[issue1341] printenv(1): don't allow '=' in name

Matthew Dillon dillon at apollo.backplane.com
Mon Apr 20 10:23:50 PDT 2009


:Stathis Kamperis <ekamperi at gmail.com> added the comment:
:
:...
:ch
:obviously doesn't exist). Here is what happens:=20
:
:For every "name=3Dvalue" pair inside the environment, printenv invokes a me=
:mcmp
:between the currently examined variable and the target, of at most `len' by=
:tes.
:Where `len' is the length of the target. So, memcmp("foo=3Dbar", "foo=3Dbar=
:=3D123", 7)
:actually returns a match, although "foo=3Dbar" doesn't correspond to a real=
: variable.
:
:I hope I didn't confuse things more.
:
:Cheers,
:Stathis

   It sounds to me that printenv's environment search is what needs to
   be fixed.  The environ has one environment variable per array entry.
   instead of doing the memcmp() it should iterate forwards looking for
   the first '=', then do a length check and, if the length matches,
   finally a memcmp().

					-Matt
					Matthew Dillon 
					<dillon at backplane.com>





More information about the Bugs mailing list