diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/Makefile | 5 | ||||
-rw-r--r-- | lib/env.c | 73 | ||||
-rw-r--r-- | lib/env.h | 2 | ||||
-rw-r--r-- | lib/err.c | 6 | ||||
-rw-r--r-- | lib/nls.h | 33 | ||||
-rw-r--r-- | lib/setproctitle.c | 16 |
6 files changed, 120 insertions, 15 deletions
diff --git a/lib/Makefile b/lib/Makefile index 5503a6059..a9f8596d1 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -1,13 +1,16 @@ +include ../make_include include ../MCONFIG CFLAGS=-I$(LIB) $(OPT) -all: err.o my_reboot.o setproctitle.o +all: err.o my_reboot.o setproctitle.o env.o err.o: err.c my_reboot.o: my_reboot.c linux_reboot.h +env.o: env.h + setproctitle.o: setproctitle.h .PHONY: clean diff --git a/lib/env.c b/lib/env.c new file mode 100644 index 000000000..69c821c2d --- /dev/null +++ b/lib/env.c @@ -0,0 +1,73 @@ +/* + * Security checks of enviroment + * Added from shadow-utils package + * by Arkadiusz Mi¶kiewicz <misiek@misiek.eu.org> + * + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include "env.h" + +extern char **environ; + +static char * const forbid[] = { + "_RLD_=", + "BASH_ENV=", /* GNU creeping featurism strikes again... */ + "ENV=", + "HOME=", + "IFS=", + "KRB_CONF=", + "LD_", /* anything with the LD_ prefix */ + "LIBPATH=", + "MAIL=", + "NLSPATH=", + "PATH=", + "SHELL=", + "SHLIB_PATH=", + (char *) 0 +}; + +/* these are allowed, but with no slashes inside + (to work around security problems in GNU gettext) */ +static char * const noslash[] = { + "LANG=", + "LANGUAGE=", + "LC_", /* anything with the LC_ prefix */ + (char *) 0 +}; + +void +sanitize_env(void) +{ + char **envp = environ; + char * const *bad; + char **cur; + char **move; + + for (cur = envp; *cur; cur++) { + for (bad = forbid; *bad; bad++) { + if (strncmp(*cur, *bad, strlen(*bad)) == 0) { + for (move = cur; *move; move++) + *move = *(move + 1); + cur--; + break; + } + } + } + + for (cur = envp; *cur; cur++) { + for (bad = noslash; *bad; bad++) { + if (strncmp(*cur, *bad, strlen(*bad)) != 0) + continue; + if (!strchr(*cur, '/')) + continue; /* OK */ + for (move = cur; *move; move++) + *move = *(move + 1); + cur--; + break; + } + } +} + diff --git a/lib/env.h b/lib/env.h new file mode 100644 index 000000000..d69b4f295 --- /dev/null +++ b/lib/env.h @@ -0,0 +1,2 @@ +extern void sanitize_env (void); + @@ -43,9 +43,11 @@ #include <varargs.h> #endif +#include "../defines.h" +#ifdef HAVE_progname extern char *__progname; /* Program name, from crt0. */ -#ifdef __linux__ -char *__progname; +#else +char *__progname = "foo"; /* probably libc4 */ #endif __dead void diff --git a/lib/nls.h b/lib/nls.h new file mode 100644 index 000000000..67b42a999 --- /dev/null +++ b/lib/nls.h @@ -0,0 +1,33 @@ + +#include "../defines.h" /* for HAVE_locale_h */ + +#ifndef PACKAGE +#define PACKAGE "util-linux" +#endif + +#ifndef LOCALEDIR +#define LOCALEDIR "/usr/share/locale" +#endif + +#ifdef HAVE_locale_h +# include <locale.h> +#endif + +#ifdef ENABLE_NLS +# include <libintl.h> +# define _(Text) gettext (Text) +# ifdef gettext_noop +# define N_(String) gettext_noop (String) +# else +# define N_(String) (String) +# endif +#else +# undef bindtextdomain +# define bindtextdomain(Domain, Directory) /* empty */ +# undef textdomain +# define textdomain(Domain) /* empty */ +# define _(Text) (Text) +# define N_(Text) (Text) +#endif + + diff --git a/lib/setproctitle.c b/lib/setproctitle.c index bff1362da..319bc6a9f 100644 --- a/lib/setproctitle.c +++ b/lib/setproctitle.c @@ -20,10 +20,6 @@ #include <stdarg.h> #include "setproctitle.h" -#ifndef SPT_PADCHAR -#define SPT_PADCHAR ' ' -#endif - #ifndef SPT_BUFSIZE #define SPT_BUFSIZE 2048 #endif @@ -65,7 +61,6 @@ initproctitle (int argc, char **argv) { /* Nice code, but many places do not know about vsnprintf ... */ void setproctitle (const char *fmt,...) { - char *p; int i; char buf[SPT_BUFSIZE]; va_list ap; @@ -82,16 +77,14 @@ setproctitle (const char *fmt,...) { i = argv_lth - 2; buf[i] = '\0'; } + memset(argv0[0], '\0', argv_lth); /* clear the memory area */ (void) strcpy (argv0[0], buf); - p = &argv0[0][i]; - while (i < argv_lth) - *p++ = SPT_PADCHAR, i++; + argv0[1] = NULL; } #else void setproctitle (const char *prog, const char *txt) { - char *p; int i; char buf[SPT_BUFSIZE]; @@ -108,10 +101,9 @@ setproctitle (const char *prog, const char *txt) { i = argv_lth - 2; buf[i] = '\0'; } + memset(argv0[0], '\0', argv_lth); /* clear the memory area */ (void) strcpy (argv0[0], buf); - p = &argv0[0][i]; - while (i < argv_lth) - *p++ = SPT_PADCHAR, i++; + argv0[1] = NULL; } #endif |