1*38fd1498Szrj /* Copyright (C) 2017-2018 Free Software Foundation, Inc. 2*38fd1498Szrj 3*38fd1498Szrj This file is part of GCC. 4*38fd1498Szrj 5*38fd1498Szrj GCC is free software; you can redistribute it and/or modify 6*38fd1498Szrj it under the terms of the GNU General Public License as published by 7*38fd1498Szrj the Free Software Foundation; either version 3, or (at your option) 8*38fd1498Szrj any later version. 9*38fd1498Szrj 10*38fd1498Szrj GCC is distributed in the hope that it will be useful, 11*38fd1498Szrj but WITHOUT ANY WARRANTY; without even the implied warranty of 12*38fd1498Szrj MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13*38fd1498Szrj GNU General Public License for more details. 14*38fd1498Szrj 15*38fd1498Szrj Under Section 7 of GPL version 3, you are granted additional 16*38fd1498Szrj permissions described in the GCC Runtime Library Exception, version 17*38fd1498Szrj 3.1, as published by the Free Software Foundation. 18*38fd1498Szrj 19*38fd1498Szrj You should have received a copy of the GNU General Public License and 20*38fd1498Szrj a copy of the GCC Runtime Library Exception along with this program; 21*38fd1498Szrj see the files COPYING3 and COPYING.RUNTIME respectively. If not, see 22*38fd1498Szrj <http://www.gnu.org/licenses/>. */ 23*38fd1498Szrj 24*38fd1498Szrj #ifndef _SECURE_GETENV_H 25*38fd1498Szrj #define _SECURE_GETENV_H 1 26*38fd1498Szrj 27*38fd1498Szrj /* Secure getenv() which returns NULL if running as SUID/SGID. */ 28*38fd1498Szrj #ifndef HAVE_SECURE_GETENV 29*38fd1498Szrj #if defined (HAVE_UNISTD_H) && defined (HAVE_GETUID) \ 30*38fd1498Szrj && defined (HAVE_GETEUID) && defined (HAVE_GETGID) \ 31*38fd1498Szrj && defined (HAVE_GETEGID) 32*38fd1498Szrj 33*38fd1498Szrj #include <unistd.h> 34*38fd1498Szrj 35*38fd1498Szrj #if SUPPORTS_WEAKREF && defined (HAVE___SECURE_GETENV) 36*38fd1498Szrj static char* weak_secure_getenv (const char*) 37*38fd1498Szrj __attribute__((__weakref__("__secure_getenv"))); 38*38fd1498Szrj #endif 39*38fd1498Szrj 40*38fd1498Szrj /* Implementation of secure_getenv() for targets where it is not provided but 41*38fd1498Szrj we have at least means to test real and effective IDs. */ 42*38fd1498Szrj 43*38fd1498Szrj static inline char * secure_getenv(const char * name)44*38fd1498Szrjsecure_getenv (const char *name) 45*38fd1498Szrj { 46*38fd1498Szrj #if SUPPORTS_WEAKREF && defined (HAVE___SECURE_GETENV) 47*38fd1498Szrj if (weak_secure_getenv) 48*38fd1498Szrj return weak_secure_getenv (name); 49*38fd1498Szrj #endif 50*38fd1498Szrj 51*38fd1498Szrj if ((getuid () == geteuid ()) && (getgid () == getegid ())) 52*38fd1498Szrj return getenv (name); 53*38fd1498Szrj else 54*38fd1498Szrj return NULL; 55*38fd1498Szrj } 56*38fd1498Szrj #else 57*38fd1498Szrj #define secure_getenv getenv 58*38fd1498Szrj #endif 59*38fd1498Szrj #endif 60*38fd1498Szrj 61*38fd1498Szrj #endif /* _SECURE_GETENV_H. */ 62