[src/netbsd-1-5]: src/lib/libc Pull up catopen.c 1.17,1.18

[sommerfeld <sommerfeld%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/618103c2cb48
branches:  netbsd-1-5
changeset: 489992:618103c2cb48
user:      sommerfeld <sommerfeld%NetBSD.org@localhost>
date:      Thu Oct 26 16:17:26 2000 +0000

description:
Pull up catopen.c 1.17,1.18
setlocale.c 1.20,1.21

Avoid security problems when these are used in setuid programs.
Approved by jhawk (a while ago)

diffstat:

 lib/libc/locale/setlocale.c |  14 ++++++--------
 lib/libc/nls/catopen.c      |  13 ++++---------
 2 files changed, 10 insertions(+), 17 deletions(-)

diffs (84 lines):

diff -r 5d6b0dbd032a -r 618103c2cb48 lib/libc/locale/setlocale.c
--- a/lib/libc/locale/setlocale.c       Wed Oct 25 17:11:32 2000 +0000
+++ b/lib/libc/locale/setlocale.c       Thu Oct 26 16:17:26 2000 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: setlocale.c,v 1.17.6.2 2000/08/10 16:44:46 kleink Exp $        */
+/*     $NetBSD: setlocale.c,v 1.17.6.3 2000/10/26 16:17:27 sommerfeld Exp $    */
 
 /*
  * Copyright (c) 1991, 1993
@@ -41,7 +41,7 @@
 #if 0
 static char sccsid[] = "@(#)setlocale.c        8.1 (Berkeley) 7/4/93";
 #else
-__RCSID("$NetBSD: setlocale.c,v 1.17.6.2 2000/08/10 16:44:46 kleink Exp $");
+__RCSID("$NetBSD: setlocale.c,v 1.17.6.3 2000/10/26 16:17:27 sommerfeld Exp $");
 #endif
 #endif /* LIBC_SCCS and not lint */
 
@@ -57,6 +57,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <unistd.h>
 #include "ctypeio.h"
 
 /*
@@ -107,11 +108,8 @@
        size_t len;
        char *env, *r;
 
-       /*
-        * XXX potential security problem here with set-id programs
-        * being able to read files the user can not normally read.
-        */
-       if (!PathLocale && !(PathLocale = getenv("PATH_LOCALE")))
+       if (issetugid() ||
+           (!PathLocale && !(PathLocale = getenv("PATH_LOCALE"))))
                PathLocale = _PATH_LOCALE;
 
        if (category < 0 || category >= _LC_LAST)
@@ -140,7 +138,7 @@
                if (!env || !*env)
                        env = getenv("LANG");
 
-               if (!env || !*env)
+               if (!env || !*env || strchr(env, '/'))
                        env = "C";
 
                (void)strncpy(new_categories[category], env, 31);
diff -r 5d6b0dbd032a -r 618103c2cb48 lib/libc/nls/catopen.c
--- a/lib/libc/nls/catopen.c    Wed Oct 25 17:11:32 2000 +0000
+++ b/lib/libc/nls/catopen.c    Thu Oct 26 16:17:26 2000 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: catopen.c,v 1.16 1999/09/16 11:45:19 lukem Exp $       */
+/*     $NetBSD: catopen.c,v 1.16.8.1 2000/10/26 16:17:26 sommerfeld Exp $      */
 
 /*-
  * Copyright (c) 1996 The NetBSD Foundation, Inc.
@@ -66,7 +66,7 @@
        const char *name;
        int oflag;
 {
-       char tmppath[PATH_MAX];
+       char tmppath[PATH_MAX+1];
        char *nlspath;
        char *lang;
        char *s, *t;
@@ -80,14 +80,9 @@
        if (strchr(name, '/'))
                return load_msgcat(name);
 
-       /*
-        * XXX potential security problem here if this is used in a
-        * set-id program, and NLSPATH or LANG are set to read files
-        * the user normally does not have access to.
-        */
-       if ((nlspath = getenv("NLSPATH")) == NULL)
+       if (issetugid() || (nlspath = getenv("NLSPATH")) == NULL)
                nlspath = NLS_DEFAULT_PATH;
-       if ((lang = getenv("LANG")) == NULL)
+       if ((lang = getenv("LANG")) == NULL || strchr(lang, '/'))
                lang = NLS_DEFAULT_LANG;
 
        s = nlspath;