On Tue, Mar 14, 2023 at 04:19:55AM +0000, Warner Losh wrote: > The branch main has been updated by imp: > > URL: > https://cgit.FreeBSD.org/src/commit/?id=adeca21464d25bc61f98968a5c1e76ab3c808ae4 > > commit adeca21464d25bc61f98968a5c1e76ab3c808ae4 > Author: lucy <[email protected]> > AuthorDate: 2023-03-13 22:01:12 +0000 > Commit: Warner Losh <[email protected]> > CommitDate: 2023-03-14 04:19:24 +0000 > > Add GNU glibc compatible secure_getenv > > Add mostly glibc and msl compatible secure_getenv. Return NULL if > issetugid() indicates the process is tainted, otherwise getenv(x). The > rational behind this is the fact that many Linux applications use this > function instead of getenv() as it's widely consider a, "best > practice". > > Reviewed by: imp, mjg (feedback) > Pull Request: https://github.com/freebsd/freebsd-src/pull/686 > Signed-off-by: Lucy Marsh <[email protected]> > --- > include/stdlib.h | 1 + > lib/libc/stdlib/Makefile.inc | 4 ++-- > lib/libc/stdlib/Symbol.map | 1 + > lib/libc/stdlib/getenv.3 | 26 +++++++++++++++++++++++++- > lib/libc/stdlib/getenv.c | 12 ++++++++++++ > 5 files changed, 41 insertions(+), 3 deletions(-) > > diff --git a/include/stdlib.h b/include/stdlib.h > index 01629ed84a11..c41e8704e810 100644 > --- a/include/stdlib.h > +++ b/include/stdlib.h > @@ -111,6 +111,7 @@ void qsort(void *, size_t, size_t, > int (* _Nonnull)(const void *, const void *)); > int rand(void); > void *realloc(void *, size_t) __result_use_check __alloc_size(2); > +char *secure_getenv(const char *); The declaration must be put under BSD_VISIBLE.
> void srand(unsigned); > double strtod(const char * __restrict, char ** __restrict); > float strtof(const char * __restrict, char ** __restrict);
