From 756510c102885005c2fc31eb01e3a6b95f8ed985 Mon Sep 17 00:00:00 2001
From: Pauli <paul.dale@oracle.com>
Date: Fri, 17 Aug 2018 14:35:37 +1000
Subject: Check getauxval on systems that have it when checking for setuid
 execution.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6993)
---
 crypto/uid.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

(limited to 'crypto/uid.c')

diff --git a/crypto/uid.c b/crypto/uid.c
index 4e1890f2d2..b2bfee32b5 100644
--- a/crypto/uid.c
+++ b/crypto/uid.c
@@ -31,12 +31,18 @@ int OPENSSL_issetugid(void)
 # include OPENSSL_UNISTD
 # include <sys/types.h>
 
+# if defined(__GLIBC__) && defined(__GLIBC_PREREQ)
+#  if __GLIBC_PREREQ(2, 16)
+#   include <sys/auxv.h>
+#  endif
+# endif
+
 int OPENSSL_issetugid(void)
 {
-    if (getuid() != geteuid())
-        return 1;
-    if (getgid() != getegid())
-        return 1;
-    return 0;
+# ifdef AT_SECURE
+    return getauxval(AT_SECURE) != 0;
+# else
+    return getuid() != geteuid() || getgid() != getegid();
+# endif
 }
 #endif
-- 
cgit v1.2.3