From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Date: Thu, 23 Apr 2015 22:45:05 +0000 (-0400)
Subject: Fix: use lttng_secure_getenv to handle env. vars. involving paths
X-Git-Tag: v2.7.0-rc1~40
X-Git-Url: http://git.lttng.org/?a=commitdiff_plain;h=13efba44993b2b2679677edb5cf75ef17849d621;p=lttng-ust.git

Fix: use lttng_secure_getenv to handle env. vars. involving paths

This is a security fix for applications linked against liblttng-ust
which are exposed as setuid binaries.

A malicious user which can run those applications could target those
environment variable paths to locations that would allow it to create
files in various areas of the filesystem.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
---

diff --git a/liblttng-ust/lttng-ust-comm.c b/liblttng-ust/lttng-ust-comm.c
index ace63bb8..794cba9d 100644
--- a/liblttng-ust/lttng-ust-comm.c
+++ b/liblttng-ust/lttng-ust-comm.c
@@ -55,6 +55,7 @@
 #include "lttng-ust-baddr.h"
 #include "clock.h"
 #include "../libringbuffer/getcpu.h"
+#include "getenv.h"
 
 /*
  * Has lttng ust comm constructor been called ?
@@ -316,11 +317,11 @@ const char *get_lttng_home_dir(void)
 {
        const char *val;
 
-       val = (const char *) getenv("LTTNG_HOME");
+       val = (const char *) lttng_secure_getenv("LTTNG_HOME");
        if (val != NULL) {
                return val;
        }
-       return (const char *) getenv("HOME");
+       return (const char *) lttng_secure_getenv("HOME");
 }
 
 /*