Jille, good day. Tue, Dec 01, 2009 at 05:37:19PM +0100, Jille Timmermans wrote: > Eygene Ryabinkin schreef: > > If you're talking about rtld-elf local root, then the real issue > > is that return values of unsetenv() are not checked and unsetenv() > > could fail, thus leaving LD_PRELOAD and friends left unmodified. > > > Isn't the real issue that unsetenv() works differently from getenv()? > If they both said 'your environment is crappy' there wouldn't have been > a problem, would it?
You can't really rely on such behaviour: if you will, it will tie you to the implementation details, because standards aren't defining such interrelations (at least I can't find them: [1], [2], [3]). I think that the rule is the following: if something can return/set error value and you want to be sure that the call succeeded, you must check that value and act accorgingly. [1] http://www.opengroup.org/onlinepubs/000095399/functions/getenv.html [2] http://www.opengroup.org/onlinepubs/000095399/functions/unsetenv.html [3] http://www.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ # _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
