diff options
author | netblue30 <netblue30@protonmail.com> | 2020-10-17 10:28:16 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-10-17 10:28:16 -0500 |
commit | 2f0791e3789652a894e4b086fef5f8bc32675f07 (patch) | |
tree | 556630909b7c2b32f2d278bb595a97b526946844 | |
parent | Merge pull request #3675 from hlein/fix-carriageret (diff) | |
parent | Apply --rmenv immediately to help to avoid the env var length check (diff) | |
download | firejail-2f0791e3789652a894e4b086fef5f8bc32675f07.tar.gz firejail-2f0791e3789652a894e4b086fef5f8bc32675f07.tar.zst firejail-2f0791e3789652a894e4b086fef5f8bc32675f07.zip |
Merge pull request #3674 from topimiettinen/rmenv-apply-early
Apply --rmenv immediately to help to avoid the env var length check
-rw-r--r-- | src/firejail/main.c | 8 | ||||
-rw-r--r-- | src/firejail/profile.c | 1 |
2 files changed, 7 insertions, 2 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index 06f81a987..0d67c2a64 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -1004,17 +1004,21 @@ int main(int argc, char **argv, char **envp) { | |||
1004 | fprintf(stderr, "Error: too long arguments\n"); | 1004 | fprintf(stderr, "Error: too long arguments\n"); |
1005 | exit(1); | 1005 | exit(1); |
1006 | } | 1006 | } |
1007 | // Also remove requested environment variables | ||
1008 | // entirely to avoid tripping the length check below | ||
1009 | if (strncmp(argv[i], "--rmenv=", 8) == 0) | ||
1010 | unsetenv(argv[i] + 8); | ||
1007 | } | 1011 | } |
1008 | 1012 | ||
1009 | // sanity check for environment variables | 1013 | // sanity check for environment variables |
1010 | for (i = 0, ptr = envp; ptr && *ptr && i < MAX_ENVS; i++, ptr++) { | 1014 | for (i = 0, ptr = envp; ptr && *ptr && i < MAX_ENVS; i++, ptr++) { |
1011 | if (strlen(*ptr) >= MAX_ENV_LEN) { | 1015 | if (strlen(*ptr) >= MAX_ENV_LEN) { |
1012 | fprintf(stderr, "Error: too long environment variables\n"); | 1016 | fprintf(stderr, "Error: too long environment variables, please use --rmenv\n"); |
1013 | exit(1); | 1017 | exit(1); |
1014 | } | 1018 | } |
1015 | } | 1019 | } |
1016 | if (i >= MAX_ENVS) { | 1020 | if (i >= MAX_ENVS) { |
1017 | fprintf(stderr, "Error: too many environment variables\n"); | 1021 | fprintf(stderr, "Error: too many environment variables, please use --rmenv\n"); |
1018 | exit(1); | 1022 | exit(1); |
1019 | } | 1023 | } |
1020 | 1024 | ||
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 8c29fe81c..ed736521a 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
@@ -912,6 +912,7 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
912 | return 0; | 912 | return 0; |
913 | } | 913 | } |
914 | if (strncmp(ptr, "rmenv ", 6) == 0) { | 914 | if (strncmp(ptr, "rmenv ", 6) == 0) { |
915 | unsetenv(ptr + 6); // Remove also immediately from Firejail itself | ||
915 | env_store(ptr + 6, RMENV); | 916 | env_store(ptr + 6, RMENV); |
916 | return 0; | 917 | return 0; |
917 | } | 918 | } |