Disallow '/' characters in LC_* environment variables which might

be used to point to a bad locale file. This is only believed to be a minor security risk - the only risk is if some program uses the result of a localized string as a format specifier in a vulnerable function like sprintf(). No such code is believed to exist in the FreeBSD base system, although it is possible that badly written third party code would do that. Submitted by: imp Approved by: ache
2000-09-08 07:29:48 +00:00 · 2000-09-08 07:29:48 +00:00 · a1158cce42
commit a1158cce42
parent 5d888c38ed
1 changed files with 1 additions and 1 deletions
--- a/lib/libc/locale/setlocale.c
+++ b/lib/libc/locale/setlocale.c
@ -129,7 +129,7 @@ setlocale(category, locale)
 		if (!env || !*env)
 			env = getenv("LANG");

-		if (!env || !*env)
+		if (!env || !*env || strchr(env, '/'))
 			env = "C";

 		(void) strncpy(new_categories[category], env, ENCODING_LEN);