static void __sanitize_environment_variables() { char** src = _envp; char** dst = _envp; for (; src[0] != NULL; ++src) { if (!__is_valid_environment_variable(src[0])) { continue; } // Remove various unsafe environment variables if we're loading a setuid program. if (get_AT_SECURE() && __is_unsafe_environment_variable(src[0])) { continue; } dst[0] = src[0]; ++dst; } dst[0] = NULL; }
unsigned* linker_env_init(unsigned* environment_and_aux_vectors) { // Store environment pointer - can't be NULL. _envp = reinterpret_cast<char**>(environment_and_aux_vectors); // Skip over all environment variable definitions. // The end of the environment block is marked by two NULL pointers. unsigned* aux_vectors = environment_and_aux_vectors; while (aux_vectors[0] != 0) { ++aux_vectors; } ++aux_vectors; __remove_invalid_environment_variables(); __init_AT_SECURE(aux_vectors); // Sanitize environment if we're loading a setuid program. if (get_AT_SECURE()) { __remove_unsafe_environment_variables(); } return aux_vectors; }