#include <stdlib.h>
#include <string.h>
#include <errno.h>
+#ifdef HAVE_SYS_PRCTL_H
+#include <sys/prctl.h>
+#else
+#define PR_GET_DUMPABLE 3
+#endif
+#if (!defined(HAVE_PRCTL) && defined(linux))
+#include <sys/syscall.h>
+#endif
#include "com_err.h"
#include "error_table.h"
#include "internal.h"
return(buffer);
}
+/*
+ * This routine will only return a value if the we are not running as
+ * a privileged process.
+ */
+static char *safe_getenv(const char *arg)
+{
+ if ((getuid() != geteuid()) || (getgid() != getegid()))
+ return NULL;
+#if HAVE_PRCTL
+ if (prctl(PR_GET_DUMPABLE, 0, 0, 0, 0) == 0)
+ return NULL;
+#else
+#if (defined(linux) && defined(SYS_prctl))
+ if (syscall(SYS_prctl, PR_GET_DUMPABLE, 0, 0, 0, 0) == 0)
+ return NULL;
+#endif
+#endif
+
+#ifdef HAVE___SECURE_GETENV
+ return __secure_getenv(arg);
+#else
+ return getenv(arg);
+#endif
+}
+
+#define DEBUG_INIT 0x8000
+#define DEBUG_ADDREMOVE 0x0001
+
+static int debug_mask = 0;
+static FILE *debug_f = 0;
+
+static void init_debug(void)
+{
+ char *dstr;
+ char *fn;
+
+ if (debug_mask & DEBUG_INIT)
+ return;
+
+ dstr = getenv("COMERR_DEBUG");
+ if (dstr)
+ debug_mask = strtoul(dstr, 0, 0);
+
+ fn = safe_getenv("COMERR_DEBUG_FILE");
+ if (fn)
+ debug_f = fopen(fn, "a");
+ if (!debug_f)
+ debug_f = fopen("/dev/tty", "a");
+ if (!debug_f)
+ debug_mask = 0;
+
+ debug_mask |= DEBUG_INIT;
+}
+
/*
* New interface provided by krb5's com_err library
*/
el->next = _et_dynamic_list;
_et_dynamic_list = el;
+ init_debug();
+ if (debug_mask & DEBUG_ADDREMOVE)
+ fprintf(debug_f, "add_error_table: %s (0x%p)\n",
+ error_table_name(et->base),
+ (const void *) et);
+
return 0;
}
struct et_list *el = _et_dynamic_list;
struct et_list *el2 = 0;
+ init_debug();
while (el) {
if (el->table->base == et->base) {
if (el2) /* Not the beginning of the list */
else
_et_dynamic_list = el->next;
(void) free(el);
+ if (debug_mask & DEBUG_ADDREMOVE)
+ fprintf(debug_f,
+ "remove_error_table: %s (0x%p)\n",
+ error_table_name(et->base),
+ (const void *) et);
return 0;
}
el2 = el;
el = el->next;
}
+ if (debug_mask & DEBUG_ADDREMOVE)
+ fprintf(debug_f, "remove_error_table FAILED: %s (0x%p)\n",
+ error_table_name(et->base),
+ (const void *) et);
return ENOENT;
}