Add a configure option --enable-force-getenv.
Allows the use of getenv() rather than secure_getenv() to read MALLOC_CONF. This helps in situations where hosts are under full control, and setting MALLOC_CONF is needed while also setuid. Disabled by default.
This commit is contained in:
parent
143e9c4a2f
commit
481bbfc990
16
configure.ac
16
configure.ac
@ -1571,6 +1571,22 @@ if test "x$enable_readlinkat" = "x1" ; then
|
|||||||
fi
|
fi
|
||||||
AC_SUBST([enable_readlinkat])
|
AC_SUBST([enable_readlinkat])
|
||||||
|
|
||||||
|
dnl Do not force getenv by default
|
||||||
|
AC_ARG_ENABLE([force-getenv],
|
||||||
|
[AS_HELP_STRING([--enable-force-getenv], [Use getenv over secure_getenv])],
|
||||||
|
[if test "x$enable_force_getenv" = "xno" ; then
|
||||||
|
enable_force_getenv="0"
|
||||||
|
else
|
||||||
|
enable_force_getenv="1"
|
||||||
|
fi
|
||||||
|
],
|
||||||
|
[enable_force_getenv="0"]
|
||||||
|
)
|
||||||
|
if test "x$enable_force_getenv" = "x1" ; then
|
||||||
|
AC_DEFINE([JEMALLOC_FORCE_GETENV], [ ], [ ])
|
||||||
|
fi
|
||||||
|
AC_SUBST([force_getenv])
|
||||||
|
|
||||||
dnl Avoid extra safety checks by default
|
dnl Avoid extra safety checks by default
|
||||||
AC_ARG_ENABLE([opt-safety-checks],
|
AC_ARG_ENABLE([opt-safety-checks],
|
||||||
[AS_HELP_STRING([--enable-opt-safety-checks],
|
[AS_HELP_STRING([--enable-opt-safety-checks],
|
||||||
|
@ -266,6 +266,12 @@
|
|||||||
*/
|
*/
|
||||||
#undef JEMALLOC_READLINKAT
|
#undef JEMALLOC_READLINKAT
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If defined, use getenv() (instead of secure_getenv() or
|
||||||
|
* alternatives) to access MALLOC_CONF.
|
||||||
|
*/
|
||||||
|
#undef JEMALLOC_FORCE_GETENV
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Darwin (OS X) uses zones to work around Mach-O symbol override shortcomings.
|
* Darwin (OS X) uses zones to work around Mach-O symbol override shortcomings.
|
||||||
*/
|
*/
|
||||||
|
@ -703,16 +703,20 @@ check_entry_exit_locking(tsdn_t *tsdn) {
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
static char *
|
static char *
|
||||||
jemalloc_secure_getenv(const char *name) {
|
jemalloc_getenv(const char *name) {
|
||||||
#ifdef JEMALLOC_HAVE_SECURE_GETENV
|
#ifdef JEMALLOC_FORCE_GETENV
|
||||||
return secure_getenv(name);
|
return getenv(name);
|
||||||
#else
|
#else
|
||||||
# ifdef JEMALLOC_HAVE_ISSETUGID
|
# ifdef JEMALLOC_HAVE_SECURE_GETENV
|
||||||
|
return secure_getenv(name);
|
||||||
|
# else
|
||||||
|
# ifdef JEMALLOC_HAVE_ISSETUGID
|
||||||
if (issetugid() != 0) {
|
if (issetugid() != 0) {
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
# endif
|
# endif
|
||||||
return getenv(name);
|
return getenv(name);
|
||||||
|
# endif
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1045,7 +1049,7 @@ obtain_malloc_conf(unsigned which_source, char buf[PATH_MAX + 1]) {
|
|||||||
#endif
|
#endif
|
||||||
;
|
;
|
||||||
|
|
||||||
if ((ret = jemalloc_secure_getenv(envname)) != NULL) {
|
if ((ret = jemalloc_getenv(envname)) != NULL) {
|
||||||
/*
|
/*
|
||||||
* Do nothing; opts is already initialized to the value
|
* Do nothing; opts is already initialized to the value
|
||||||
* of the MALLOC_CONF environment variable.
|
* of the MALLOC_CONF environment variable.
|
||||||
|
Loading…
Reference in New Issue
Block a user