Пример #1
0
static int
do_test (void)
{
  if (getenv ("PATH") == NULL)
    {
      printf ("PATH not set\n");
      exit (1);
    }
  if (secure_getenv ("PATH") == NULL)
    {
      printf ("PATH not set according to secure_getenv\n");
      exit (1);
    }
  if (strcmp (getenv ("PATH"), secure_getenv ("PATH")) != 0)
    {
      printf ("PATH mismatch (%s, %s)\n",
	      getenv ("PATH"), secure_getenv ("PATH"));
      exit (1);
    }

  gid_t target = choose_gid ();
  if (target == 0)
    {
      fprintf (stderr,
	       "Could not find a suitable GID for user %jd, skipping test\n",
	       (intmax_t) getuid ());
      exit (0);
    }
  return run_executable_sgid (target);
}
Пример #2
0
int main(int argc, char *argv[])
{
    // printf("NULL??###%c$$$\n",argv[argc]);

    while(*environ != NULL)
        printf("%s\n", *environ++);
    for(int i = 0; i <18; i++)
        environ--;
    printf("%s\n", secure_getenv("HOME"));
    printf("%s\n", secure_getenv("PWD"));

}
Пример #3
0
/*
 * this function is called after fork in the parent
 */
static void
at_fork_check (void)
{
  char *out_env;
  char *err_env;

  out_env = secure_getenv (MPX_RT_OUT);
  err_env = secure_getenv (MPX_RT_ERR);

  if (add_pid == 0 && (out_env != 0 || err_env != 0))
    files_overwritten = 1;
}
Пример #4
0
static const char *
xkb_context_get_default_variant(struct xkb_context *ctx)
{
    const char *env = NULL;
    const char *layout = secure_getenv("XKB_DEFAULT_LAYOUT");

    /* We don't want to inherit the variant if they haven't also set a
     * layout, since they're so closely paired. */
    if (layout && ctx->use_environment_names)
        env = secure_getenv("XKB_DEFAULT_VARIANT");

    return env ? env : DEFAULT_XKB_VARIANT;
}
Пример #5
0
/*****************************************************************************
 * get_color_terminal()
 *****************************************************************************/
char *
get_color_terminal(void)
{
	char *term        = secure_getenv("TERM");
	char *colorterm   = secure_getenv("COLORTERM");

	if ((colorterm != NULL) && (colorterm[0] != '\0')) {
		return colorterm;
	}
	if ((term != NULL) && (term[0] != '\0')) {
		return term;
	}

	return NULL;
}
Пример #6
0
static void
alternative_main (int argc, char **argv)
{
  if (argc == 2 && strcmp (argv[1], MAGIC_ARGUMENT) == 0)
    {
      if (getgid () == getegid ())
	{
	  /* This can happen if the file system is mounted nosuid.  */
	  fprintf (stderr, "SGID failed: GID and EGID match (%jd)\n",
		  (intmax_t) getgid ());
	  exit (MAGIC_STATUS);
	}
      if (getenv ("PATH") == NULL)
	{
	  printf ("PATH variable not present\n");
	  exit (3);
	}
      if (secure_getenv ("PATH") != NULL)
	{
	  printf ("PATH variable not filtered out\n");
	  exit (4);
	}
      exit (MAGIC_STATUS);
    }
}
Пример #7
0
PR_IMPLEMENT(char*) PR_GetEnvSecure(const char *var)
{
#ifdef HAVE_SECURE_GETENV
  char *ev;

  if (!_pr_initialized) _PR_ImplicitInitialization();

  _PR_LOCK_ENV();
  ev = secure_getenv(var);
  _PR_UNLOCK_ENV();

  return ev;
#else
#ifdef XP_UNIX
  /*
  ** Fall back to checking uids and gids.  This won't detect any other
  ** privilege-granting mechanisms the platform may have.  This also
  ** can't detect the case where the process already called
  ** setuid(geteuid()) and/or setgid(getegid()).
  */
  if (getuid() != geteuid() || getgid() != getegid()) {
    return NULL;
  }
#endif /* XP_UNIX */
  return PR_GetEnv(var);
#endif /* HAVE_SECURE_GETENV */
}
Пример #8
0
ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL
pid_file_write(const char *progname)
{
    const char *pidfile_dir = NULL;
    char *ret = NULL;
    FILE *fp;

