[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 1/3] secure_getenv: new module
|
From: |
Paul Eggert |
|
Subject: |
[PATCH 1/3] secure_getenv: new module |
|
Date: |
Mon, 04 Feb 2013 20:41:07 -0800 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130106 Thunderbird/17.0.2 |
* MODULES.html.sh (Extra functions based on ANSI C 89):
Add secure_getenv.
* doc/glibc-functions/secure_getenv.texi: New file.
* doc/gnulib.texi: Include it.
* lib/secure_getenv.c, m4/secure_getenv.m4, modules/secure_getenv:
New files.
* lib/stdlib.in.h (secure_getenv): New decl.
* m4/stdlib_h.m4 (gl_STDLIB_H, gl_STDLIB_H_DEFAULTS):
* modules/stdlib (stdlib.h):
Add secure_getenv checks.
---
ChangeLog | 14 ++++++++++++++
MODULES.html.sh | 1 +
doc/glibc-functions/secure_getenv.texi | 22 ++++++++++++++++++++++
doc/gnulib.texi | 2 ++
lib/secure_getenv.c | 28 ++++++++++++++++++++++++++++
lib/stdlib.in.h | 16 ++++++++++++++++
m4/secure_getenv.m4 | 22 ++++++++++++++++++++++
m4/stdlib_h.m4 | 6 ++++--
modules/secure_getenv | 31 +++++++++++++++++++++++++++++++
modules/stdlib | 2 ++
10 files changed, 142 insertions(+), 2 deletions(-)
create mode 100644 doc/glibc-functions/secure_getenv.texi
create mode 100644 lib/secure_getenv.c
create mode 100644 m4/secure_getenv.m4
create mode 100644 modules/secure_getenv
diff --git a/ChangeLog b/ChangeLog
index f5676e1..2a0b4e2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,17 @@
+2013-02-04 Paul Eggert <address@hidden>
+
+ secure_getenv: new module
+ * MODULES.html.sh (Extra functions based on ANSI C 89):
+ Add secure_getenv.
+ * doc/glibc-functions/secure_getenv.texi: New file.
+ * doc/gnulib.texi: Include it.
+ * lib/secure_getenv.c, m4/secure_getenv.m4, modules/secure_getenv:
+ New files.
+ * lib/stdlib.in.h (secure_getenv): New decl.
+ * m4/stdlib_h.m4 (gl_STDLIB_H, gl_STDLIB_H_DEFAULTS):
+ * modules/stdlib (stdlib.h):
+ Add secure_getenv checks.
+
2013-02-03 Paul Eggert <address@hidden>
getcwd: break fdopendir + save_cwd recursive loop (Bug#13516)
diff --git a/MODULES.html.sh b/MODULES.html.sh
index 6031059..ece97f4 100755
--- a/MODULES.html.sh
+++ b/MODULES.html.sh
@@ -1772,6 +1772,7 @@ func_all_modules ()
func_begin_table
func_module putenv
+ func_module secure_getenv
func_module setenv
func_module unsetenv
func_module xsetenv
diff --git a/doc/glibc-functions/secure_getenv.texi
b/doc/glibc-functions/secure_getenv.texi
new file mode 100644
index 0000000..300285e
--- /dev/null
+++ b/doc/glibc-functions/secure_getenv.texi
@@ -0,0 +1,22 @@
address@hidden secure_getenv
address@hidden @code{secure_getenv}
address@hidden secure_getenv
+
+Gnulib module: secure_getenv
+
+Portability problems fixed by Gnulib:
address@hidden
address@hidden
+This function is missing on some platforms:
+glibc 2.16, OS X 10.8, FreeBSD 9.1, NetBSD 6.0.1, OpenBSD 5.2, Minix 3.2.0,
+AIX 7.1, HP-UX 11, IRIX 6.5, Solaris 11, Cygwin, mingw, MSVC 9,
+Interix 6.1, BeOS.
address@hidden itemize
+
+Portability problems not fixed by Gnulib:
address@hidden
address@hidden
+On platforms other than glibc 2.0 and later, the Gnulib replacement
+function always returns a null pointer, even when invoked in a
+non-setuid program.
address@hidden itemize
diff --git a/doc/gnulib.texi b/doc/gnulib.texi
index b8d9559..2d13122 100644
--- a/doc/gnulib.texi
+++ b/doc/gnulib.texi
@@ -5870,6 +5870,7 @@ This list of functions is sorted according to the header
that declares them.
