diff options
author | bigbiff bigbiff <bigbiff@teamw.in> | 2013-02-23 02:55:50 +0100 |
---|---|---|
committer | bigbiff bigbiff <bigbiff@teamw.in> | 2013-02-25 15:06:46 +0100 |
commit | e60683a0d553b6488c564863f4e48954944fb0f8 (patch) | |
tree | 9364f97cb88b7c1359f5f06dfb32150a78168c31 /libblkid/env.c | |
parent | Fix building of updater for 4.2 environment (diff) | |
download | android_bootable_recovery-e60683a0d553b6488c564863f4e48954944fb0f8.tar android_bootable_recovery-e60683a0d553b6488c564863f4e48954944fb0f8.tar.gz android_bootable_recovery-e60683a0d553b6488c564863f4e48954944fb0f8.tar.bz2 android_bootable_recovery-e60683a0d553b6488c564863f4e48954944fb0f8.tar.lz android_bootable_recovery-e60683a0d553b6488c564863f4e48954944fb0f8.tar.xz android_bootable_recovery-e60683a0d553b6488c564863f4e48954944fb0f8.tar.zst android_bootable_recovery-e60683a0d553b6488c564863f4e48954944fb0f8.zip |
Diffstat (limited to 'libblkid/env.c')
-rw-r--r-- | libblkid/env.c | 110 |
1 files changed, 110 insertions, 0 deletions
diff --git a/libblkid/env.c b/libblkid/env.c new file mode 100644 index 000000000..c79e0e0de --- /dev/null +++ b/libblkid/env.c @@ -0,0 +1,110 @@ +/* + * Security checks of environment + * Added from shadow-utils package + * by Arkadiusz MiĆkiewicz <misiek@pld.ORG.PL> + * + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#ifdef HAVE_SYS_PRCTL_H +#include <sys/prctl.h> +#else +#define PR_GET_DUMPABLE 3 +#endif +#if (!defined(HAVE_PRCTL) && defined(linux)) +#include <sys/syscall.h> +#endif +#include <unistd.h> +#include <sys/types.h> + +#include "env.h" + +#ifndef HAVE_ENVIRON_DECL +extern char **environ; +#endif + +static char * const forbid[] = { + "_RLD_=", + "BASH_ENV=", /* GNU creeping featurism strikes again... */ + "ENV=", + "HOME=", + "IFS=", + "KRB_CONF=", + "LD_", /* anything with the LD_ prefix */ + "LIBPATH=", + "MAIL=", + "NLSPATH=", + "PATH=", + "SHELL=", + "SHLIB_PATH=", + (char *) 0 +}; + +/* these are allowed, but with no slashes inside + (to work around security problems in GNU gettext) */ +static char * const noslash[] = { + "LANG=", + "LANGUAGE=", + "LC_", /* anything with the LC_ prefix */ + (char *) 0 +}; + +void +sanitize_env(void) +{ + char **envp = environ; + char * const *bad; + char **cur; + char **move; + + for (cur = envp; *cur; cur++) { + for (bad = forbid; *bad; bad++) { + if (strncmp(*cur, *bad, strlen(*bad)) == 0) { + for (move = cur; *move; move++) + *move = *(move + 1); + cur--; + break; + } + } + } + + for (cur = envp; *cur; cur++) { + for (bad = noslash; *bad; bad++) { + if (strncmp(*cur, *bad, strlen(*bad)) != 0) + continue; + if (!strchr(*cur, '/')) + continue; /* OK */ + for (move = cur; *move; move++) + *move = *(move + 1); + cur--; + break; + } + } +} + + +char *safe_getenv(const char *arg) +{ + uid_t ruid = getuid(); + + if (ruid != 0 || (ruid != geteuid()) || (getgid() != getegid())) + return NULL; +#ifdef HAVE_PRCTL + if (prctl(PR_GET_DUMPABLE, 0, 0, 0, 0) == 0) + return NULL; +#else +#if (defined(linux) && defined(SYS_prctl)) + if (syscall(SYS_prctl, PR_GET_DUMPABLE, 0, 0, 0, 0) == 0) + return NULL; +#endif +#endif +#ifdef HAVE_SECURE_GETENV +return secure_getenv(arg); +#elif HAVE___SECURE_GETENV + return __secure_getenv(arg); +#else + return getenv(arg); +#endif +} |