From 4e1ff3a1aa04411220a586365e0eda596cd9e506 Mon Sep 17 00:00:00 2001
From: =?utf8?q?R=C3=A9mi=20Denis-Courmont?= <remi@remlab.net>
Date: Sun, 11 Apr 2010 18:37:46 +0300
Subject: [PATCH] Detect dangerous use of environment variables at run-time

---
 bin/override.c | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)

diff --git a/bin/override.c b/bin/override.c
index 048c8fe1ca..5098a7d598 100644
--- a/bin/override.c
+++ b/bin/override.c
@@ -77,4 +77,43 @@ static void *getsym (const char *name)
     ({ typeof (func) *sym = getsym ( # func); sym (__VA_ARGS__); })
 
 
+/*** Environment ***
+ *
+ * "Conforming multi-threaded applications shall not use the environ variable
+ *  to access or modify any environment variable while any other thread is
+ *  concurrently modifying any environment variable." -- POSIX.
+ *
+ * Some evil libraries modify the environment. We currently ignore the calls as
+ * they could crash the process. This may cause funny behaviour though. */
+int putenv (char *str)
+{
+    if (override)
+    {
+        LOG("Blocked", "\"%s\"", str);
+        return 0;
+    }
+    return CALL(putenv, str);
+}
+
+int setenv (const char *name, const char *value, int overwrite)
+{
+    if (override)
+    {
+        LOG("Blocked", "\"%s\", \"%s\", %d", name, value, overwrite);
+        return 0;
+    }
+    return CALL(setenv, name, value, overwrite);
+}
+
+int unsetenv (const char *name)
+{
+    if (override)
+    {
+        LOG("Blocked", "\"%s\"", name);
+        return 0;
+    }
+    return CALL(unsetenv, name);
+}
+
+
 #endif /* __ELF__ */
-- 
2.39.2