Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use secure_getenv() when it's available #9

Merged
merged 1 commit into from May 3, 2016

Conversation

nalind
Copy link
Contributor

@nalind nalind commented May 3, 2016

Factor out logic that attempts to only consult the environment when it's safe to do so into its own function, and use secure_getenv() instead of getenv() if it's available. Original report from
https://bugzilla.redhat.com/show_bug.cgi?id=1332508

Factor out logic that attempts to only consult the environment when it's
safe to do so into its own function, and use secure_getenv() instead of
getenv() if it's available.  Original report from
https://bugzilla.redhat.com/show_bug.cgi?id=1332508
@achernya achernya merged commit 39b21da into achernya:master May 3, 2016
@achernya
Copy link
Owner

achernya commented May 3, 2016

Tests pass, merged.

@nalind nalind deleted the secure_getenv branch May 3, 2016 18:13
@carnil
Copy link

carnil commented Jan 21, 2017

This has been assigned CVE-2016-10151

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants