Don't change the environ directly in the sudoers plugin
This commit is contained in:
Todd C. Miller
@@ -587,9 +587,6 @@
|
||||
/* Define to 1 if you have the `_innetgr' function. */
|
||||
#undef HAVE__INNETGR
|
||||
|
||||
/* Define to 1 if you have the `_NSGetEnviron' function. */
|
||||
#undef HAVE__NSGETENVIRON
|
||||
|
||||
/* Define to 1 if your crt0.o defines the __progname symbol for you. */
|
||||
#undef HAVE___PROGNAME
|
||||
|
||||
|
||||
94
configure
vendored
94
configure
vendored
@@ -13089,100 +13089,6 @@ done
|
||||
CHECKSHADOW="false"
|
||||
test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
|
||||
: ${with_logincap='yes'}
|
||||
|
||||
for ac_func in _NSGetEnviron
|
||||
do
|
||||
as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
|
||||
{ echo "$as_me:$LINENO: checking for $ac_func" >&5
|
||||
echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
|
||||
if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
|
||||
echo $ECHO_N "(cached) $ECHO_C" >&6
|
||||
else
|
||||
cat >conftest.$ac_ext <<_ACEOF
|
||||
/* confdefs.h. */
|
||||
_ACEOF
|
||||
cat confdefs.h >>conftest.$ac_ext
|
||||
cat >>conftest.$ac_ext <<_ACEOF
|
||||
/* end confdefs.h. */
|
||||
/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
|
||||
For example, HP-UX 11i <limits.h> declares gettimeofday. */
|
||||
#define $ac_func innocuous_$ac_func
|
||||
|
||||
/* System header to define __stub macros and hopefully few prototypes,
|
||||
which can conflict with char $ac_func (); below.
|
||||
Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
|
||||
<limits.h> exists even on freestanding compilers. */
|
||||
|
||||
#ifdef __STDC__
|
||||
# include <limits.h>
|
||||
#else
|
||||
# include <assert.h>
|
||||
#endif
|
||||
|
||||
#undef $ac_func
|
||||
|
||||
/* Override any GCC internal prototype to avoid an error.
|
||||
Use char because int might match the return type of a GCC
|
||||
builtin and then its argument prototype would still apply. */
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
#endif
|
||||
char $ac_func ();
|
||||
/* The GNU C library defines this for functions which it implements
|
||||
to always fail with ENOSYS. Some functions are actually named
|
||||
something starting with __ and the normal name is an alias. */
|
||||
#if defined __stub_$ac_func || defined __stub___$ac_func
|
||||
choke me
|
||||
#endif
|
||||
|
||||
int
|
||||
main ()
|
||||
{
|
||||
return $ac_func ();
|
||||
;
|
||||
return 0;
|
||||
}
|
||||
_ACEOF
|
||||
rm -f conftest.$ac_objext conftest$ac_exeext
|
||||
if { (ac_try="$ac_link"
|
||||
case "(($ac_try" in
|
||||
*\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
|
||||
*) ac_try_echo=$ac_try;;
|
||||
esac
|
||||
eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
|
||||
(eval "$ac_link") 2>conftest.er1
|
||||
ac_status=$?
