fix CAN-2004-0884.

Obtained from: security/cyrus-sasl2
author: Hajimu UMEMOTO <ume@FreeBSD.org> 2004-11-15 09:50:05 +0000
committer: Hajimu UMEMOTO <ume@FreeBSD.org> 2004-11-15 09:50:05 +0000
commit: 73812a559bc64317ef7b7c5c6f820b6c075b23f6 (patch)
tree: efd733efe1f8fb8da7fc11b16687e080ec6520aa /security/cyrus-sasl/files/patch-lib::common.c
parent: Minor Makefile-twiddle: Balance quotes (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/security/cyrus-sasl/files/patch-lib::common.c b/security/cyrus-sasl/files/patch-lib::common.c
new file mode 100644
index 000000000000..8de08cfc3b26
--- /dev/null
+++ b/security/cyrus-sasl/files/patch-lib::common.c
@@ -0,0 +1,19 @@
+Index: lib/common.c
+diff -u lib/common.c.orig lib/common.c
+--- lib/common.c.orig	Mon Nov 15 18:23:04 2004
++++ lib/common.c	Mon Nov 15 18:24:43 2004
+@@ -684,7 +684,13 @@
+ 
+   if (! path_dest)
+     return SASL_BADPARAM;
+-  path = getenv(SASL_PATH_ENV_VAR);
++
++  path = NULL;
++
++  /* Honor external variable only in a safe environment */
++  if (getuid() == geteuid() && getgid() == getegid())
++    path = getenv(SASL_PATH_ENV_VAR);
++
+   if (! path)
+     path = PLUGINDIR;
+   return _sasl_strdup(path, path_dest, NULL);
author	Hajimu UMEMOTO <ume@FreeBSD.org>	2004-11-15 09:50:05 +0000
committer	Hajimu UMEMOTO <ume@FreeBSD.org>	2004-11-15 09:50:05 +0000
commit	73812a559bc64317ef7b7c5c6f820b6c075b23f6 (patch)
tree	efd733efe1f8fb8da7fc11b16687e080ec6520aa /security/cyrus-sasl/files/patch-lib::common.c
parent	Minor Makefile-twiddle: Balance quotes (diff)