|
|
Shell globbing code could end up calling opendir on a whole command line
with arguments, exceeding 8k characters - for example when libtool gets
passed an -export-symbols-regex with a wildcard.
Due to the length exceeding sandbox internal SB_PATH_MAX, it gets trimmed
internally in sandbox syscall checks (even though opendir isn't an actual
syscall), gets confused and throws an ISE abort.
Fix it by adding a precheck that simply fails early with ENAMETOOLONG on
too long paths, as the real glibc function would do the same.
Fixes large projects hitting sandbox abort inside the driving POSIX shell
globbing function due to a long list of linker arguments (such as many object
files) being passed to libtool together with an -export-symbols-regex with
a wildcard. Known affected packages include graphicsmagick and newer
gnome-builder.
p.masked for a short time as a maintainer timeout, seeking independent
validation as a critical packages non-maintainer revbump.
Gentoo-Bug: 553092
Package-Manager: portage-2.3.3
Signed-off-by: Mart Raudsepp <leio@gentoo.org>
|
Mart Raudsepp
GitWeb