* qsort_r::
* random_r::
* rpmatch::
+* secure_getenv::
* seed48_r::
* setstate_r::
* srand48_r::
@@ -5914,6 +5915,7 @@ This list of functions is sorted according to the header
that declares them.
@include glibc-functions/qsort_r.texi
@include glibc-functions/random_r.texi
@include glibc-functions/rpmatch.texi
address@hidden glibc-functions/secure_getenv.texi
@include glibc-functions/seed48_r.texi
@include glibc-functions/setstate_r.texi
@include glibc-functions/srand48_r.texi
diff --git a/lib/secure_getenv.c b/lib/secure_getenv.c
new file mode 100644
index 0000000..0b91a99
--- /dev/null
+++ b/lib/secure_getenv.c
@@ -0,0 +1,28 @@
+/* Look up an environment variable more securely.
+
+ Copyright 2013 Free Software Foundation, Inc.
+
+ This program is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published
+ by the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>. */
+
+#include <stdlib.h>
+
+char *
+secure_getenv (char const *name)
+{
+#if HAVE___SECURE_GETENV
+ return __secure_getenv (name);
+#else
+ return 0;
+#endif
+}
diff --git a/lib/stdlib.in.h b/lib/stdlib.in.h
index 422ad71..e054c52 100644
--- a/lib/stdlib.in.h
+++ b/lib/stdlib.in.h
@@ -767,6 +767,22 @@ _GL_WARN_ON_USE (rpmatch, "rpmatch is unportable - "
# endif
#endif
+#if @GNULIB_SECURE_GETENV@
+/* Look up NAME in the environment, returning 0 in insecure situations. */
+# if address@hidden@
+_GL_FUNCDECL_SYS (secure_getenv, char *,
+ (char const *name) _GL_ARG_NONNULL ((1)));
+# endif
+_GL_CXXALIAS_SYS (secure_getenv, int, (char const *name));
+_GL_CXXALIASWARN (secure_getenv);
+#elif defined GNULIB_POSIXCHECK
+# undef secure_getenv
+# if HAVE_RAW_DECL_SECURE_GETENV
+_GL_WARN_ON_USE (secure_getenv, "secure_getenv is unportable - "
+ "use gnulib module secure_getenv for portability");
+# endif
+#endif
+
#if @GNULIB_SETENV@
/* Set NAME to VALUE in the environment.
If REPLACE is nonzero, overwrite an existing value. */
diff --git a/m4/secure_getenv.m4 b/m4/secure_getenv.m4
new file mode 100644
index 0000000..1ab5b2d
--- /dev/null
+++ b/m4/secure_getenv.m4
@@ -0,0 +1,22 @@
+# Look up an environment variable more securely.
+dnl Copyright 2013 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+AC_DEFUN([gl_FUNC_SECURE_GETENV],
+[
+ dnl Persuade glibc <stdlib.h> to declare secure_getenv().
+ AC_REQUIRE([AC_USE_SYSTEM_EXTENSIONS])
+
+ AC_REQUIRE([gl_STDLIB_H_DEFAULTS])
+ AC_CHECK_FUNCS_ONCE([secure_getenv])
+ if test $ac_cv_func_secure_getenv = no; then
+ HAVE_SECURE_GETENV=0
+ fi
+])
+
+# Prerequisites of lib/secure_getenv.c.
+AC_DEFUN([gl_PREREQ_SECURE_GETENV], [
+ AC_CHECK_FUNCS([__secure_getenv])
+])
diff --git a/m4/stdlib_h.m4 b/m4/stdlib_h.m4
index 79103bc..2027ab3 100644
--- a/m4/stdlib_h.m4
+++ b/m4/stdlib_h.m4
@@ -1,4 +1,4 @@
-# stdlib_h.m4 serial 41
+# stdlib_h.m4 serial 42
dnl Copyright (C) 2007-2013 Free Software Foundation, Inc.