|
||||
grep -v '^ *+' conftest.er1 >conftest.err
|
||||
rm -f conftest.er1
|
||||
cat conftest.err >&5
|
||||
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||
(exit $ac_status); } && {
|
||||
test -z "$ac_c_werror_flag" ||
|
||||
test ! -s conftest.err
|
||||
} && test -s conftest$ac_exeext &&
|
||||
$as_test_x conftest$ac_exeext; then
|
||||
eval "$as_ac_var=yes"
|
||||
else
|
||||
echo "$as_me: failed program was:" >&5
|
||||
sed 's/^/| /' conftest.$ac_ext >&5
|
||||
|
||||
eval "$as_ac_var=no"
|
||||
fi
|
||||
|
||||
rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
|
||||
conftest$ac_exeext conftest.$ac_ext
|
||||
fi
|
||||
ac_res=`eval echo '${'$as_ac_var'}'`
|
||||
{ echo "$as_me:$LINENO: result: $ac_res" >&5
|
||||
echo "${ECHO_T}$ac_res" >&6; }
|
||||
if test `eval echo '${'$as_ac_var'}'` = yes; then
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
|
||||
_ACEOF
|
||||
|
||||
fi
|
||||
done
|
||||
|
||||
;;
|
||||
*-*-nextstep*)
|
||||
# lockf() on is broken on the NeXT -- use flock instead
|
||||
|
||||
@@ -1741,7 +1741,6 @@ case "$host" in
|
||||
CHECKSHADOW="false"
|
||||
test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
|
||||
: ${with_logincap='yes'}
|
||||
AC_CHECK_FUNCS(_NSGetEnviron)
|
||||
;;
|
||||
*-*-nextstep*)
|
||||
# lockf() on is broken on the NeXT -- use flock instead
|
||||
|
||||
@@ -104,13 +104,6 @@ struct environment {
|
||||
static void sudo_setenv(const char *, const char *, int);
|
||||
static void sudo_putenv(char *, int, int);
|
||||
|
||||
/* XXX - should not need to muck with environ, use envp from env_init */
|
||||
#ifdef HAVE__NSGETENVIRON
|
||||
char **environ; /* global environment */
|
||||
#else
|
||||
extern char **environ; /* global environment */
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Copy of the sudo-managed environment.
|
||||
*/
|
||||
@@ -226,10 +219,6 @@ env_init(char * const envp[])
|
||||
size_t len;
|
||||
int rval = -1;
|
||||
|
||||
#ifdef HAVE__NSGETENVIRON
|
||||
environ = _NSGetEnviron();
|
||||
#endif
|
||||
|
||||
for (ep = envp; *ep != NULL; ep++)
|
||||
continue;
|
||||
len = (size_t)(ep - envp);
|
||||
@@ -313,32 +302,10 @@ setenv(var, val, overwrite)
|
||||
}
|
||||
*ep = '\0';
|
||||
|
||||
/* Sync env.envp with environ as needed. */
|
||||
if (env.envp != environ) {
|
||||
char **ep;
|
||||
size_t len;
|
||||
|
||||
for (ep = environ; *ep != NULL; ep++)
|
||||
continue;
|
||||
len = ep - environ;
|
||||
if (len + 2 > env.env_size) {
|
||||
efree(env.envp);
|
||||
env.env_size = len + 2 + 128;
|
||||
env.envp = emalloc2(env.env_size, sizeof(char *));
|
||||
#ifdef ENV_DEBUG
|
||||
memset(env.envp, 0, env.env_size * sizeof(char *));
|
||||
if (env.envp[env.env_len] != NULL)
|
||||
errorx(1, "setenv: corrupted envp, len mismatch");
|
||||
#endif
|
||||
}
|
||||
memcpy(env.envp, environ, len * sizeof(char *));
|
||||
env.envp[len] = NULL;
|
||||
env.env_len = len;
|
||||
environ = env.envp;
|
||||
#ifdef ENV_DEBUG
|
||||
} else {
|
||||
if (env.envp[env.env_len] != NULL)
|
||||
errorx(1, "setenv: corrupted envp, len mismatch");
|
||||
#endif
|
||||
}
|
||||
sudo_putenv(estring, TRUE, overwrite);
|
||||
return 0;
|
||||
}
|
||||
@@ -367,30 +334,10 @@ unsetenv(var)
|
||||
#endif
|
||||
}
|
||||
|
||||
/* Make sure we are operating on the current environment. */
