From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Sat, 30 Dec 2000 21:22:08 +0000 (+0000)
Subject: Make env_keep override badenv_table as documented
X-Git-Tag: SUDO_1_6_4~215
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=1875e474740485cc10efa50ceb3c419ce003edf1;p=sudo

Make env_keep override badenv_table as documented
Fix traversal of badenv_table (broken in last commit)
---

diff --git a/env.c b/env.c
index b60f21b26..fae584401 100644
--- a/env.c
+++ b/env.c
@@ -234,9 +234,11 @@ rebuild_env(sudo_mode, envp)
 {
     char **newenvp, **ep, **nep, **ek, *cp;
     char *ekflat, *ps1, **env_keep;
+    int okvar;
     size_t env_size, eklen;
     struct env_table *entry;
 
+    okvar = 0;
     eklen = 0;
     ekflat = ps1 = NULL;
     env_keep = NULL;
@@ -315,17 +317,35 @@ rebuild_env(sudo_mode, envp)
 	    ;
 	nep = newenvp = (char **) emalloc(env_size * sizeof(char *));
 
-	/* Copy envp entries as long as they don't match badenv_table. */
+	/*
+	 * Copy envp entries as long as they don't match badenv_table
+	 * (unless excepted by env_keep).
+	 */
 	for (ep = envp; *ep; ep++) {
-	    for (entry = badenv_table; entry->name; entry++) {
-		if (strncmp(*ep, entry->name, entry->len) != 0 ||
-		    (entry->check && !strpbrk(*ep, "/%"))) {
-		    if (strncmp(*ep, "SUDO_PS1=", 9) == 0)
-			ps1 = *ep + 5;
-		    *nep++ = *ep;
-		    break;
+	    /* env_keep overrides badenv_table */
+	    if (env_keep) {
+		for (ek = env_keep; *ek; ek++) {
+		    eklen = strlen(*ek);
+		    if (strncmp(*ek, *ep, eklen) == 0 && (*ep)[eklen] == '=') {
+			okvar = 1;
+			break;
+		    }
 		}
 	    }
+	    if (!okvar) {
+		for (okvar = 1, entry = badenv_table; entry->name; entry++) {
+		    if (strncmp(*ep, entry->name, entry->len) == 0 &&
+			(!entry->check || strpbrk(*ep, "/%"))) {
+			okvar = 0;
+			break;
+		    }
+		}
+	    }
+	    if (okvar) {
+		if (strncmp(*ep, "SUDO_PS1=", 9) == 0)
+		    ps1 = *ep + 5;
+		*nep++ = *ep;
+	    }
 	}
     }
     *nep = NULL;