    /*
     * Maybe we could have a version of this function (and pidfile())
     * where we get a directory from the caller.  That would allow us to
     * have command-line options for the daemons for this.
     *
     * For now we use an environment variable.
     */
    pidfile_dir = secure_getenv("HEIM_PIDFILE_DIR");
    if (pidfile_dir == NULL)
        pidfile_dir = _PATH_VARRUN;

    if (asprintf(&ret, "%s%s.pid", pidfile_dir, progname) < 0 || ret == NULL)
	return NULL;
    fp = fopen(ret, "w");
    if (fp == NULL) {
	free(ret);
	return NULL;
    }
    fprintf(fp, "%lu\n", (unsigned long)getpid());
    fclose(fp);
    return ret;
}
Пример #9
0
static char *
expand_tempdir (const char *name)
{
	const char *env;

	env = secure_getenv ("TMPDIR");
	if (env && env[0]) {
		return p11_path_build (env, name, NULL);

	} else {
#ifdef OS_UNIX
#ifdef _PATH_TMP
		return p11_path_build (_PATH_TMP, name, NULL);
#else
		return p11_path_build ("/tmp", name, NULL);
#endif

#else /* OS_WIN32 */
		char directory[MAX_PATH + 1];

		if (!GetTempPathA (MAX_PATH + 1, directory)) {
			printf ("# couldn't lookup temp directory\n");
			errno = ENOTDIR;
			return NULL;
		}

		return p11_path_build (directory, name, NULL);

#endif /* OS_WIN32 */
	}
}
Пример #10
0
char *gpr_getenv(const char *name) {
#if defined(GPR_BACKWARDS_COMPATIBILITY_MODE)
  typedef char *(*getenv_type)(const char *);
  static getenv_type getenv_func = NULL;
  /* Check to see which getenv variant is supported (go from most
   * to least secure) */
  const char *names[] = {"secure_getenv", "__secure_getenv", "getenv"};
  for (size_t i = 0; getenv_func == NULL && i < GPR_ARRAY_SIZE(names); i++) {
    getenv_func = (getenv_type)dlsym(RTLD_DEFAULT, names[i]);
    if (getenv_func != NULL && strstr(names[i], "secure") == NULL) {
      gpr_log(GPR_DEBUG,
              "Warning: insecure environment read function '%s' used",
              names[i]);
    }
  }
  char *result = getenv_func(name);
  return result == NULL ? result : gpr_strdup(result);
#elif __GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 17)
  char *result = secure_getenv(name);
  return result == NULL ? result : gpr_strdup(result);
#else
  gpr_log(GPR_DEBUG, "Warning: insecure environment read function '%s' used",
          "getenv");
  char *result = getenv(name);
  return result == NULL ? result : gpr_strdup(result);
#endif
}
Пример #11
0
netresolve_query_t
netresolve_query_new(netresolve_t context, enum netresolve_request_type type)
{
	struct netresolve_query *queries = &context->queries;
	netresolve_query_t query;

	if (!(query = calloc(1, sizeof *query)))
		return NULL;

	query->previous = queries->previous;
	query->next = queries;
	query->previous->next = query->next->previous = query;

	query->context = context;
	query->watches.previous = query->watches.next = &query->watches;

	if (!context->backends)
		netresolve_set_backend_string(context, secure_getenv("NETRESOLVE_BACKENDS"));
	if (!context->backends || !*context->backends)
		abort();

	query->backend = context->backends;
	memcpy(&query->request, &context->request, sizeof context->request);

	query->request.type = type;

	debug_query(query, "created", type);

	return query;
}
Пример #12
0
static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp,
                        long argl, char **ret)
{
    int ok = 0;
    char *file;

    switch (cmd) {
    case X509_L_FILE_LOAD:
        if (argl == X509_FILETYPE_DEFAULT) {
            file = (char *)secure_getenv(X509_get_default_cert_file_env());
            if (file)
                ok = (X509_load_cert_crl_file(ctx, file,
                                              X509_FILETYPE_PEM) != 0);

            else
                ok = (X509_load_cert_crl_file
                      (ctx, X509_get_default_cert_file(),
                       X509_FILETYPE_PEM) != 0);

            if (!ok) {
                X509err(X509_F_BY_FILE_CTRL, X509_R_LOADING_DEFAULTS);
            }
        } else {
            if (argl == X509_FILETYPE_PEM)
                ok = (X509_load_cert_crl_file(ctx, argp,
                                              X509_FILETYPE_PEM) != 0);
            else
                ok = (X509_load_cert_file(ctx, argp, (int)argl) != 0);
        }
        break;
    }
    return (ok);
}
Пример #13
0
static char *
get_config_file_for_user(void)
{
    char *fn;
    int ret;

