From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Date: Thu, 23 Apr 2015 22:45:05 +0000 (-0400)
Subject: Fix: use lttng_secure_getenv to handle env. vars. involving paths
X-Git-Tag: v2.6.1~1
X-Git-Url: http://git.liburcu.org/?p=lttng-ust.git;a=commitdiff_plain;h=ab7ffb47327c43dff0b56d5763f0c6ce2d68f919

Fix: use lttng_secure_getenv to handle env. vars. involving paths

This is a security fix for applications linked against liblttng-ust
which are exposed as setuid binaries.

A malicious user which can run those applications could target those
environment variable paths to locations that would allow it to create
files in various areas of the filesystem.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
---

diff --git a/liblttng-ust/lttng-ust-comm.c b/liblttng-ust/lttng-ust-comm.c
index f40683d3..3800ba68 100644
--- a/liblttng-ust/lttng-ust-comm.c
+++ b/liblttng-ust/lttng-ust-comm.c
@@ -52,6 +52,7 @@
 #include "compat.h"
 #include "../libringbuffer/tlsfixup.h"
 #include "lttng-ust-baddr.h"
+#include "getenv.h"
 
 /*
  * Has lttng ust comm constructor been called ?
@@ -313,11 +314,11 @@ const char *get_lttng_home_dir(void)
 {
        const char *val;
 
-       val = (const char *) getenv("LTTNG_HOME");
+       val = (const char *) lttng_secure_getenv("LTTNG_HOME");
        if (val != NULL) {
                return val;
        }
-       return (const char *) getenv("HOME");
+       return (const char *) lttng_secure_getenv("HOME");
 }
 
 /*