|
||||
/* XXX - this could be optimized to include the search */
|
||||
if (env.envp != environ) {
|
||||
for (ep = environ; *ep != NULL; ep++)
|
||||
continue;
|
||||
len = ep - environ;
|
||||
if (len + 1 > env.env_size) {
|
||||
efree(env.envp);
|
||||
env.env_size = len + 1 + 128;
|
||||
env.envp = emalloc2(env.env_size, sizeof(char *));
|
||||
#ifdef ENV_DEBUG
|
||||
memset(env.envp, 0, env.env_size * sizeof(char *));
|
||||
if (env.envp[env.env_len] != NULL)
|
||||
errorx(1, "unsetenv: corrupted envp, len mismatch");
|
||||
#endif
|
||||
}
|
||||
memcpy(env.envp, environ, len * sizeof(char *));
|
||||
env.envp[len] = NULL;
|
||||
env.env_len = len;
|
||||
environ = env.envp;
|
||||
#ifdef ENV_DEBUG
|
||||
} else {
|
||||
if (env.envp[env.env_len] != NULL)
|
||||
errorx(1, "unsetenv: corrupted envp, len mismatch");
|
||||
#endif
|
||||
}
|
||||
|
||||
len = strlen(var);
|
||||
for (ep = env.envp; *ep; ep++) {
|
||||
@@ -423,32 +370,10 @@ putenv(string)
|
||||
errno = EINVAL;
|
||||
return -1;
|
||||
}
|
||||
/* Sync env.envp with environ as needed. */
|
||||
if (env.envp != environ) {
|
||||
char **ep;
|
||||
size_t len;
|
||||
|
||||
for (ep = environ; *ep != NULL; ep++)
|
||||
continue;
|
||||
len = ep - environ;
|
||||
if (len + 2 > env.env_size) {
|
||||
efree(env.envp);
|
||||
env.env_size = len + 2 + 128;
|
||||
env.envp = emalloc2(env.env_size, sizeof(char *));
|
||||
#ifdef ENV_DEBUG
|
||||
memset(env.envp, 0, env.env_size * sizeof(char *));
|
||||
if (env.envp[env.env_len] != NULL)
|
||||
errorx(1, "putenv: corrupted envp, len mismatch");
|
||||
#endif
|
||||
}
|
||||
memcpy(env.envp, environ, len * sizeof(char *));
|
||||
env.envp[len] = NULL;
|
||||
env.env_len = len;
|
||||
environ = env.envp;
|
||||
#ifdef ENV_DEBUG
|
||||
} else {
|
||||
if (env.envp[env.env_len] != NULL)
|
||||
errorx(1, "putenv: corrupted envp, len mismatch");
|
||||
#endif
|
||||
}
|
||||
sudo_putenv((char *)string, TRUE, TRUE);
|
||||
return 0;
|
||||
}
|
||||
@@ -476,7 +401,6 @@ sudo_putenv(str, dupcheck, overwrite)
|
||||
memset(env.envp + env.env_len, 0,
|
||||
(env.env_size - env.env_len) * sizeof(char *));
|
||||
#endif
|
||||
environ = env.envp;
|
||||
}
|
||||
|
||||
#ifdef ENV_DEBUG
|
||||
@@ -618,7 +542,7 @@ rebuild_env(sudo_mode, noexec)
|
||||
#endif
|
||||
if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
|
||||
/* Pull in vars we want to keep from the old environment. */
|
||||
for (ep = environ; *ep; ep++) {
|
||||
for (ep = old_envp; *ep; ep++) {
|
||||
int keepit;
|
||||
|
||||
/* Skip variables with values beginning with () (bash functions) */
|
||||
@@ -705,7 +629,7 @@ rebuild_env(sudo_mode, noexec)
|
||||
* Copy environ entries as long as they don't match env_delete or
|
||||
* env_check.
|
||||
*/
|
||||
for (ep = environ; *ep; ep++) {
|
||||
for (ep = old_envp; *ep; ep++) {
|
||||
int okvar;
|
||||
|
||||
/* Skip variables with values beginning with () (bash functions) */
|
||||
@@ -809,8 +733,7 @@ rebuild_env(sudo_mode, noexec)
|
||||
snprintf(idbuf, sizeof(idbuf), "%lu", (unsigned long) user_gid);
|
||||
sudo_setenv("SUDO_GID", idbuf, TRUE);
|
||||
|
||||
/* Install new environment. */
|
||||
environ = env.envp;
|
||||
/* Free old environment. */
|
||||
efree(old_envp);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user