dnl This file is free software; the Free Software Foundation
dnl gives unlimited permission to copy and/or distribute it,
@@ -22,7 +22,7 @@ AC_DEFUN([gl_STDLIB_H],
]], [_Exit atoll canonicalize_file_name getloadavg getsubopt grantpt
initstate initstate_r mkdtemp mkostemp mkostemps mkstemp mkstemps
posix_openpt ptsname ptsname_r random random_r realpath rpmatch
- setenv setstate setstate_r srandom srandom_r
+ secure_getenv setenv setstate setstate_r srandom srandom_r
strtod strtoll strtoull unlockpt unsetenv])
])
@@ -60,6 +60,7 @@ AC_DEFUN([gl_STDLIB_H_DEFAULTS],
GNULIB_REALLOC_POSIX=0; AC_SUBST([GNULIB_REALLOC_POSIX])
GNULIB_REALPATH=0; AC_SUBST([GNULIB_REALPATH])
GNULIB_RPMATCH=0; AC_SUBST([GNULIB_RPMATCH])
+ GNULIB_SECURE_GETENV=0; AC_SUBST([GNULIB_SECURE_GETENV])
GNULIB_SETENV=0; AC_SUBST([GNULIB_SETENV])
GNULIB_STRTOD=0; AC_SUBST([GNULIB_STRTOD])
GNULIB_STRTOLL=0; AC_SUBST([GNULIB_STRTOLL])
@@ -88,6 +89,7 @@ AC_DEFUN([gl_STDLIB_H_DEFAULTS],
HAVE_RANDOM_R=1; AC_SUBST([HAVE_RANDOM_R])
HAVE_REALPATH=1; AC_SUBST([HAVE_REALPATH])
HAVE_RPMATCH=1; AC_SUBST([HAVE_RPMATCH])
+ HAVE_SECURE_GETENV=1; AC_SUBST([HAVE_SECURE_GETENV])
HAVE_SETENV=1; AC_SUBST([HAVE_SETENV])
HAVE_DECL_SETENV=1; AC_SUBST([HAVE_DECL_SETENV])
HAVE_STRTOD=1; AC_SUBST([HAVE_STRTOD])
diff --git a/modules/secure_getenv b/modules/secure_getenv
new file mode 100644
index 0000000..495549d
--- /dev/null
+++ b/modules/secure_getenv
@@ -0,0 +1,31 @@
+Description:
+Look up an environment variable, returning 0 in insecure situations.
+
+Files:
+lib/secure_getenv.c
+m4/secure_getenv.m4
+
+Depends-on:
+stdlib
+extensions
+
+configure.ac:
+gl_FUNC_SECURE_GETENV
+if test $HAVE_SECURE_GETENV = 0; then
+ AC_LIBOBJ([secure_getenv])
+ gl_PREREQ_SECURE_GETENV
+fi
+gl_STDLIB_MODULE_INDICATOR([secure_getenv])
+
+Makefile.am:
+
+Include:
+<stdlib.h>
+
+Link:
+
+License:
+LGPLv2+
+
+Maintainer:
+all
diff --git a/modules/stdlib b/modules/stdlib
index 8164477..40847e9 100644
--- a/modules/stdlib
+++ b/modules/stdlib
@@ -54,6 +54,7 @@ stdlib.h: stdlib.in.h $(top_builddir)/config.status
$(CXXDEFS_H) \
-e 's/@''GNULIB_REALLOC_POSIX''@/$(GNULIB_REALLOC_POSIX)/g' \
-e 's/@''GNULIB_REALPATH''@/$(GNULIB_REALPATH)/g' \
-e 's/@''GNULIB_RPMATCH''@/$(GNULIB_RPMATCH)/g' \
+ -e 's/@''GNULIB_SECURE_GETENV''@/$(GNULIB_SECURE_GETENV)/g' \
-e 's/@''GNULIB_SETENV''@/$(GNULIB_SETENV)/g' \
-e 's/@''GNULIB_STRTOD''@/$(GNULIB_STRTOD)/g' \
-e 's/@''GNULIB_STRTOLL''@/$(GNULIB_STRTOLL)/g' \
@@ -82,6 +83,7 @@ stdlib.h: stdlib.in.h $(top_builddir)/config.status
$(CXXDEFS_H) \
-e 's|@''HAVE_RANDOM_R''@|$(HAVE_RANDOM_R)|g' \
-e 's|@''HAVE_REALPATH''@|$(HAVE_REALPATH)|g' \
-e 's|@''HAVE_RPMATCH''@|$(HAVE_RPMATCH)|g' \
+ -e 's|@''HAVE_SECURE_GETENV''@|$(HAVE_SECURE_GETENV)|g' \
-e 's|@''HAVE_DECL_SETENV''@|$(HAVE_DECL_SETENV)|g' \
-e 's|@''HAVE_STRTOD''@|$(HAVE_STRTOD)|g' \
-e 's|@''HAVE_STRTOLL''@|$(HAVE_STRTOLL)|g' \
--
1.7.11.7