WUtil: make use of secure_getenv if the function is available

As pointed by Coverity (#50226), the function getenv can return unreliable data, so if a sensitive application makes uses of the function 'wgethomedir' or 'wusergnusteppath' we'd better use the GNU function secure_getenv which ignore environment variable when used in a known critical cases. Signed-off-by: Christophe CURIS <christophe.curis@free.fr>
2025-12-19 04:20:27 +01:00 · 2014-05-18 00:56:43 +02:00
parent 3aae412588
commit a72c166b6e
4 changed files with 34 additions and 0 deletions
--- a/m4/windowmaker.m4
+++ b/m4/windowmaker.m4
@@ -182,3 +182,28 @@ m4_popdef([ENABLEVAR])dnl
 m4_popdef([CACHEVAR])dnl
 m4_popdef([USEVAR])dnl
 ])
+
+
+# WM_FUNC_SECURE_GETENV
+# ---------------------
+#
+# Check if the function 'secure_getenv' is available
+# If found, defines HAVE_SECURE_GETENV
+AC_DEFUN_ONCE([WM_FUNC_SECURE_GETENV],
+[AC_REQUIRE([_WM_LIB_CHECK_FUNCTS])
+AC_CACHE_CHECK([for secure_getenv], [wm_cv_func_secure_getenv],
+    [wm_cv_func_secure_getenv=no
+     wm_save_CFLAGS="$CFLAGS"
+     for wm_arg in "% yes" "-D_GNU_SOURCE"; do
+         AS_IF([wm_fn_lib_try_compile "stdlib.h" "const char *h;" "h = secure_getenv(\"HOME\")" dnl
+                    "`echo "$wm_arg" | sed -e 's, *%.*$,,' ` -Werror=implicit-function-declaration"],
+             [wm_cv_func_secure_getenv="`echo "$wm_arg" | sed -e 's,^.*% *,,' `"
+              break])
+     done
+     CFLAGS="$wm_save_CFLAGS"])
+AS_IF([test "x$wm_cv_func_secure_getenv" != "xno"],
+    [AS_IF([test "x$wm_cv_func_secure_getenv" != "xyes"],
+         [WM_APPEND_ONCE([$wm_cv_func_secure_getenv], [CPPFLAGS])])
+     AC_DEFINE([HAVE_SECURE_GETENV], [1],
+         [defined when GNU's secure_getenv function is available])])
+])