svn commit: r241483 - stable/9/lib/libc/stdlib
Andrey A. Chernov
ache at FreeBSD.org
Fri Oct 12 13:17:20 UTC 2012
Author: ache
Date: Fri Oct 12 13:17:19 2012
New Revision: 241483
URL: http://svn.freebsd.org/changeset/base/241483
Log:
MFC r241137,r241154
Using putenv() and later direct pointer contents modification it is possibe
to craft environment variables with similar names like that:
a=1
a=2
...
unsetenv("a") should remove them all to make later getenv("a") impossible.
Fix it to do so (this is GNU autoconf test #3 failure too).
PR: 172273
Modified:
stable/9/lib/libc/stdlib/getenv.c
Directory Properties:
stable/9/lib/libc/ (props changed)
Modified: stable/9/lib/libc/stdlib/getenv.c
==============================================================================
--- stable/9/lib/libc/stdlib/getenv.c Fri Oct 12 12:27:30 2012 (r241482)
+++ stable/9/lib/libc/stdlib/getenv.c Fri Oct 12 13:17:19 2012 (r241483)
@@ -662,6 +662,7 @@ unsetenv(const char *name)
{
int envNdx;
size_t nameLen;
+ int newEnvActive;
/* Check for malformed name. */
if (name == NULL || (nameLen = __strleneq(name)) == 0) {
@@ -674,13 +675,18 @@ unsetenv(const char *name)
return (-1);
/* Deactivate specified variable. */
+ /* Remove all occurrences. */
envNdx = envVarsTotal - 1;
- if (__findenv(name, nameLen, &envNdx, true) != NULL) {
+ newEnvActive = envActive;
+ while (__findenv(name, nameLen, &envNdx, true) != NULL) {
envVars[envNdx].active = false;
if (envVars[envNdx].putenv)
__remove_putenv(envNdx);
- __rebuild_environ(envActive - 1);
+ envNdx--;
+ newEnvActive--;
}
+ if (newEnvActive != envActive)
+ __rebuild_environ(newEnvActive);
return (0);
}
More information about the svn-src-stable-9
mailing list