From ebb4fcc7cf3045dcd3b7ff6eb6877fb4ec4a9e05 Mon Sep 17 00:00:00 2001
From: "Pedro F. Giffuni" <pfg@FreeBSD.org>
Date: Sat, 19 Dec 2020 02:23:53 +0000
Subject: [PATCH] login(1): when exporting variables check the result of
 setenv(3)

When exporting a variable we correctly check all the preconditions that
could make setenv(3) fail. Checking the setenv(3) return value seems
redundant, but given that login(1) is critical, it doesn't hurt to have
a post-check.

This change is based on the "Principles of Secure Coding" course by
Matthew Bishop, PhD., which specifically discusses this code in FreeBSD.

Differential Revision:	https://reviews.freebsd.org/D26966
---
 usr.bin/login/login.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/usr.bin/login/login.c b/usr.bin/login/login.c
index e99ee5efc2e..380e813f4b0 100644
--- a/usr.bin/login/login.c
+++ b/usr.bin/login/login.c
@@ -793,6 +793,7 @@ export(const char *s)
 	char *p;
 	const char **pp;
 	size_t n;
+	int rv;
 
 	if (strlen(s) > 1024 || (p = strchr(s, '=')) == NULL)
 		return (0);
@@ -804,8 +805,10 @@ export(const char *s)
 			return (0);
 	}
 	*p = '\0';
-	(void)setenv(s, p + 1, 1);
+	rv = setenv(s, p + 1, 1);
 	*p = '=';
+	if (rv == 1)
+		return (0);
 	return (1);
 }
 
-- 
2.42.0