZbGi4bHOLhVubNafXnjdD2R7hR5+XKNm2 CQv9Lu+z1wSnpprwtrrESeopc5+oBvFp1DFCFfMuBmn/r5f0NNTj6E= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:cc:subject:date:message-id; s=default; bh=wcVrLkDsGM23G6sIbtZtEI3NDKE=; b=SCJeJ4P+zcORGGspyvrB4WPKpx84 v/Oq2zp98FaKocte41MgszD+IZt2o64EiF3+u2YE5JlqvMLGL90asbgVTVtF7aEf hPHpMCtobJzQCMiOI3QQQ6QVfFNmfm5sfLysSQWQ2xkwOp+H8gEAN8XF8Kib51qD hiJG45CVS22CGnE= Received: (qmail 88281 invoked by alias); 3 Sep 2016 20:22:53 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 88265 invoked by uid 89); 3 Sep 2016 20:22:52 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-0.5 required=5.0 tests=BAYES_20, KAM_LAZY_DOMAIN_SECURITY, RP_MATCHES_RCVD autolearn=ham version=3.3.2 spammy=firmly, Over, INC, vulnerabilities X-HELO: hall.aurel32.net From: Aurelien Jarno To: libc-alpha@sourceware.org Cc: Aurelien Jarno Subject: [PATCH] conform tests: call perl with '-I.' Date: Sat, 3 Sep 2016 22:22:23 +0200 Message-Id: <20160903202223.14884-1-aurelien@aurel32.net> Historically perl includes the current directory in the module search path. Over the time this has been considered as a security issue and the recent vulnerabilities [1] made people to reconsider this behaviour. It is almost sure that this will be removed in the future [2], possibly for the 5.26 release, although this is not yet firmly decided. Debian has decided to backport the patches [3], so the perl binary in unstable do not have '.' in @INC anymore. This behaviour is used in the conform perl scripts to include the GlibcConform module. This patch fixes that by calling perl with '-I.'. This is not a security issue in this case as make ensures that the current directory is $(srcdir)/conform/ when the scripts are called. Passing the full path would do exactly the same. [1] CVE-2016-1238 CVE-2016-6185 [2] https://rt.perl.org/Public/Bug/Display.html?id=127810 [3] https://lists.debian.org/debian-devel-announce/2016/08/msg00013.html Changelog: * conform/Makefile (conformtest-header-tests): Pass -I. to $(PERL). (linknamespace-symlists-tests): Likewise. (linknamespace-header-tests): Likewise. --- ChangeLog | 6 ++++++ conform/Makefile | 6 +++--- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 07cc502..b9afb68 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2016-09-03 Aurelien Jarno + + * conform/Makefile (conformtest-header-tests): Pass -I. to $(PERL). + (linknamespace-symlists-tests): Likewise. + (linknamespace-header-tests): Likewise. + 2016-09-02 Roland McGrath * sysdeps/nacl/dup.c: Add libc_hidden_def. diff --git a/conform/Makefile b/conform/Makefile index 32a0937..b92a7d4 100644 --- a/conform/Makefile +++ b/conform/Makefile @@ -196,13 +196,13 @@ $(conformtest-header-tests): $(objpfx)%/conform.out: \ conformtest.pl $(conformtest-headers-data) (set -e; std_hdr=$*; std=$${std_hdr%%/*}; hdr=$${std_hdr#*/}; \ mkdir -p $(@D)/scratch; \ - $(PERL) conformtest.pl --tmpdir=$(@D)/scratch --cc='$(CC)' \ + $(PERL) -I. conformtest.pl --tmpdir=$(@D)/scratch --cc='$(CC)' \ --flags='$(conformtest-cc-flags)' --standard=$$std \ --headers=$$hdr > $@); \ $(evaluate-test) $(linknamespace-symlists-tests): $(objpfx)symlist-%: list-header-symbols.pl - $(PERL) -w $< --tmpdir=$(objpfx) --cc='$(CC)' \ + $(PERL) -I. -w $< --tmpdir=$(objpfx) --cc='$(CC)' \ --flags='$(conformtest-cc-flags)' --standard=$* \ --headers="$(strip $(conformtest-headers-$*))" \ > $@ 2> $@.err; \ @@ -232,7 +232,7 @@ $(linknamespace-header-tests): $(objpfx)%/linknamespace.out: \ $(linknamespace-symlist-stdlibs-tests) (set -e; std_hdr=$*; std=$${std_hdr%%/*}; hdr=$${std_hdr#*/}; \ mkdir -p $(@D)/scratch; \ - $(PERL) -w $< --tmpdir=$(@D)/scratch --cc='$(CC)' \ + $(PERL) -I. -w $< --tmpdir=$(@D)/scratch --cc='$(CC)' \ --flags='$(conformtest-cc-flags)' --standard=$$std \ --stdsyms=$(objpfx)symlist-$$std --header=$$hdr \ --libsyms=$(objpfx)symlist-stdlibs-$$std \