diff options
author | Stef Walter <stefw@redhat.com> | 2014-10-02 08:21:28 +0200 |
---|---|---|
committer | Stef Walter <stefw@redhat.com> | 2014-10-02 08:24:44 +0200 |
commit | 960cb9a7db1950ad1414f70b0e3ec240542601ac (patch) | |
tree | 93ca10157b1119fa72bd56165eb00880a943aecf /common/test-compat.c | |
parent | c9474683dd3db5ad87227dd3c3734ab31bfc01e9 (diff) |
common: Use secure_getenv() implementation when setuid
In anything security sensitive, use secure_getenv() implementation
for retrieving environment variables.
Diffstat (limited to 'common/test-compat.c')
-rw-r--r-- | common/test-compat.c | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/common/test-compat.c b/common/test-compat.c index 42471ae..3af33ac 100644 --- a/common/test-compat.c +++ b/common/test-compat.c @@ -84,6 +84,32 @@ test_getauxval (void) } static void +test_secure_getenv (void) +{ + const char *args[] = { BUILDDIR "/frob-getenv", "BLAH", NULL }; + char *path; + int ret; + + setenv ("BLAH", "5", 1); + + ret = p11_test_run_child (args, true); + assert_num_eq (ret, 5); + + path = p11_test_copy_setgid (args[0]); + if (path == NULL) + return; + + args[0] = path; + ret = p11_test_run_child (args, true); + assert_num_cmp (ret, ==, 0); + +/* if (unlink (path) < 0) + assert_fail ("unlink failed", strerror (errno)); + */ + free (path); +} + +static void test_mmap (void) { p11_mmap *map; @@ -110,6 +136,7 @@ main (int argc, /* Don't run this test when under fakeroot */ if (!getenv ("FAKED_MODE")) { p11_test (test_getauxval, "/compat/getauxval"); + p11_test (test_secure_getenv, "/compat/secure_getenv"); } p11_test (test_mmap, "/compat/mmap"); #endif |