Use secure_getenv when available to fix untrusted source issue

Change-Id: I8c0fb08450eee9a0895fbf2437c2dd525075ef2f

diff --git a/meson.build b/meson.build
index 2c592f3ad3d22789e851b2e960c6168171058d46..ff3ee824441ba426df4acef07c07f71dc78f8902 100644 (file)
--- a/meson.build
+++ b/meson.build
@@ -193,6 +193,16 @@ if cc.has_function('input_set_default_property', dependencies : dep_udev)
        config_h.set10('HAVE_INPUT_SET_DEFAULT_PROPERTY', 1)
 endif
 
+############ check setcure_getenv function  ############
+
+if cc.has_header_symbol('stdlib.h', 'secure_getenv', prefix: prefix)
+       config_h.set('HAVE_SECURE_GETENV', 1)
+elif cc.has_header_symbol('stdlib.h', '__secure_getenv', prefix: prefix)
+       config_h.set('HAVE___SECURE_GETENV', 1)
+else
+       message('C library does not support secure_getenv, using getenv instead')
+endif
+
 ############ udev bits ############
 
 if get_option('udev-enable')

diff --git a/src/evdev.c b/src/evdev.c
index fb1f5669d209aa867233627297d200021d588053..efb81facd7d79dbb90546574e0411464683ed744 100644 (file)
--- a/src/evdev.c
+++ b/src/evdev.c
@@ -2057,7 +2057,7 @@ evdev_configure_device(struct evdev_device *device)
        }
 
        if (udev_tags & EVDEV_UDEV_TAG_JOYSTICK) {
-               env = getenv("LIBINPUT_IGNORE_JOYSTICK");
+               env = secure_getenv("LIBINPUT_IGNORE_JOYSTICK");
                if (env && atoi(env) == 1) {
                        evdev_log_info(device,
                                 "input device '%s' have joystick, ignoring\n",
@@ -2452,7 +2452,7 @@ udev_device_should_be_ignored(struct udev_device *udev_device)
        if (value && !streq(value, "0")) return true;
 
        // for TIZEN, add checking if joystick should be ignored or not.
-       env = getenv("LIBINPUT_IGNORE_JOYSTICK");
+       env = secure_getenv("LIBINPUT_IGNORE_JOYSTICK");
        if (env && atoi(env) == 1) {
                value = udev_device_get_property_value(udev_device,
                                                       "ID_INPUT_JOYSTICK");

diff --git a/src/libinput-private.h b/src/libinput-private.h
index 451b3b6f6bdd94fb30c9f6dde711241237c602a0..8d4af63a6b461c6e2e0295f3c803219235551bc3 100644 (file)
--- a/src/libinput-private.h
+++ b/src/libinput-private.h
@@ -57,6 +57,14 @@
 #define TRACE_INPUT_END()
 #endif
 
+#if defined(HAVE_SECURE_GETENV)
+# define secure_getenv secure_getenv
+#elif defined(HAVE___SECURE_GETENV)
+# define secure_getenv __secure_getenv
+#else
+# define secure_getenv getenv
+#endif
+
 struct libinput_source;
 
 /* A coordinate pair in device coordinates */

diff --git a/src/libinput.c b/src/libinput.c
index 66f517e0518ce4c17cf05935b1ba93696840ab40..524d36ff76e06e5ce46c587524098f5347d1f407 100644 (file)
--- a/src/libinput.c
+++ b/src/libinput.c
@@ -2355,7 +2355,7 @@ close_restricted(struct libinput *libinput, int fd)
 bool
 ignore_litest_test_suite_device(struct udev_device *device)
 {
-       if (!getenv("LIBINPUT_RUNNING_TEST_SUITE") &&
+       if (!secure_getenv("LIBINPUT_RUNNING_TEST_SUITE") &&
            udev_device_get_property_value(device, "LIBINPUT_TEST_DEVICE"))
                return true;