diff options
| author | Ran Benita <ran234@gmail.com> | 2014-02-04 02:53:05 +0200 |
|---|---|---|
| committer | Ran Benita <ran234@gmail.com> | 2014-02-04 02:53:05 +0200 |
| commit | 109fe7059c6d520ac70c744b319a795af7ba112c (patch) | |
| tree | a462bab97bb52d99578ae1f16fbcd12e70d0d6e3 | |
| parent | bdd8c113a518b23328933f111ba6aa4a2b62afa5 (diff) | |
| download | xorg-lib-libxkbcommon-109fe7059c6d520ac70c744b319a795af7ba112c.tar.gz | |
Use secure_getenv when available
We probably don't want to get a privileged process to compile arbitrary
keymaps. So we should be careful about the envvars which control include
paths or default RMLVOs. But then secure_getenv is more sensible for
everything we do.
Signed-off-by: Ran Benita <ran234@gmail.com>
| -rw-r--r-- | configure.ac | 6 | ||||
| -rw-r--r-- | src/context-priv.c | 12 | ||||
| -rw-r--r-- | src/context.c | 6 | ||||
| -rw-r--r-- | src/utils.h | 8 |
4 files changed, 23 insertions, 9 deletions
diff --git a/configure.ac b/configure.ac index 15d420a..e67cd4f 100644 --- a/configure.ac +++ b/configure.ac @@ -75,6 +75,12 @@ AS_IF([test "x$ac_cv_func_strcasecmp" = xno -o \ AC_CHECK_FUNCS([eaccess euidaccess mmap]) +AC_CHECK_FUNCS([secure_getenv __secure_getenv]) +AS_IF([test "x$ac_cv_func_secure_getenv" = xno -a \ + "x$ac_cv_func___secure_getenv" = xno], [ + AC_MSG_WARN([C library does not support secure_getenv, using getenv instead]) +]) + # Some tests use Linux-specific headers AC_CHECK_HEADER([linux/input.h]) AM_CONDITIONAL(BUILD_LINUX_TESTS, [test "x$ac_cv_header_linux_input_h" = xyes]) diff --git a/src/context-priv.c b/src/context-priv.c index 4d7b2ed..9b81c36 100644 --- a/src/context-priv.c +++ b/src/context-priv.c @@ -118,7 +118,7 @@ xkb_context_get_default_rules(struct xkb_context *ctx) const char *env = NULL; if (ctx->use_environment_names) - env = getenv("XKB_DEFAULT_RULES"); + env = secure_getenv("XKB_DEFAULT_RULES"); return env ? env : DEFAULT_XKB_RULES; } @@ -129,7 +129,7 @@ xkb_context_get_default_model(struct xkb_context *ctx) const char *env = NULL; if (ctx->use_environment_names) - env = getenv("XKB_DEFAULT_MODEL"); + env = secure_getenv("XKB_DEFAULT_MODEL"); return env ? env : DEFAULT_XKB_MODEL; } @@ -140,7 +140,7 @@ xkb_context_get_default_layout(struct xkb_context *ctx) const char *env = NULL; if (ctx->use_environment_names) - env = getenv("XKB_DEFAULT_LAYOUT"); + env = secure_getenv("XKB_DEFAULT_LAYOUT"); return env ? env : DEFAULT_XKB_LAYOUT; } @@ -149,12 +149,12 @@ const char * xkb_context_get_default_variant(struct xkb_context *ctx) { const char *env = NULL; - const char *layout = getenv("XKB_DEFAULT_VARIANT"); + const char *layout = secure_getenv("XKB_DEFAULT_VARIANT"); /* We don't want to inherit the variant if they haven't also set a * layout, since they're so closely paired. */ if (layout && ctx->use_environment_names) - env = getenv("XKB_DEFAULT_VARIANT"); + env = secure_getenv("XKB_DEFAULT_VARIANT"); return env ? env : DEFAULT_XKB_VARIANT; } @@ -165,7 +165,7 @@ xkb_context_get_default_options(struct xkb_context *ctx) const char *env = NULL; if (ctx->use_environment_names) - env = getenv("XKB_DEFAULT_OPTIONS"); + env = secure_getenv("XKB_DEFAULT_OPTIONS"); return env ? env : DEFAULT_XKB_OPTIONS; } diff --git a/src/context.c b/src/context.c index e64b915..e9c52eb 100644 --- a/src/context.c +++ b/src/context.c @@ -82,7 +82,7 @@ xkb_context_include_path_append_default(struct xkb_context *ctx) ret |= xkb_context_include_path_append(ctx, DFLT_XKB_CONFIG_ROOT); - home = getenv("HOME"); + home = secure_getenv("HOME"); if (!home) return ret; err = asprintf(&user_path, "%s/.xkb", home); @@ -252,11 +252,11 @@ xkb_context_new(enum xkb_context_flags flags) ctx->log_verbosity = 0; /* Environment overwrites defaults. */ - env = getenv("XKB_LOG_LEVEL"); + env = secure_getenv("XKB_LOG_LEVEL"); if (env) xkb_context_set_log_level(ctx, log_level(env)); - env = getenv("XKB_LOG_VERBOSITY"); + env = secure_getenv("XKB_LOG_VERBOSITY"); if (env) xkb_context_set_log_verbosity(ctx, log_verbosity(env)); diff --git a/src/utils.h b/src/utils.h index 81d1cc9..f7fc7a5 100644 --- a/src/utils.h +++ b/src/utils.h @@ -187,6 +187,14 @@ unmap_file(const char *str, size_t size); #define MAX(a, b) ((a) > (b) ? (a) : (b)) #define MAX3(a, b, c) MAX(MAX((a), (b)), (c)) +#if defined(HAVE_SECURE_GETENV) +# define secure_getenv secure_getenv +#elif defined(HAVE___SECURE_GETENV) +# define secure_getenv __secure_getenv +#else +# define secure_getenv getenv +#endif + /* Compiler Attributes */ #if defined(__GNUC__) && (__GNUC__ >= 4) && !defined(__CYGWIN__) |