From c4e33da176f8a83e1bfca8a5e41351691b713664 Mon Sep 17 00:00:00 2001 From: liusirui Date: Tue, 10 Mar 2020 11:54:00 +0800 Subject: [PATCH] fix cve-2018-13420 Signed-off-by: liusirui --- fix-CVE-2018-13420.patch | 40 ++++++++++++++++++++++++++++++++++++++++ gperftools.spec | 6 +++++- 2 files changed, 45 insertions(+), 1 deletion(-) create mode 100644 fix-CVE-2018-13420.patch diff --git a/fix-CVE-2018-13420.patch b/fix-CVE-2018-13420.patch new file mode 100644 index 0000000..230cece --- /dev/null +++ b/fix-CVE-2018-13420.patch @@ -0,0 +1,40 @@ +From 837a86b45fe30b69e4ef89f44ab1af7ad4bb1eb0 Mon Sep 17 00:00:00 2001 +From: liusirui +Date: Fri, 7 Feb 2020 11:07:49 +0800 +Subject: [PATCH] fix CVE-2018-13420 + +The software maintainer indicates that this is not a bug; it is only a +false-positive report from the LeakSanitizer program.Issue #1013 ( +https://github.com/gperftools/gperftools/issues/1013) will not fix and +is closed. +This patch is just to eliminate CVE-2018-13420.Instead of dynamically +malloc memory for current_instance, add a static global variable +malloc_extension_instance for it. + +--- + src/malloc_extension.cc | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/malloc_extension.cc b/src/malloc_extension.cc +index 6e69552..cfa5f05 100644 +--- a/src/malloc_extension.cc ++++ b/src/malloc_extension.cc +@@ -203,13 +203,15 @@ void MallocExtension::MarkThreadTemporarilyIdle() { + + // The current malloc extension object. + ++static MallocExtension malloc_extension_instance; ++ + static MallocExtension* current_instance; + + static void InitModule() { + if (current_instance != NULL) { + return; + } +- current_instance = new MallocExtension; ++ current_instance = &malloc_extension_instance; + #ifndef NO_HEAP_CHECK + HeapLeakChecker::IgnoreObject(current_instance); + #endif +-- +1.8.3.1 \ No newline at end of file diff --git a/gperftools.spec b/gperftools.spec index db9717f..9dae9f5 100644 --- a/gperftools.spec +++ b/gperftools.spec @@ -1,6 +1,6 @@ Name: gperftools Version: 2.7 -Release: 6 +Release: 7 Summary: high-performance malloc and performance analysis tools License: BSD @@ -21,6 +21,7 @@ Patch12: Use-initial-exec-TLS-model-for-all-thread-local-vari.patch Patch13: don-t-try-to-mark-rsp-as-clobbered-in-linux-syscall-.patch Patch9000: issue-1122-fix-bus-error-on-aarch64.patch +Patch9001: fix-CVE-2018-13420.patch BuildRequires: autoconf automake gcc-c++ libtool libunwind-devel perl-generators Requires: %{name}-devel = %{version}-%{release} @@ -111,6 +112,9 @@ make %{_mandir}/man1/*.1.gz %changelog +* Tue Mar 10 2020 liusirui - 2.7-7 +- fix cve-2018-13420 + * Fri Jan 10 2020 wuxu_wu - 2.7-6 - delete useless patch -- Gitee