From 5c39a55d04ea6e6f734b627a050b9e702788d50d Mon Sep 17 00:00:00 2001 From: Pauli Date: Mon, 24 Sep 2018 11:21:18 +1000 Subject: Use secure_getenv(3) when available. Change all calls to getenv() inside libcrypto to use a new wrapper function that use secure_getenv() if available and an issetugid then getenv if not. CPU processor override flags are unchanged. Extra checks for OPENSSL_issetugid() have been removed in favour of the safe getenv. Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/7047) --- crypto/conf/conf_api.c | 5 +++-- crypto/conf/conf_mod.c | 7 ++----- 2 files changed, 5 insertions(+), 7 deletions(-) (limited to 'crypto/conf') diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c index 72fe2da1ad..5e57d749ce 100644 --- a/crypto/conf/conf_api.c +++ b/crypto/conf/conf_api.c @@ -10,6 +10,7 @@ /* Part of the code in here was originally in conf.c, which is now removed */ #include "e_os.h" +#include "internal/cryptlib.h" #include #include #include @@ -82,7 +83,7 @@ char *_CONF_get_string(const CONF *conf, const char *section, if (v != NULL) return v->value; if (strcmp(section, "ENV") == 0) { - p = getenv(name); + p = ossl_safe_getenv(name); if (p != NULL) return p; } @@ -95,7 +96,7 @@ char *_CONF_get_string(const CONF *conf, const char *section, else return NULL; } else - return getenv(name); + return ossl_safe_getenv(name); } static unsigned long conf_value_hash(const CONF_VALUE *v) diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c index df53609cc4..51f262e774 100644 --- a/crypto/conf/conf_mod.c +++ b/crypto/conf/conf_mod.c @@ -480,11 +480,8 @@ char *CONF_get1_default_config_file(void) char *file, *sep = ""; int len; - if (!OPENSSL_issetugid()) { - file = getenv("OPENSSL_CONF"); - if (file) - return OPENSSL_strdup(file); - } + if ((file = ossl_safe_getenv("OPENSSL_CONF")) != NULL) + return OPENSSL_strdup(file); len = strlen(X509_get_default_cert_area()); #ifndef OPENSSL_SYS_VMS -- cgit v1.2.3