Use secure_getenv() instead of getenv() where appropriate

2025-04-09 17:23:23 +01:00 · 2025-04-09 17:23:23 +01:00 · a51804a5ff
parent a681435015
commit a51804a5ff
2 changed files with 4 additions and 4 deletions
--- a/src/basic/env-util.c
+++ b/src/basic/env-util.c
@ -546,7 +546,7 @@ char* strv_env_get_n(char * const *l, const char *name, size_t k, ReplaceEnvFlag
                        return NULL;

                t = strndupa_safe(name, k);
-                return getenv(t);
+                return secure_getenv(t);
        };

        return NULL;
@ -1105,7 +1105,7 @@ int getenv_steal_erase(const char *name, char **ret) {
         * it from there. Usecase: reading passwords from the env block (which is a bad idea, but useful for
         * testing, and given that people are likely going to misuse this, be thorough) */

-        e = getenv(name);
+        e = secure_getenv(name);
        if (!e) {
                if (ret)
                        *ret = NULL;
--- a/src/libsystemd/sd-journal/journal-file.c
+++ b/src/libsystemd/sd-journal/journal-file.c
@ -317,7 +317,7 @@ static bool keyed_hash_requested(void) {
        int r;

        if (cached < 0) {
-                r = getenv_bool("SYSTEMD_JOURNAL_KEYED_HASH");
+                r = secure_getenv_bool("SYSTEMD_JOURNAL_KEYED_HASH");
                if (r < 0) {
                        if (r != -ENXIO)
                                log_debug_errno(r, "Failed to parse $SYSTEMD_JOURNAL_KEYED_HASH environment variable, ignoring: %m");
@ -334,7 +334,7 @@ static bool compact_mode_requested(void) {
        int r;

        if (cached < 0) {
-                r = getenv_bool("SYSTEMD_JOURNAL_COMPACT");
+                r = secure_getenv_bool("SYSTEMD_JOURNAL_COMPACT");
                if (r < 0) {
                        if (r != -ENXIO)
                                log_debug_errno(r, "Failed to parse $SYSTEMD_JOURNAL_COMPACT environment variable, ignoring: %m");