aboutsummaryrefslogtreecommitdiff
path: root/intl
diff options
context:
space:
mode:
Diffstat (limited to 'intl')
-rw-r--r--intl/dcgettext.c34
-rw-r--r--intl/explodename.c15
-rw-r--r--intl/loadinfo.h2
3 files changed, 46 insertions, 5 deletions
diff --git a/intl/dcgettext.c b/intl/dcgettext.c
index a79c1f52e2..777dd31d04 100644
--- a/intl/dcgettext.c
+++ b/intl/dcgettext.c
@@ -221,6 +221,24 @@ struct block_list
# define DCGETTEXT dcgettext__
#endif
+/* Checking whether the binaries runs SUID must be done and glibc provides
+ easier methods therefore we make a difference here. */
+#ifdef _LIBC
+# define ENABLE_SECURE __libc_enable_secure
+# define DETERMINE_SECURE
+#else
+static int enable_secure;
+# define ENABLE_SECURE (enable_secure == 1)
+# define DETERMINE_SECURE \
+ if (enable_secure == 0) \
+ { \
+ if (getuid () != geteuid () || getgid () != getegid ()) \
+ enable_secure = 1; \
+ else \
+ enable_secure = -1; \
+ }
+#endif
+
/* Look up MSGID in the DOMAINNAME message catalog for the current CATEGORY
locale. */
char *
@@ -245,9 +263,12 @@ DCGETTEXT (domainname, msgid, category)
if (msgid == NULL)
return NULL;
+ /* See whether this is a SUID binary or not. */
+ DETERMINE_SECURE;
+
/* If DOMAINNAME is NULL, we are interested in the default domain. If
CATEGORY is not LC_MESSAGES this might not make much sense but the
- defintion left this undefined. */
+ definition left this undefined. */
if (domainname == NULL)
domainname = _nl_current_default_domain;
@@ -322,7 +343,7 @@ DCGETTEXT (domainname, msgid, category)
/* Search for the given string. This is a loop because we perhaps
- got an ordered list of languages to consider for th translation. */
+ got an ordered list of languages to consider for the translation. */
while (1)
{
/* Make CATEGORYVALUE point to the next element of the list. */
@@ -343,6 +364,15 @@ DCGETTEXT (domainname, msgid, category)
while (categoryvalue[0] != '\0' && categoryvalue[0] != ':')
*cp++ = *categoryvalue++;
*cp = '\0';
+
+ /* When this is a SUID binary we must not allow accessing files
+ outside the dedicated directories. */
+ if (ENABLE_SECURE
+ && (memchr (single_locale, '/',
+ _nl_find_language (single_locale) - single_locale)
+ != NULL))
+ /* Ingore this entry. */
+ continue;
}
/* If the current locale value is C (or POSIX) we don't load a
diff --git a/intl/explodename.c b/intl/explodename.c
index 8dad496a5e..8fe928f312 100644
--- a/intl/explodename.c
+++ b/intl/explodename.c
@@ -47,6 +47,17 @@
/* @@ end of prolog @@ */
+char *
+_nl_find_language (const char *name)
+{
+ while (name[0] != '\0' && name[0] != '_' && name[0] != '@'
+ && name[0] != '+' && name[0] != ',')
+ ++name;
+
+ return (char *) name;
+}
+
+
int
_nl_explode_name (name, language, modifier, territory, codeset,
normalized_codeset, special, sponsor, revision)
@@ -78,9 +89,7 @@ _nl_explode_name (name, language, modifier, territory, codeset,
mask = 0;
syntax = undecided;
*language = cp = name;
- while (cp[0] != '\0' && cp[0] != '_' && cp[0] != '@'
- && cp[0] != '+' && cp[0] != ',')
- ++cp;
+ cp = _nl_find_language (*language);
if (*language == cp)
/* This does not make sense: language has to be specified. Use
diff --git a/intl/loadinfo.h b/intl/loadinfo.h
index 8fabe63903..b82dc90d67 100644
--- a/intl/loadinfo.h
+++ b/intl/loadinfo.h
@@ -75,3 +75,5 @@ extern int _nl_explode_name PARAMS ((char *name, const char **language,
const char **special,
const char **sponsor,
const char **revision));
+
+extern char *_nl_find_language PARAMS ((const char *name));