Commit d2252d9b authored by Péter Surányi's avatar Péter Surányi Committed by Ian Lance Taylor

syscall: check for invalid characters in Setenv on Unix

On POSIX, '=' in key is explicitly invalid, and '\x00' in key/value is implicitly invalid.

R=golang-dev, iant, bradfitz
CC=golang-dev
https://golang.org/cl/7311061
parent f26fc0c0
// Copyright 2013 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build darwin freebsd linux netbsd openbsd
package os_test
import (
. "os"
"testing"
)
var setenvEinvalTests = []struct {
k, v string
}{
{"", ""}, // empty key
{"k=v", ""}, // '=' in key
{"\x00", ""}, // '\x00' in key
{"k", "\x00"}, // '\x00' in value
}
func TestSetenvUnixEinval(t *testing.T) {
for _, tt := range setenvEinvalTests {
err := Setenv(tt.k, tt.v)
if err == nil {
t.Errorf(`Setenv(%q, %q) == nil, want error`, tt.k, tt.v)
}
}
}
...@@ -71,6 +71,16 @@ func Setenv(key, value string) error { ...@@ -71,6 +71,16 @@ func Setenv(key, value string) error {
if len(key) == 0 { if len(key) == 0 {
return EINVAL return EINVAL
} }
for i := 0; i < len(key); i++ {
if key[i] == '=' || key[i] == 0 {
return EINVAL
}
}
for i := 0; i < len(value); i++ {
if value[i] == 0 {
return EINVAL
}
}
envLock.Lock() envLock.Lock()
defer envLock.Unlock() defer envLock.Unlock()
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment