diff options
author | Cristian RodrÃguez <crrodriguez@opensuse.org> | 2013-02-11 15:07:52 -0300 |
---|---|---|
committer | Lucas De Marchi <lucas.de.marchi@gmail.com> | 2013-04-04 15:58:29 -0300 |
commit | 41a51c2af915bc99851446cf604fac99eca1848f (patch) | |
tree | 7a07665851f63a0011cc7a2ccaa584ca95dff346 | |
parent | ace742fa9aee1aec5931d5ee8a51fa9b8f0d94e0 (diff) | |
download | kmod-41a51c2af915bc99851446cf604fac99eca1848f.tar.gz |
libkmod: Use secure_getenv if available
"The secure_getenv() function is intended for use in general-purpose
libraries to avoid vulnerabilities that could occur if set-user-ID or
set-group-ID programs accidentally trusted the environment."
-rw-r--r-- | configure.ac | 1 | ||||
-rw-r--r-- | libkmod/libkmod-private.h | 9 | ||||
-rw-r--r-- | libkmod/libkmod.c | 2 |
3 files changed, 11 insertions, 1 deletions
diff --git a/configure.ac b/configure.ac index 566b317..1c6c793 100644 --- a/configure.ac +++ b/configure.ac @@ -39,6 +39,7 @@ PKG_PROG_PKG_CONFIG ##################################################################### AC_CHECK_FUNCS_ONCE(__xstat) +AC_CHECK_FUNCS_ONCE([__secure_getenv secure_getenv]) # dietlibc doesn't have st.st_mtim struct member AC_CHECK_MEMBERS([struct stat.st_mtim], [], [], [#include <sys/stat.h>]) diff --git a/libkmod/libkmod-private.h b/libkmod/libkmod-private.h index 7748b14..8d8599a 100644 --- a/libkmod/libkmod-private.h +++ b/libkmod/libkmod-private.h @@ -35,6 +35,15 @@ static _always_inline_ _printf_format_(2, 3) void #define KCMD_LINE_SIZE 4096 +#ifndef HAVE_SECURE_GETENV +# ifdef HAVE___SECURE_GETENV +# define secure_getenv __secure_getenv +# else +# warning neither secure_getenv nor __secure_getenv is available +# define secure_getenv getenv +# endif +#endif + void kmod_log(const struct kmod_ctx *ctx, int priority, const char *file, int line, const char *fn, const char *format, ...) __attribute__((format(printf, 6, 7))) __attribute__((nonnull(1, 3, 5))); diff --git a/libkmod/libkmod.c b/libkmod/libkmod.c index b3e1d6b..2ef19d3 100644 --- a/libkmod/libkmod.c +++ b/libkmod/libkmod.c @@ -254,7 +254,7 @@ KMOD_EXPORT struct kmod_ctx *kmod_new(const char *dirname, ctx->dirname = get_kernel_release(dirname); /* environment overwrites config */ - env = getenv("KMOD_LOG"); + env = secure_getenv("KMOD_LOG"); if (env != NULL) kmod_set_log_priority(ctx, log_priority(env)); |