[systemd-devel] [PATCH] sd_daemon: use secure_getenv() instead of getenv()

Fri Jan 23 21:20:15 PST 2015

According to the glibc manual, secure_getenv() is more trustful than
getenv() since it returns a null pointer if the environment is untrusted
such as setting SUID or SGID bits. Moreover, libraries should use
secure_getenv().
(http://www.gnu.org/software/libc/manual/html_node/Environment-Access.html)

Signed-off-by: Sangjung Woo <sangjung.woo at samsung.com>
---
 src/libsystemd/sd-daemon/sd-daemon.c |   10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/libsystemd/sd-daemon/sd-daemon.c b/src/libsystemd/sd-daemon/sd-daemon.c
index 028c2a7..86e6aed 100644
--- a/src/libsystemd/sd-daemon/sd-daemon.c
+++ b/src/libsystemd/sd-daemon/sd-daemon.c
@@ -46,7 +46,7 @@ _public_ int sd_listen_fds(int unset_environment) {
         int r, fd;
         pid_t pid;
 
-        e = getenv("LISTEN_PID");
+        e = secure_getenv("LISTEN_PID");
         if (!e) {
                 r = 0;
                 goto finish;
@@ -62,7 +62,7 @@ _public_ int sd_listen_fds(int unset_environment) {
                 goto finish;
         }
 
-        e = getenv("LISTEN_FDS");
+        e = secure_getenv("LISTEN_FDS");
         if (!e) {
                 r = 0;
                 goto finish;
@@ -374,7 +374,7 @@ _public_ int sd_pid_notify_with_fds(pid_t pid, int unset_environment, const char
                 goto finish;
         }
 
-        e = getenv("NOTIFY_SOCKET");
+        e = secure_getenv("NOTIFY_SOCKET");
         if (!e)
                 return 0;
 
@@ -525,7 +525,7 @@ _public_ int sd_watchdog_enabled(int unset_environment, uint64_t *usec) {
         uint64_t u;
         int r = 0;
 
-        s = getenv("WATCHDOG_USEC");
+        s = secure_getenv("WATCHDOG_USEC");
         if (!s)
                 goto finish;
 
@@ -537,7 +537,7 @@ _public_ int sd_watchdog_enabled(int unset_environment, uint64_t *usec) {
                 goto finish;
         }
 
-        p = getenv("WATCHDOG_PID");
+        p = secure_getenv("WATCHDOG_PID");
         if (p) {
                 pid_t pid;
 
-- 
1.7.9.5