    fn = secure_getenv("SOFTPKCS11RC");
    if (fn)
        fn = strdup(fn);
    if (fn == NULL) {
        char homebuf[MAX_PATH];
        const char *home = roken_get_appdatadir(homebuf, sizeof(homebuf));

        if (home) {
            ret = asprintf(&fn, "%s/.soft-token.rc", home);
	    if (ret == -1)
		fn = NULL;
        } else {
#ifndef WIN32
            fn = strdup("/etc/soft-token.rc");
#endif
        }
    }

    return fn;
}
Пример #14
0
void
find_addr2line (void)
{
#ifdef HAVE_ACCESS
#define A2L_LEN 10
  char *path = secure_getenv ("PATH");
  if (!path)
    return;
  size_t n = strlen (path);
  char ap[n + 1 + A2L_LEN];
  size_t ai = 0;
  for (size_t i = 0; i < n; i++)
    {
      if (path[i] != ':')
	ap[ai++] = path[i];
      else
	{
	  ap[ai++] = '/';
	  memcpy (ap + ai, "addr2line", A2L_LEN);
	  if (access (ap, R_OK|X_OK) == 0)
	    {
	      addr2line_path = strdup (ap);
	      return;
	    }
	  else
	    ai = 0;
	}
    }
#endif
}
Пример #15
0
char* _prisma_trytogettermname() {
    static char _prisma_termname[_PRISMA_TERMNAME_LENGTH];

#ifdef _PRISMA_LINUX 
    char *tmp = getnameof(getppidof(getsid(getpid())));
    if(tmp) {
        strncpy(_prisma_termname, tmp, _PRISMA_TERMNAME_LENGTH);
        if(!strncmp(_prisma_termname, "initdline", _PRISMA_TERMNAME_LENGTH)
        || !strncmp(_prisma_termname, "konsole", _PRISMA_TERMNAME_LENGTH))
            return _prisma_termname;
    } 

#ifdef _GNU_SOURCE
    strncpy(_prisma_termname, secure_getenv("TERM"), _PRISMA_TERMNAME_LENGTH);
#else
    strncpy(_prisma_termname, getenv("TERM"), _PRISMA_TERMNAME_LENGTH);
#endif

#elif defined _PRISMA_WINDOWS
    if(GetConsoleOriginalTitleA(&_prisma_termname[9], 
                _PRISMA_TERMNAME_LENGTH-9)) {
        strncpy(_prisma_termname, "windows, ", 9);
    } else
        strncpy(_prisma_termname, "windows, unknown", _PRISMA_TERMNAME_LENGTH);
#else
    strncpy(_prisma_termname, "unknown", _PRISMA_TERMNAME_LENGTH);
#endif

    return _prisma_termname;
}
Пример #16
0
Settings::Settings()
{
  auto lk = getLocker();

  set(ZMKW_LOGPORT, ZCSTR("59000"), lk);
  set(ZMKW_LOGSERVER, ZCSTR("127.0.0.1"), lk);
  set(ZMKW_LOGPROTO, ZCSTR("ZMG_PUB"), lk);
  ZConstString home_str((const char*)secure_getenv("HOME"));
  set(ZMB::ZMKW_USER_HOME, home_str, lk);

  char* temp = (char*)alloca(ZMB::max<unsigned>(1024u, (unsigned)(4 * home_str.len)));
  ZUnsafeBuf buf(temp, 1024); buf.fill(0);
  buf.read(0, home_str, 0);
  char* origin = buf.begin();

  buf.str += home_str.len;//advance to point after the user home location
  buf.len -= home_str.len;

  auto __set_value = [&](ZConstString str, ZConstString key) mutable
  {
    char* end = 0;
    buf.read(&end, str, 0);
    *end = '\0';
    set(key, ZConstString(origin, end), lk);
  };
  __set_value(ZCSTR("/zmbaq_config.json"), ZMKW_CFG_LOCATION);

  /** TODO: platform-dependent temporary storage. **/
  __set_value(ZCSTR("/tmp/video_temp"), ZMKW_FS_TEMP_LOCATION);
  __set_value(ZCSTR("/tmp/video_perm"), ZMKW_FS_PERM_LOCATION);

