Use secure_getenv(3) to improve security

Graphics / Video Acceleration / VDPAU - José Hiram Soltren [nvidia.com] - 31 August 2015 15:58 EDT

This patch is in response to the following security vulnerabilities (CVEs) reported to NVIDIA against libvdpau:

CVE-2015-5198 CVE-2015-5199 CVE-2015-5200

To address these CVEs, this patch:

- replaces all uses of getenv(3) with secure_getenv(3);- uses secure_getenv(3) when available, with a fallback option;- protects VDPAU_DRIVER against directory traversal by checking for '/'

On platforms where secure_getenv(3) is not available, the C preprocessor will print a warning at compile time. Then, a preprocessor macro will replace secure_getenv(3) with our getenv_wrapper(), which utilizes the check:

getuid() == geteuid() && getgid() == getegid()

See getuid(2) and getgid(2) for further details.

d1f9c16 Use secure_getenv(3) to improve security
configure.ac | 4 ++++
src/Makefile.am | 1 +
src/mesa_dri2.c | 6 ++++--
src/util.h | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
src/vdpau_wrapper.c | 28 ++++++++++++++++------------
trace/vdpau_trace.cpp | 8 +++++---
6 files changed, 78 insertions(+), 17 deletions(-)

Upstream: cgit.freedesktop.org


  • Share