From 276f3e688502ac4f89898a65ec3fa137c4a3b0d4 Mon Sep 17 00:00:00 2001 From: Sam Roberts Date: Fri, 27 Jan 2017 11:49:14 -0800 Subject: [PATCH] src: add SafeGetenv() to internal API Allow it to be used anywhere in src/ that env variables with security implications are accessed. PR-URL: #11006 Reviewed-By: Michael Dawson Reviewed-By: Ben Noordhuis --- src/node.cc | 2 +- src/node_internals.h | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/node.cc b/src/node.cc index 072798c0f6dec0..8d8a41003c867c 100644 --- a/src/node.cc +++ b/src/node.cc @@ -945,7 +945,7 @@ Local UVException(Isolate* isolate, // Look up environment variable unless running as setuid root. -inline bool SafeGetenv(const char* key, std::string* text) { +bool SafeGetenv(const char* key, std::string* text) { #ifndef _WIN32 // TODO(bnoordhuis) Should perhaps also check whether getauxval(AT_SECURE) // is non-zero on Linux. diff --git a/src/node_internals.h b/src/node_internals.h index cbe5667bd121a4..72d303b8662d60 100644 --- a/src/node_internals.h +++ b/src/node_internals.h @@ -112,6 +112,8 @@ void RegisterSignalHandler(int signal, bool reset_handler = false); #endif +bool SafeGetenv(const char* key, std::string* text); + template constexpr size_t arraysize(const T(&)[N]) { return N; }