  __set_value(ZCSTR("/tmp/test_db"), ZMKW_TESTDB_LOCATION);
  __set_value(ZCSTR("/tmp/test_blob_db"), ZMKW_TESTDBBLOB_LOCATION);
}
Пример #17
0
static int igetenv(const char* name) {
	char* ret = secure_getenv(name);
	if(ret == NULL) return 0;
	else {
		return max(atoi(ret), 0);		// Prevent negative number
	}
}
Пример #18
0
static void write_nss_key_log(gnutls_session_t session, const gnutls_datum_t *premaster)
{
	char buf[512];
	char buf2[512];
	FILE *fp;
	static const char *keylogfile = NULL;
	static unsigned checked_env = 0;

	if (!checked_env) {
		checked_env = 1;
		keylogfile = secure_getenv("SSLKEYLOGFILE");
	}

	if (keylogfile == NULL)
		return;

	fp = fopen(keylogfile, "a");
	if (fp == NULL)
		return;

	fprintf(fp, "CLIENT_RANDOM %s %s\n", 
		 _gnutls_bin2hex(session->security_parameters.
				 client_random, 32, buf,
				 sizeof(buf), NULL),
		 _gnutls_bin2hex(session->security_parameters.
				 master_secret, GNUTLS_MASTER_SIZE,
				 buf2, sizeof(buf2), NULL));
	fclose(fp);
}
Пример #19
0
char *wgethomedir()
{
	static char *home = NULL;
	char *tmp;
	struct passwd *user;

	if (home)
		return home;

#ifdef HAVE_SECURE_GETENV
	tmp = secure_getenv("HOME");
#else
	tmp = getenv("HOME");
#endif
	if (tmp) {
		home = wstrdup(tmp);
		return home;
	}

	user = getpwuid(getuid());
	if (!user) {
		werror(_("could not get password entry for UID %i"), getuid());
		home = "/";
		return home;
	}

	if (!user->pw_dir)
		home = "/";
	else
		home = wstrdup(user->pw_dir);

	return home;
}
Пример #20
0
int bus_open_user_systemd(sd_bus **_bus) {
        _cleanup_bus_unref_ sd_bus *bus = NULL;
        _cleanup_free_ char *ee = NULL;
        const char *e;
        int r;

        /* Try via kdbus first, and then directly */

        assert(_bus);

#ifdef ENABLE_KDBUS
        r = sd_bus_new(&bus);
        if (r < 0)
                return r;

        if (asprintf(&bus->address, KERNEL_USER_BUS_FMT, getuid()) < 0)
                return -ENOMEM;

        bus->bus_client = true;

        r = sd_bus_start(bus);
        if (r >= 0) {
                *_bus = bus;
                bus = NULL;
                return 0;
        }

        bus = sd_bus_unref(bus);
#endif

        e = secure_getenv("XDG_RUNTIME_DIR");
        if (!e)
                return sd_bus_open_user(_bus);

        ee = bus_address_escape(e);
        if (!ee)
                return -ENOMEM;

        r = sd_bus_new(&bus);
        if (r < 0)
                return r;

        bus->address = strjoin("unix:path=", ee, "/systemd/private", NULL);
        if (!bus->address)
                return -ENOMEM;

        r = sd_bus_start(bus);
        if (r < 0)
                return sd_bus_open_user(_bus);

        r = bus_check_peercred(bus);
        if (r < 0)
                return r;

        *_bus = bus;
        bus = NULL;

        return 0;
}
Пример #21
0
const char *
get_xlocaledir_path(void)
{
    const char *dir = secure_getenv("XLOCALEDIR");
    if (!dir)
        dir = XLOCALEDIR;
    return dir;
}
Пример #22
0
static void init(void)
{
	/* Most file systems limit the size of filenames to 255 octets */
	char *home_env, game_dir[256];
	mode_t mode = S_IRUSR | S_IWUSR | S_IXUSR;

	/* Get user HOME environment variable. Fail if we can't trust the
	 * environment, like if the setuid bit is set on the executable.
	 */
	if ((home_env = secure_getenv("HOME")) != NULL) {
		strlcpy(game_dir, home_env, sizeof game_dir);
	} else {
		fprintf(stderr, "Environment variable $HOME does not exist, "
				"or it is not what you think it is.\n");
		exit(EXIT_FAILURE);
	}

	char *dirs[] = {
		"/.local",
		"/share",
		"/tetris",
		NULL,
	};

	int i;
	for (i = 0; dirs[i]; i++) {
		strlcat(game_dir, dirs[i], sizeof game_dir);
		if (try_mkdir(game_dir, mode) < 0)
			goto err_subdir;
	}

	/* open for writing in append mode ~/.local/share/tetris/logs */
	strlcat(game_dir, "/logs", sizeof game_dir);
	if (freopen(game_dir, "a", stderr) == NULL) {
		fprintf(stderr, "Could not open: %s\n", game_dir);
		exit(EXIT_FAILURE);
	}

	srand(time(NULL));

