diff options
author | assar <assar@FreeBSD.org> | 2000-12-10 20:50:20 +0000 |
---|---|---|
committer | assar <assar@FreeBSD.org> | 2000-12-10 20:50:20 +0000 |
commit | b022d1d27e2a42e93ab520d233de00d72a07feea (patch) | |
tree | 407523918e63230df072152ccc638510ee1f06a8 /crypto | |
parent | 5603555df7110d7e7e4c13eb5db4e37a30208d34 (diff) | |
download | FreeBSD-src-b022d1d27e2a42e93ab520d233de00d72a07feea.zip FreeBSD-src-b022d1d27e2a42e93ab520d233de00d72a07feea.tar.gz |
(scrub_env): change to only accept a listed set of variables,
including only non-filename contents for TERMCAP
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/telnet/telnetd/sys_term.c | 60 |
1 files changed, 37 insertions, 23 deletions
diff --git a/crypto/telnet/telnetd/sys_term.c b/crypto/telnet/telnetd/sys_term.c index 5e28390..7d0811f 100644 --- a/crypto/telnet/telnetd/sys_term.c +++ b/crypto/telnet/telnetd/sys_term.c @@ -1839,34 +1839,48 @@ addarg(argv, val) /* * scrub_env() * - * Remove a few things from the environment that - * don't need to be there. + * We only accept the environment variables listed below. */ void scrub_env() { - register char **cpp, **cpp2; + static const char *reject[] = { + "TERMCAP=/", + NULL + }; + + static const char *accept[] = { + "XAUTH=", "XAUTHORITY=", "DISPLAY=", + "TERM=", + "EDITOR=", + "PAGER=", + "LOGNAME=", + "POSIXLY_CORRECT=", + "PRINTER=", + NULL + }; + + char **cpp, **cpp2; + const char **p; + + for (cpp2 = cpp = environ; *cpp; cpp++) { + int reject_it = 0; + + for(p = reject; *p; p++) + if(strncmp(*cpp, *p, strlen(*p)) == 0) { + reject_it = 1; + break; + } + if (reject_it) + continue; - for (cpp2 = cpp = environ; *cpp; cpp++) { -#ifdef __FreeBSD__ - if (strncmp(*cpp, "LD_LIBRARY_PATH=", 16) && - strncmp(*cpp, "LD_PRELOAD=", 11) && -#else - if (strncmp(*cpp, "LD_", 3) && - strncmp(*cpp, "_RLD_", 5) && - strncmp(*cpp, "LIBPATH=", 8) && -#endif - strncmp(*cpp, "LOCALDOMAIN=", 12) && - strncmp(*cpp, "RES_OPTIONS=", 12) && - strncmp(*cpp, "TERMINFO=", 9) && - strncmp(*cpp, "TERMINFO_DIRS=", 14) && - strncmp(*cpp, "TERMPATH=", 9) && - strncmp(*cpp, "TERMCAP=/", 9) && - strncmp(*cpp, "ENV=", 4) && - strncmp(*cpp, "IFS=", 4)) - *cpp2++ = *cpp; - } - *cpp2 = 0; + for(p = accept; *p; p++) + if(strncmp(*cpp, *p, strlen(*p)) == 0) + break; + if(*p != NULL) + *cpp2++ = *cpp; + } + *cpp2 = NULL; } /* |