Fix: use lttng_secure_getenv to handle env. vars. involving paths
authorMathieu Desnoyers <mathieu.desnoyers@efficios.com>
Thu, 23 Apr 2015 22:45:05 +0000 (18:45 -0400)
committerMathieu Desnoyers <mathieu.desnoyers@efficios.com>
Thu, 23 Apr 2015 22:45:05 +0000 (18:45 -0400)
This is a security fix for applications linked against liblttng-ust
which are exposed as setuid binaries.

A malicious user which can run those applications could target those
environment variable paths to locations that would allow it to create
files in various areas of the filesystem.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
liblttng-ust/lttng-ust-comm.c

index ace63bb8ec015c8701f10a13238e3cc4e7da2832..794cba9daad244397afc9d26ab111f379e235172 100644 (file)
@@ -55,6 +55,7 @@
 #include "lttng-ust-baddr.h"
 #include "clock.h"
 #include "../libringbuffer/getcpu.h"
+#include "getenv.h"
 
 /*
  * Has lttng ust comm constructor been called ?
@@ -316,11 +317,11 @@ const char *get_lttng_home_dir(void)
 {
        const char *val;
 
-       val = (const char *) getenv("LTTNG_HOME");
+       val = (const char *) lttng_secure_getenv("LTTNG_HOME");
        if (val != NULL) {
                return val;
        }
-       return (const char *) getenv("HOME");
+       return (const char *) lttng_secure_getenv("HOME");
 }
 
 /*
This page took 0.031399 seconds and 4 git commands to generate.