Overview

File dbus-cve-2012-3524.patch of Package dbus-1.937

--- a/configure.ac	2012-09-19 15:34:03.000000000 +0200
+++ b/configure.ac	2012-09-19 15:36:38.000000000 +0200
@@ -570,7 +570,7 @@
 AC_SEARCH_LIBS(socket,[socket network])
 AC_CHECK_FUNC(gethostbyname,,[AC_CHECK_LIB(nsl,gethostbyname)])
 
-AC_CHECK_FUNCS(vsnprintf vasprintf nanosleep usleep setenv clearenv unsetenv socketpair getgrouplist fpathconf setrlimit poll setlocale localeconv strtoll strtoull)
+AC_CHECK_FUNCS(vsnprintf vasprintf nanosleep usleep setenv clearenv unsetenv socketpair getgrouplist fpathconf setrlimit poll setlocale localeconv strtoll strtoull __secure_getenv)
 
 AC_CHECK_HEADERS([syslog.h])
 if test "x$ac_cv_header_syslog_h" = "xyes"; then
diff -urN dbus/dbus-sysdeps.c dbus/dbus-sysdeps.c
--- a/dbus/dbus-sysdeps.c	2012-09-19 15:34:03.000000000 +0200
+++ b/dbus/dbus-sysdeps.c	2012-09-19 15:36:38.000000000 +0200
@@ -181,8 +181,12 @@
  */
 const char*
 _dbus_getenv (const char *varname)
-{  
-  return getenv (varname);
+{
+#ifdef HAVE___SECURE_GETENV
+  return __secure_getenv(varname);
+#else
+  return getenv(varname);
+#endif
 }
 
 /**
openSUSE Build Service is sponsored by
Places