generic-library/bionic
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge "Use foreach loop to match setuid unsafe env vars."

Browse Source
This commit is contained in:
Josh Gao 2015-10-02 18:32:44 +00:00 committed by Gerrit Code Review
commit cf92ebcfe3
1 changed files with 30 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
libc/bionic/libc_init_common.cpp
View File

@ -237,7 +237,7 @@ static bool __is_valid_environment_variable(const char* name) {
static bool __is_unsafe_environment_variable(const char* name) { static bool __is_unsafe_environment_variable(const char* name) {
// None of these should be allowed in setuid programs. // None of these should be allowed in setuid programs.
static const char* const UNSAFE_VARIABLE_NAMES[] = { static constexpr const char* UNSAFE_VARIABLE_NAMES[] = {
"GCONV_PATH", "GCONV_PATH",
"GETCONF_DIR", "GETCONF_DIR",
"HOSTALIASES", "HOSTALIASES",
@ -265,10 +265,9 @@ static bool __is_unsafe_environment_variable(const char* name) {
"RES_OPTIONS", "RES_OPTIONS",
"TMPDIR", "TMPDIR",
"TZDIR", "TZDIR",
nullptr
}; };
for (size_t i = 0; UNSAFE_VARIABLE_NAMES[i] != nullptr; ++i) { for (const auto& unsafe_variable_name : UNSAFE_VARIABLE_NAMES) {
if (env_match(name, UNSAFE_VARIABLE_NAMES[i]) != nullptr) { if (env_match(name, unsafe_variable_name) != nullptr) {
return true; return true;
} }
} }