# Introduce and export __locale_getenv. diff -uprk.orig glibc-2.3.5.orig/abilist/libc.abilist glibc-2.3.5/abilist/libc.abilist --- glibc-2.3.5.orig/abilist/libc.abilist 2003-04-02 04:39:52 +0000 +++ glibc-2.3.5/abilist/libc.abilist 2005-05-09 11:10:02 +0000 @@ -255,6 +255,7 @@ GLIBC_2.0 i.86-.*-linux.*/notls i.86-.*- __libc_realloc F __libc_start_main F __libc_valloc F + __locale_getenv F __lseek F __lxstat F __mbrlen F diff -uprk.orig glibc-2.3.5.orig/include/stdlib.h glibc-2.3.5/include/stdlib.h --- glibc-2.3.5.orig/include/stdlib.h 2004-09-07 17:04:23 +0000 +++ glibc-2.3.5/include/stdlib.h 2005-05-09 11:10:02 +0000 @@ -29,6 +29,7 @@ libc_hidden_proto (qecvt_r) libc_hidden_proto (qfcvt_r) libc_hidden_proto (lrand48_r) libc_hidden_proto (wctomb) +libc_hidden_proto (__locale_getenv) libc_hidden_proto (__secure_getenv) libc_hidden_proto (__strtof_internal) libc_hidden_proto (__strtod_internal) diff -uprk.orig glibc-2.3.5.orig/stdlib/Versions glibc-2.3.5/stdlib/Versions --- glibc-2.3.5.orig/stdlib/Versions 2004-05-03 21:25:53 +0000 +++ glibc-2.3.5/stdlib/Versions 2005-05-09 11:10:02 +0000 @@ -90,6 +90,8 @@ libc { # used by new G++ ABI __cxa_atexit; __cxa_finalize; } + GLIBC_2.2.4 { + __locale_getenv; GLIBC_2.3 { # Silent change in SUS. realpath; diff -uprk.orig glibc-2.3.5.orig/stdlib/secure-getenv.c glibc-2.3.5/stdlib/secure-getenv.c --- glibc-2.3.5.orig/stdlib/secure-getenv.c 2002-08-03 06:29:26 +0000 +++ glibc-2.3.5/stdlib/secure-getenv.c 2005-05-09 11:10:02 +0000 @@ -18,6 +18,7 @@ #include #include +#include /* Some programs and especially the libc itself have to be careful what values to accept from the environment. This special version @@ -29,3 +30,15 @@ __secure_getenv (name) return __libc_enable_secure ? NULL : getenv (name); } libc_hidden_def (__secure_getenv) + +char * +__locale_getenv (name) + const char *name; +{ + char *value = getenv (name); + if ( value && + __libc_enable_secure && (('.' == value[0]) || strchr(value, '/')) ) + return NULL; + return value; +} +libc_hidden_def (__locale_getenv) diff -uprk.orig glibc-2.3.5.orig/stdlib/stdlib.h glibc-2.3.5/stdlib/stdlib.h --- glibc-2.3.5.orig/stdlib/stdlib.h 2004-12-01 19:54:34 +0000 +++ glibc-2.3.5/stdlib/stdlib.h 2005-05-09 11:10:02 +0000 @@ -658,6 +658,11 @@ __END_NAMESPACE_STD programs is running with SUID or SGID enabled. */ extern char *__secure_getenv (__const char *__name) __THROW __nonnull ((1)); +/* This function is similar to the above but returns NULL if the + program is running with SUID or SGID enabled and value starts + with "." symbol or contains "/" symbols. */ +extern char *__locale_getenv (__const char *__name) __THROW __nonnull ((1)); + #if defined __USE_SVID || defined __USE_XOPEN /* The SVID says this is in , but this seems a better place. */ /* Put STRING, which is of the form "NAME=VALUE", in the environment.