login(1): when exporting variables check the result of setenv(3)
When exporting a variable we correctly check all the preconditions that could make setenv(3) fail. Checking the setenv(3) return value seems redundant, but given that login(1) is critical, it doesn't hurt to have a post-check. This change is based on the "Principles of Secure Coding" course by Matthew Bishop, PhD., which specifically discusses this code in FreeBSD. (This change redoes r368776 due to a silly mistake)
This commit is contained in:
parent
7ff15fb1e9
commit
556c444f77
@ -793,6 +793,7 @@ export(const char *s)
|
|||||||
char *p;
|
char *p;
|
||||||
const char **pp;
|
const char **pp;
|
||||||
size_t n;
|
size_t n;
|
||||||
|
int rv;
|
||||||
|
|
||||||
if (strlen(s) > 1024 || (p = strchr(s, '=')) == NULL)
|
if (strlen(s) > 1024 || (p = strchr(s, '=')) == NULL)
|
||||||
return (0);
|
return (0);
|
||||||
@ -804,8 +805,10 @@ export(const char *s)
|
|||||||
return (0);
|
return (0);
|
||||||
}
|
}
|
||||||
*p = '\0';
|
*p = '\0';
|
||||||
(void)setenv(s, p + 1, 1);
|
rv = setenv(s, p + 1, 1);
|
||||||
*p = '=';
|
*p = '=';
|
||||||
|
if (rv == -1)
|
||||||
|
return (0);
|
||||||
return (1);
|
return (1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user