[systemd-devel] [PATCH] path-lookup: use secure_getenv()
Shawn Landden
shawn at churchofgit.com
Sat Mar 14 19:27:56 PDT 2015
All these except user_data_home_dir() are certainly vectors for
arbitrary code execution. These should use secure_getenv()
---
src/shared/path-lookup.c | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/src/shared/path-lookup.c b/src/shared/path-lookup.c
index fbf46cd..0fb86df 100644
--- a/src/shared/path-lookup.c
+++ b/src/shared/path-lookup.c
@@ -33,7 +33,7 @@ int user_config_home(char **config_home) {
const char *e;
char *r;
- e = getenv("XDG_CONFIG_HOME");
+ e = secure_getenv("XDG_CONFIG_HOME");
if (e) {
r = strappend(e, "/systemd/user");
if (!r)
@@ -44,7 +44,7 @@ int user_config_home(char **config_home) {
} else {
const char *home;
- home = getenv("HOME");
+ home = secure_getenv("HOME");
if (home) {
r = strappend(home, "/.config/systemd/user");
if (!r)
@@ -62,7 +62,7 @@ int user_runtime_dir(char **runtime_dir) {
const char *e;
char *r;
- e = getenv("XDG_RUNTIME_DIR");
+ e = secure_getenv("XDG_RUNTIME_DIR");
if (e) {
r = strappend(e, "/systemd/user");
if (!r)
@@ -83,13 +83,13 @@ static int user_data_home_dir(char **dir, const char *suffix) {
* suggests because we assume that that is a link to
* /etc/systemd/ anyway. */
- e = getenv("XDG_DATA_HOME");
+ e = secure_getenv("XDG_DATA_HOME");
if (e)
res = strappend(e, suffix);
else {
const char *home;
- home = getenv("HOME");
+ home = secure_getenv("HOME");
if (home)
res = strjoin(home, "/.local/share", suffix, NULL);
else
@@ -146,7 +146,7 @@ static char** user_dirs(
if (user_runtime_dir(&runtime_dir) < 0)
return NULL;
- e = getenv("XDG_CONFIG_DIRS");
+ e = secure_getenv("XDG_CONFIG_DIRS");
if (e) {
config_dirs = strv_split(e, ":");
if (!config_dirs)
@@ -157,7 +157,7 @@ static char** user_dirs(
if (r < 0)
return NULL;
- e = getenv("XDG_DATA_DIRS");
+ e = secure_getenv("XDG_DATA_DIRS");
if (e)
data_dirs = strv_split(e, ":");
else
@@ -248,7 +248,7 @@ int lookup_paths_init(
/* First priority is whatever has been passed to us via env
* vars */
- e = getenv("SYSTEMD_UNIT_PATH");
+ e = secure_getenv("SYSTEMD_UNIT_PATH");
if (e) {
if (endswith(e, ":")) {
e = strndupa(e, strlen(e) - 1);
@@ -340,7 +340,7 @@ int lookup_paths_init(
#ifdef HAVE_SYSV_COMPAT
/* /etc/init.d/ compatibility does not matter to users */
- e = getenv("SYSTEMD_SYSVINIT_PATH");
+ e = secure_getenv("SYSTEMD_SYSVINIT_PATH");
if (e) {
p->sysvinit_path = path_split_and_make_absolute(e);
if (!p->sysvinit_path)
@@ -358,7 +358,7 @@ int lookup_paths_init(
return -ENOMEM;
}
- e = getenv("SYSTEMD_SYSVRCND_PATH");
+ e = secure_getenv("SYSTEMD_SYSVRCND_PATH");
if (e) {
p->sysvrcnd_path = path_split_and_make_absolute(e);
if (!p->sysvrcnd_path)
--
2.2.1.209.g41e5f3a
More information about the systemd-devel
mailing list