http proxy handling: Use ossl_safe_getenv() instead of getenv()

CLA: trivial Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #20810)
openssl · Apr 28, 2023 · e7cbb09 · e7cbb09
1 parent 26f0150
commit e7cbb09
Showing 1 changed file with 4 additions and 5 deletions.
diff --git a/crypto/http/http_lib.c b/crypto/http/http_lib.c
@@ -253,9 +253,9 @@ static int use_proxy(const char *no_proxy, const char *server)
      * compatible with other HTTP client implementations like wget, curl and git
      */
     if (no_proxy == NULL)
-        no_proxy = getenv("no_proxy");
+        no_proxy = ossl_safe_getenv("no_proxy");
     if (no_proxy == NULL)
-        no_proxy = getenv(OPENSSL_NO_PROXY);
+        no_proxy = ossl_safe_getenv(OPENSSL_NO_PROXY);
 
     if (no_proxy != NULL)
         found = strstr(no_proxy, server);
@@ -275,10 +275,9 @@ const char *OSSL_HTTP_adapt_proxy(const char *proxy, const char *no_proxy,
      * compatible with other HTTP client implementations like wget, curl and git
      */
     if (proxy == NULL)
-        proxy = getenv(use_ssl ? "https_proxy" : "http_proxy");
+        proxy = ossl_safe_getenv(use_ssl ? "https_proxy" : "http_proxy");
     if (proxy == NULL)
-        proxy = getenv(use_ssl ? OPENSSL_HTTP_PROXY :
-                       OPENSSL_HTTPS_PROXY);
+        proxy = ossl_safe_getenv(use_ssl ? OPENSSL_HTTP_PROXY : OPENSSL_HTTPS_PROXY);
 
     if (proxy == NULL || *proxy == '\0' || !use_proxy(no_proxy, server))
         return NULL;