diff options
author | Allen Byrne <byrn@hdfgroup.org> | 2020-08-12 21:14:44 (GMT) |
---|---|---|
committer | Allen Byrne <byrn@hdfgroup.org> | 2020-08-12 21:14:44 (GMT) |
commit | cecaed97f7987266d74dff90448d02c586d14052 (patch) | |
tree | ec1aa3d47d5e5948b5d463a189177523e1ce5559 | |
parent | 7dcd7830ae11634e92113e0d50ea201ebd79a7de (diff) | |
download | hdf5-cecaed97f7987266d74dff90448d02c586d14052.zip hdf5-cecaed97f7987266d74dff90448d02c586d14052.tar.gz hdf5-cecaed97f7987266d74dff90448d02c586d14052.tar.bz2 |
HDFFV-11127 - force RTLD_LOCAL in dlopen
-rw-r--r-- | release_docs/RELEASE.txt | 15 | ||||
-rw-r--r-- | src/H5PLpkg.h | 2 |
2 files changed, 13 insertions, 4 deletions
diff --git a/release_docs/RELEASE.txt b/release_docs/RELEASE.txt index 7ccdbe9..2217b5a 100644 --- a/release_docs/RELEASE.txt +++ b/release_docs/RELEASE.txt @@ -349,9 +349,9 @@ New Features added to the libhdf5.settings file. Autotools: - + An --enable-file-locking=(yes|no|best-effort) option has been added. - + yes: Use file locking. no: Do not use file locking. best-effort: Use file locking and ignore "disabled" errors. @@ -765,6 +765,15 @@ Bug Fixes since HDF5-1.10.3 release Library ------- + - Explicitly declared dlopen to use RTLD_LOCAL + + dlopen documentation states that f neither RTLD_GLOBAL nor + RTLD_LOCAL are specified, then the default behavior is unspecified. + The default on linux is usually RTLD_LOCAL while macos will default + to RTLD_GLOBAL. + + (ADB - 2020/08/12, HDFFV-11127) + - Fixed issues CVE-2018-13870 and CVE-2018-13869 When a buffer overflow occurred because a name length was corrupted @@ -774,7 +783,7 @@ Bug Fixes since HDF5-1.10.3 release locations to prevent the crashes and h5dump now simply fails with an error message when this error condition occurs. - (BMR - 2020/7/22, HDFFV-11120 and HDFFV-11121) + (BMR - 2020/07/22, HDFFV-11120 and HDFFV-11121) - Fixed the segmentation fault when reading attributes with multiple threads diff --git a/src/H5PLpkg.h b/src/H5PLpkg.h index 8c2367f..a086a2c 100644 --- a/src/H5PLpkg.h +++ b/src/H5PLpkg.h @@ -95,7 +95,7 @@ # define H5PL_HANDLE void * /* Get a handle to a plugin library. Windows: TEXT macro handles Unicode strings */ -# define H5PL_OPEN_DLIB(S) dlopen(S, RTLD_LAZY) +# define H5PL_OPEN_DLIB(S) dlopen(S, RTLD_LAZY | RTLD_LOCAL) /* Get the address of a symbol in dynamic library */ # define H5PL_GET_LIB_FUNC(H,N) dlsym(H,N) |