From 969da31894394db4f64c4a0e96ec2252fb13142b Mon Sep 17 00:00:00 2001 From: Laurent Pinchart Date: Wed, 16 Jun 2021 18:30:23 +0300 Subject: libcamera: utils: Support systems that lack secure_getenv and issetugid Android provides neither secure_getenv() nor issetugid(). Enable compilation on that platform by using a plain getenv(), as that seems to be the best we can do. Signed-off-by: Laurent Pinchart Reviewed-by: Hirokazu Honda Reviewed-by: Umang Jain Reviewed-by: Kieran Bingham --- meson.build | 4 ++++ src/libcamera/utils.cpp | 7 ++++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/meson.build b/meson.build index f6ab7380..4d7d936f 100644 --- a/meson.build +++ b/meson.build @@ -33,6 +33,10 @@ if cc.has_header_symbol('execinfo.h', 'backtrace') config_h.set('HAVE_BACKTRACE', 1) endif +if cc.has_header_symbol('unistd.h', 'issetugid') + config_h.set('HAVE_ISSETUGID', 1) +endif + if cc.has_header_symbol('stdlib.h', 'secure_getenv', prefix : '#define _GNU_SOURCE') config_h.set('HAVE_SECURE_GETENV', 1) endif diff --git a/src/libcamera/utils.cpp b/src/libcamera/utils.cpp index 2e7d35fb..49b8fc9e 100644 --- a/src/libcamera/utils.cpp +++ b/src/libcamera/utils.cpp @@ -59,6 +59,10 @@ const char *basename(const char *path) * avoid vulnerabilities that could occur if set-user-ID or set-group-ID * programs accidentally trust the environment. * + * \note Not all platforms may support the features required to implement the + * secure execution check, in which case this function behaves as getenv(). A + * notable example of this is Android. + * * \return A pointer to the value in the environment or NULL if the requested * environment variable doesn't exist or if secure execution is required. */ @@ -67,9 +71,10 @@ char *secure_getenv(const char *name) #if HAVE_SECURE_GETENV return ::secure_getenv(name); #else +#if HAVE_ISSETUGID if (issetugid()) return NULL; - +#endif return getenv(name); #endif } -- cgit v1.2.1