From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Sun, 1 Mar 2009 13:52:28 +0000 (+0000)
Subject: Add sanity checks for setenv/unsetenv
X-Git-Tag: SUDO_1_7_1~33
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3c8acdd649d027aa19db144444c979ed8ef99430;p=sudo

Add sanity checks for setenv/unsetenv
---

diff --git a/env.c b/env.c
index edf505aa7..4a7a0ea32 100644
--- a/env.c
+++ b/env.c
@@ -251,6 +251,11 @@ setenv(var, val, overwrite)
     char *estring;
     size_t esize;
 
+    if (strchr(var, '=') != NULL) {
+	errno = EINVAL;
+	return(-1);
+    }
+
     esize = strlen(var) + 1 + strlen(val) + 1;
     estring = emalloc(esize);
 
@@ -279,6 +284,11 @@ unsetenv(var)
     char **ep;
     size_t len;
 
+    if (strchr(var, '=') != NULL) {
+	errno = EINVAL;
+	return(-1);
+    }
+
     /* Make sure we are operating on the current environment. */
     if (env.envp != environ) {
 	for (ep = environ; *ep != NULL; ep++)