[libcamera-devel] [PATCH] libcamera: utils: Support systems that lack secure_getenv and issetugid

Hirokazu Honda hiroh at chromium.org
Thu Jun 17 07:20:46 CEST 2021 

Hi Laurent, thank you for the patch.

On Thu, Jun 17, 2021 at 12:53 AM Laurent Pinchart <
laurent.pinchart at ideasonboard.com> wrote:

> Android provides neither secure_getenv() nor issetugid(). Enable
> compilation on that platform by using a plain getenv(), as that seems to
> be the best we can do.
>
> Signed-off-by: Laurent Pinchart <laurent.pinchart at ideasonboard.com>
> ---
>  meson.build             | 4 ++++
>  src/libcamera/utils.cpp | 7 ++++++-
>

Reviewed-by: Hirokazu Honda <hiroh at chromium.org>


>  2 files changed, 10 insertions(+), 1 deletion(-)
>
> diff --git a/meson.build b/meson.build
> index f6ab7380f1a5..4d7d936f09e2 100644
> --- a/meson.build
> +++ b/meson.build
> @@ -33,6 +33,10 @@ if cc.has_header_symbol('execinfo.h', 'backtrace')
>      config_h.set('HAVE_BACKTRACE', 1)
>  endif
>
> +if cc.has_header_symbol('unistd.h', 'issetugid')
> +    config_h.set('HAVE_ISSETUGID', 1)
> +endif
> +
>  if cc.has_header_symbol('stdlib.h', 'secure_getenv', prefix : '#define
> _GNU_SOURCE')
>      config_h.set('HAVE_SECURE_GETENV', 1)
>  endif
> diff --git a/src/libcamera/utils.cpp b/src/libcamera/utils.cpp
> index 24a5c9720fbe..ed7e0177ebe1 100644
> --- a/src/libcamera/utils.cpp
> +++ b/src/libcamera/utils.cpp
> @@ -61,6 +61,10 @@ const char *basename(const char *path)
>   * avoid vulnerabilities that could occur if set-user-ID or set-group-ID
>   * programs accidentally trust the environment.
>   *
> + * \note Not all platforms may support the features required to implement
> the
> + * secure execution check, in which case this function behaves as
> getenv(). A
> + * notable exception is Android.
> + *
>   * \return A pointer to the value in the environment or NULL if the
> requested
>   * environment variable doesn't exist or if secure execution is required.
>   */
> @@ -69,9 +73,10 @@ char *secure_getenv(const char *name)
>  #if HAVE_SECURE_GETENV
>         return ::secure_getenv(name);
>  #else
> +#if HAVE_ISSETUGID
>         if (issetugid())
>                 return NULL;
> -
> +#endif
>         return getenv(name);
>  #endif
>  }
> --
> Regards,
>
> Laurent Pinchart
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libcamera.org/pipermail/libcamera-devel/attachments/20210617/94c0d473/attachment.htm>

More information about the libcamera-devel mailing list