	/* Create game context */
	if (blocks_init() > 0) {
		printf("Game successfully initialized\n");
		printf("Appending logs to file: %s.\n", game_dir);
	} else {
		printf("Failed to initialize game\n");
		exit(EXIT_FAILURE);
	}

	/* create ncurses display */
	screen_init();

	return;

 err_subdir:
	fprintf(stderr, "Unable to create sub directories. Cannot continue\n");
	exit(EXIT_FAILURE);
}
Пример #23
0
static char *
getenvdup (const char *varname)
{
    char *envvar = secure_getenv (varname);
    if (envvar == NULL || envvar[0] == 0) // identical for our purposes
        return NULL;
    else
        return strdup (envvar);
}
Пример #24
0
void
__mpxrt_init_env_vars (int* bndpreserve)
{
  char *out_env;
  char *err_env;
  char *env;

  pthread_mutex_init (&lock, NULL);

  out_env = secure_getenv (MPX_RT_OUT);
  env_var_list_add (MPX_RT_OUT, out_env);

  err_env = secure_getenv (MPX_RT_ERR);
  env_var_list_add (MPX_RT_ERR, err_env);

  env = secure_getenv (MPX_RT_ADDPID);
  env_var_list_add (MPX_RT_ADDPID, env);
  add_pid = check_yes (env);

  set_file_stream (&out, out_name, out_env, stdout);
  if (out_env == 0 || err_env == 0 || (strcmp (out_env, err_env) != 0))
    set_file_stream (&err, err_name, err_env, stderr);
  else
    /* in case we get the same file name for err and out */
    err = out;

  env = secure_getenv (MPX_RT_VERBOSE);
  env_var_list_add (MPX_RT_VERBOSE, env);
  verbose_val = init_verbose_val (env);

  env = secure_getenv (MPX_RT_MODE);
  env_var_list_add (MPX_RT_MODE, env);
  mode = set_mpx_rt_mode (env);

  env = secure_getenv (MPX_RT_BNDPRESERVE);
  env_var_list_add (MPX_RT_BNDPRESERVE, env);
  validate_bndpreserve (env, bndpreserve);

  env = secure_getenv (MPX_RT_PRINT_SUMMARY);
  env_var_list_add (MPX_RT_PRINT_SUMMARY, env);
  summary = check_yes (env);

  env = secure_getenv (MPX_RT_HELP);
  if (check_yes (env))
    print_help ();

  /*
   * at fork - create new files for output and err according
   * to the env vars.
   */
  pthread_atfork (NULL, at_fork_check, open_child_files);

  env_var_print_summary ();
}
Пример #25
0
static const char *
xkb_context_get_default_layout(struct xkb_context *ctx)
{
    const char *env = NULL;

    if (ctx->use_environment_names)
        env = secure_getenv("XKB_DEFAULT_LAYOUT");

    return env ? env : DEFAULT_XKB_LAYOUT;
}
Пример #26
0
static const char *
xkb_context_get_default_model(struct xkb_context *ctx)
{
    const char *env = NULL;

    if (ctx->use_environment_names)
        env = secure_getenv("XKB_DEFAULT_MODEL");

    return env ? env : DEFAULT_XKB_MODEL;
}
Пример #27
0
static const char *
xkb_context_get_default_options(struct xkb_context *ctx)
{
    const char *env = NULL;

    if (ctx->use_environment_names)
        env = secure_getenv("XKB_DEFAULT_OPTIONS");

    return env ? env : DEFAULT_XKB_OPTIONS;
}
Пример #28
0
static int print_debug_info ()
{
  static int __print_debug_info = -1;

  if (__print_debug_info == -1) {
    __print_debug_info = secure_getenv ("HASKELL_GI_DEBUG_MEM") != NULL;
  }

  return __print_debug_info;
}
Пример #29
0
void register_aarch64_crypto(void)
{
	unsigned capabilities = 0;
	char *p;
	p = secure_getenv("GNUTLS_CPUID_OVERRIDE");
	if (p) {
		capabilities = strtol(p, NULL, 0);
	}

	_register_aarch64_crypto(capabilities);
}
Пример #30
0
// Initialize library parameters from environment.
// We don't have main(), so we have to call it in every callback.
static inline void init_env()
{
	char *t;

	if (mem_threshold == 0) {
		t = secure_getenv("MR_THRESHOLD");
		if (t)
			mem_threshold = strtol(t, NULL, 0);
		else
			mem_threshold = DEFAULT_MEM_THRESHOLD;
	}

	if (DEBUG == -1) {
		t = secure_getenv("MR_DEBUG");
		if (t)
			DEBUG = strtol(t, NULL, 0);
		else
			DEBUG = 0;
	}
}