|
 |
43fe83 |
From a8692d25ea7457443ad49dc9187ca54d7a8faa55 Mon Sep 17 00:00:00 2001
|
|
|
43fe83 |
Message-Id: <a8692d25ea7457443ad49dc9187ca54d7a8faa55.1383321465.git.jdenemar@redhat.com>
|
|
|
43fe83 |
From: "Daniel P. Berrange" <berrange@redhat.com>
|
|
|
43fe83 |
Date: Wed, 30 Oct 2013 17:01:52 +0000
|
|
|
43fe83 |
Subject: [PATCH] Block all use of getenv with syntax-check
|
|
|
43fe83 |
|
|
|
43fe83 |
For
|
|
|
43fe83 |
|
|
|
43fe83 |
https://bugzilla.redhat.com/show_bug.cgi?id=1015247
|
|
|
43fe83 |
|
|
|
43fe83 |
The use of getenv is typically insecure, and we want people
|
|
|
43fe83 |
to use our wrappers, to force them to think about setuid
|
|
|
43fe83 |
needs.
|
|
|
43fe83 |
|
|
|
43fe83 |
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
|
|
43fe83 |
(cherry picked from commit 71b21f12bece1127b28b404f11f57b4c2d48983a)
|
|
|
43fe83 |
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
|
|
43fe83 |
---
|
|
|
43fe83 |
cfg.mk | 8 ++++++++
|
|
|
43fe83 |
src/util/virutil.c | 4 ++--
|
|
|
43fe83 |
2 files changed, 10 insertions(+), 2 deletions(-)
|
|
|
43fe83 |
|
|
|
43fe83 |
diff --git a/cfg.mk b/cfg.mk
|
|
|
43fe83 |
index aa2e1a1..f2cd411 100644
|
|
|
43fe83 |
--- a/cfg.mk
|
|
|
43fe83 |
+++ b/cfg.mk
|
|
|
43fe83 |
@@ -836,6 +836,11 @@ sc_prohibit_unbounded_arrays_in_rpc:
|
|
|
43fe83 |
halt='Arrays in XDR must have a upper limit set for <NNN>' \
|
|
|
43fe83 |
$(_sc_search_regexp)
|
|
|
43fe83 |
|
|
|
43fe83 |
+sc_prohibit_getenv:
|
|
|
43fe83 |
+ @prohibit='\b(secure_)?getenv *\(' \
|
|
|
43fe83 |
+ exclude='exempt from syntax-check' \
|
|
|
43fe83 |
+ halt='Use virGetEnv{Allow,Block}SUID instead of getenv' \
|
|
|
43fe83 |
+ $(_sc_search_regexp)
|
|
|
43fe83 |
|
|
|
43fe83 |
# We don't use this feature of maint.mk.
|
|
|
43fe83 |
prev_version_file = /dev/null
|
|
|
43fe83 |
@@ -1005,3 +1010,6 @@ exclude_file_name_regexp--sc_prohibit_include_public_headers_brackets = \
|
|
|
43fe83 |
|
|
|
43fe83 |
exclude_file_name_regexp--sc_prohibit_int_ijk = \
|
|
|
43fe83 |
^(src/remote_protocol-structs|src/remote/remote_protocol.x|cfg.mk|include/)$
|
|
|
43fe83 |
+
|
|
|
43fe83 |
+exclude_file_name_regexp--sc_prohibit_getenv = \
|
|
|
43fe83 |
+ ^tests/.*\.[ch]$$
|
|
|
43fe83 |
diff --git a/src/util/virutil.c b/src/util/virutil.c
|
|
|
43fe83 |
index 2b3cbeb..21827f2 100644
|
|
|
43fe83 |
--- a/src/util/virutil.c
|
|
|
43fe83 |
+++ b/src/util/virutil.c
|
|
|
43fe83 |
@@ -2108,7 +2108,7 @@ cleanup:
|
|
|
43fe83 |
*/
|
|
|
43fe83 |
const char *virGetEnvBlockSUID(const char *name)
|
|
|
43fe83 |
{
|
|
|
43fe83 |
- return secure_getenv(name);
|
|
|
43fe83 |
+ return secure_getenv(name); /* exempt from syntax-check-rules */
|
|
|
43fe83 |
}
|
|
|
43fe83 |
|
|
|
43fe83 |
|
|
|
43fe83 |
@@ -2122,7 +2122,7 @@ const char *virGetEnvBlockSUID(const char *name)
|
|
|
43fe83 |
*/
|
|
|
43fe83 |
const char *virGetEnvAllowSUID(const char *name)
|
|
|
43fe83 |
{
|
|
|
43fe83 |
- return getenv(name);
|
|
|
43fe83 |
+ return getenv(name); /* exempt from syntax-check-rules */
|
|
|
43fe83 |
}
|
|
|
43fe83 |
|
|
|
43fe83 |
|
|
|
43fe83 |
--
|
|
|
43fe83 |
1.8.4.2
|
|
|
43fe83 |
|