setpriv: protect COLORTERM and NO_COLOR env. variables

The patch also replaces set/get env with ul_env_list to protect
variables.

Fixes: https://github.com/util-linux/util-linux/issues/3463
Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/sys-utils/setpriv.c b/sys-utils/setpriv.c
index 433db603163b045a8c9af28ce248ccdc2fe6dc43..203f128c18805cb8beb5a4a2019ead97c46de280 100644 (file)
--- a/sys-utils/setpriv.c
+++ b/sys-utils/setpriv.c
@@ -721,18 +721,20 @@ static void do_seccomp_filter(const char *file)
 
 static void do_reset_environ(struct passwd *pw)
 {
-       char *term = getenv("TERM");
+       struct ul_env_list *saved;
+
+       saved = env_list_add_getenv(NULL, "TERM", NULL);
+       saved = env_list_add_getenv(saved, "COLORTERM", NULL);
+       saved = env_list_add_getenv(saved, "NO_COLOR", NULL);
 
-       if (term)
-               term = xstrdup(term);
 #ifdef HAVE_CLEARENV
        clearenv();
 #else
        environ = NULL;
 #endif
-       if (term) {
-               xsetenv("TERM", term, 1);
-               free(term);
+       if (saved) {
+               env_list_setenv(saved, 1);
+               env_list_free(saved);
        }
 
        if (pw->pw_shell && *pw->pw_shell)