diff options
| author | Jose M. Palacios Diaz <jmpd1988@gmail.com> | 2018-02-01 11:13:35 -0500 |
|---|---|---|
| committer | Ruben Bridgewater <ruben@bridgewater.de> | 2018-02-16 17:42:21 +0100 |
| commit | 916cfeca774e83925466f9a171f11c9bc73e4756 (patch) | |
| tree | da62a6e56ce15d852ab5b5359b9daa044c5e0e86 /lib/os.js | |
| parent | ec9e7922bb72ce17b453d345232a0e725883a470 (diff) | |
| download | node-new-916cfeca774e83925466f9a171f11c9bc73e4756.tar.gz | |
lib,src: audit process.env in lib/ for setuid binary
Wrap SafeGetenv() in util binding with the purpose of protecting
the cases when env vars are accessed with the privileges of another
user in jsland.
PR-URL: https://github.com/nodejs/node/pull/18511
Fixes: https://github.com/nodejs/node/issues/9160
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Diffstat (limited to 'lib/os.js')
| -rw-r--r-- | lib/os.js | 8 |
1 files changed, 4 insertions, 4 deletions
@@ -21,7 +21,7 @@ 'use strict'; -const { pushValToArrayMax } = process.binding('util'); +const { pushValToArrayMax, safeGetenv } = process.binding('util'); const constants = process.binding('constants').os; const { deprecate } = require('internal/util'); const { getCIDRSuffix } = require('internal/os'); @@ -127,9 +127,9 @@ function tmpdir() { if (path.length > 1 && path.endsWith('\\') && !path.endsWith(':\\')) path = path.slice(0, -1); } else { - path = process.env.TMPDIR || - process.env.TMP || - process.env.TEMP || + path = safeGetenv('TMPDIR') || + safeGetenv('TMP') || + safeGetenv('TEMP') || '/tmp'; if (path.length > 1 && path.endsWith('/')) path = path.slice(0, -1); |