CVE-2019-3842.patch 1.18 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35
--- a/src/login/pam_systemd.c
+++ b/src/login/pam_systemd.c
@@ -354,27 +354,27 @@
 
         seat = pam_getenv(handle, "XDG_SEAT");
         if (isempty(seat))
-                seat = getenv("XDG_SEAT");
+                seat = secure_getenv("XDG_SEAT");
 
         cvtnr = pam_getenv(handle, "XDG_VTNR");
         if (isempty(cvtnr))
-                cvtnr = getenv("XDG_VTNR");
+                cvtnr = secure_getenv("XDG_VTNR");
 
         type = pam_getenv(handle, "XDG_SESSION_TYPE");
         if (isempty(type))
-                type = getenv("XDG_SESSION_TYPE");
+                type = secure_getenv("XDG_SESSION_TYPE");
         if (isempty(type))
                 type = type_pam;
 
         class = pam_getenv(handle, "XDG_SESSION_CLASS");
         if (isempty(class))
-                class = getenv("XDG_SESSION_CLASS");
+                class = secure_getenv("XDG_SESSION_CLASS");
         if (isempty(class))
                 class = class_pam;
 
         desktop = pam_getenv(handle, "XDG_SESSION_DESKTOP");
         if (isempty(desktop))
-                desktop = getenv("XDG_SESSION_DESKTOP");
+                desktop = secure_getenv("XDG_SESSION_DESKTOP");
 
         tty = strempty(tty);