src: add SafeGetenv() to internal API

Allow it to be used anywhere in src/ that env variables with security implications are accessed.
PR-URL: #11006 Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2017-01-27 11:49:14 -08:00 · 2017-01-27 11:49:14 -08:00 · 901e926d43 · 2017-02-14 13:11:43 -08:00
commit 901e926d43
parent 46edd940e8
2 changed files with 3 additions and 1 deletions
--- a/src/node.cc
+++ b/src/node.cc
@ -924,7 +924,7 @@ Local<Value> UVException(Isolate* isolate,


 // Look up environment variable unless running as setuid root.
-inline bool SafeGetenv(const char* key, std::string* text) {
+bool SafeGetenv(const char* key, std::string* text) {
 #ifndef _WIN32
  // TODO(bnoordhuis) Should perhaps also check whether getauxval(AT_SECURE)
  // is non-zero on Linux.
--- a/src/node_internals.h
+++ b/src/node_internals.h
@ -114,6 +114,8 @@ void RegisterSignalHandler(int signal,
                           bool reset_handler = false);
 #endif

+bool SafeGetenv(const char* key, std::string* text);
+
 template <typename T, size_t N>
 constexpr size_t arraysize(const T(&)[N]) { return N; }