From: Todd C. Miller Date: Wed, 17 Nov 2004 16:18:33 +0000 (+0000) Subject: Preserve KRB5CCNAME in zero_env() and add a paranoia check to make sure X-Git-Tag: SUDO_1_7_0~810 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=b2ef18bbd3236934822a10948e6d7b1afab10b13;p=sudo Preserve KRB5CCNAME in zero_env() and add a paranoia check to make sure we can't overflow new_env. --- diff --git a/env.c b/env.c index 58f3ded33..4f3860349 100644 --- a/env.c +++ b/env.c @@ -137,7 +137,7 @@ static size_t env_size; /* size of new_environ in char **'s */ static size_t env_len; /* number of slots used, not counting NULL */ /* - * Zero out environment and replace with a minimal set of + * Zero out environment and replace with a minimal set of KRB5CCNAME * USER, LOGNAME, HOME, TZ, PATH (XXX - should just set path to default) * May set user_path, user_shell, and/or user_prompt as side effects. */ @@ -145,8 +145,9 @@ char ** zero_env(envp) char **envp; { - static char *newenv[8]; + static char *newenv[9]; char **ep, **nep = newenv; + char **ne_last = &newenv[(sizeof(newenv) / sizeof(newenv[0])) - 1]; extern char *prev_user; for (ep = envp; *ep; ep++) { @@ -155,6 +156,10 @@ zero_env(envp) if (strncmp("HOME=", *ep, 5) == 0) break; continue; + case 'K': + if (strncmp("KRB5CCNAME=", *ep, 11) == 0) + break; + continue; case 'L': if (strncmp("LOGNAME=", *ep, 8) == 0) break; @@ -191,8 +196,12 @@ zero_env(envp) if (**nep == **ep) break; } - if (*nep == NULL) - *nep++ = *ep; + if (*nep == NULL) { + if (nep < ne_last) + *nep++ = *ep; + else + errorx(1, "internal error, attempt to write outside newenv"); + } } #ifdef HAVE_LDAP @@ -201,7 +210,10 @@ zero_env(envp) * or files in the current directory. * */ - *nep++ = "LDAPNOINIT=1"; + if (nep < ne_last) + *nep++ = "LDAPNOINIT=1"; + else + errorx(1, "internal error, attempt to write outside newenv"); #endif return(&newenv[0]);