[newlib-cygwin] Cygwin: add secure_getenv

[Yaakov Selkowitz <yselkowitz@sourceware.org>]

https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=850705f92e3371bc0c56cee270327add84cd441a

commit 850705f92e3371bc0c56cee270327add84cd441a
Author: Yaakov Selkowitz <yselkowi@redhat.com>
Date:   Mon Feb 18 23:06:11 2019 -0600

    Cygwin: add secure_getenv
    
    Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>

Diff:
---
 newlib/libc/include/stdlib.h           |  3 +++
 winsup/cygwin/common.din               |  1 +
 winsup/cygwin/environ.cc               | 10 ++++++++++
 winsup/cygwin/include/cygwin/version.h |  3 ++-
 winsup/doc/posix.xml                   |  1 +
 5 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/newlib/libc/include/stdlib.h b/newlib/libc/include/stdlib.h
index 9773d36..933d181 100644
--- a/newlib/libc/include/stdlib.h
+++ b/newlib/libc/include/stdlib.h
@@ -94,6 +94,9 @@ void	exit (int __status) _ATTRIBUTE ((__noreturn__));
 void	free (void *) _NOTHROW;
 char *  getenv (const char *__string);
 char *	_getenv_r (struct _reent *, const char *__string);
+#if __GNU_VISIBLE
+char *  secure_getenv (const char *__string);
+#endif
 char *	_findenv (const char *, int *);
 char *	_findenv_r (struct _reent *, const char *, int *);
 #if __POSIX_VISIBLE >= 200809
diff --git a/winsup/cygwin/common.din b/winsup/cygwin/common.din
index f620d81..68b95d4 100644
--- a/winsup/cygwin/common.din
+++ b/winsup/cygwin/common.din
@@ -1255,6 +1255,7 @@ sched_rr_get_interval SIGFE
 sched_setparam SIGFE
 sched_setscheduler SIGFE
 sched_yield SIGFE
+secure_getenv NOSIGFE
 seed48 NOSIGFE
 seekdir SIGFE
 select = cygwin_select SIGFE
diff --git a/winsup/cygwin/environ.cc b/winsup/cygwin/environ.cc
index 495c340..21f1373 100644
--- a/winsup/cygwin/environ.cc
+++ b/winsup/cygwin/environ.cc
@@ -549,6 +549,16 @@ _getenv_r (struct _reent *, const char *name)
   return findenv_func (name, &offset);
 }
 
+/* Like getenv, but returns NULL if effective and real UID/GIDs do not match */
+extern "C" char *
+secure_getenv (const char *name)
+{
+  int offset;
+  if (cygheap->user.issetuid ())
+    return NULL;
+  return findenv_func (name, &offset);
+}
+
 /* Return number of environment entries, including terminating NULL. */
 static int __stdcall
 envsize (const char * const *in_envp)
diff --git a/winsup/cygwin/include/cygwin/version.h b/winsup/cygwin/include/cygwin/version.h
index 2c55f4b..d865f29 100644
--- a/winsup/cygwin/include/cygwin/version.h
+++ b/winsup/cygwin/include/cygwin/version.h
@@ -508,12 +508,13 @@ details. */
   335: Change size of utsname, change uname output.
   336: New Cygwin PID algorithm (yeah, not really an API change)
   337: MOUNT_BINARY -> MOUNT_TEXT
+  338: Export secure_getenv.
 
   Note that we forgot to bump the api for ualarm, strtoll, strtoull,
   sigaltstack, sethostname. */
 
 #define CYGWIN_VERSION_API_MAJOR 0
-#define CYGWIN_VERSION_API_MINOR 337
+#define CYGWIN_VERSION_API_MINOR 338
 
 /* There is also a compatibity version number associated with the shared memory
    regions.  It is incremented when incompatible changes are made to the shared
diff --git a/winsup/doc/posix.xml b/winsup/doc/posix.xml
index 8e9b1a5..0755bed 100644
--- a/winsup/doc/posix.xml
+++ b/winsup/doc/posix.xml
@@ -1377,6 +1377,7 @@ also IEEE Std 1003.1-2008 (POSIX.1-2008).</para>
     removexattr
     scandirat
     sched_getcpu
+    secure_getenv
     setxattr
     signalfd
     sincos