From 71f6d70af5ec22f0a59f556373561215d989e0d0 Mon Sep 17 00:00:00 2001
From: Karel Zak <kzak@redhat.com>
Date: Wed, 7 May 2025 12:52:47 +0200
Subject: [PATCH] setpriv: protect COLORTERM and NO_COLOR env. variables

The patch also replaces set/get env with ul_env_list to protect
variables.

Fixes: https://github.com/util-linux/util-linux/issues/3463
Signed-off-by: Karel Zak <kzak@redhat.com>
---
 sys-utils/setpriv.c | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/sys-utils/setpriv.c b/sys-utils/setpriv.c
index 433db6031..203f128c1 100644
--- a/sys-utils/setpriv.c
+++ b/sys-utils/setpriv.c
@@ -721,18 +721,20 @@ static void do_seccomp_filter(const char *file)
 
 static void do_reset_environ(struct passwd *pw)
 {
-	char *term = getenv("TERM");
+	struct ul_env_list *saved;
+
+	saved = env_list_add_getenv(NULL, "TERM", NULL);
+	saved = env_list_add_getenv(saved, "COLORTERM", NULL);
+	saved = env_list_add_getenv(saved, "NO_COLOR", NULL);
 
-	if (term)
-		term = xstrdup(term);
 #ifdef HAVE_CLEARENV
 	clearenv();
 #else
 	environ = NULL;
 #endif
-	if (term) {
-		xsetenv("TERM", term, 1);
-		free(term);
+	if (saved) {
+		env_list_setenv(saved, 1);
+		env_list_free(saved);
 	}
 
 	if (pw->pw_shell && *pw->pw_shell)
-- 
2.47.2