eda492c930
Use secure_getenv(3) to improve security This patch is in response to the following security vulnerabilities (CVEs) reported to NVIDIA against libvdpau: CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 To address these CVEs, this patch: - replaces all uses of getenv(3) with secure_getenv(3); - uses secure_getenv(3) when available, with a fallback option; - protects VDPAU_DRIVER against directory traversal by checking for '/' On platforms where secure_getenv(3) is not available, the C preprocessor will print a warning at compile time. Then, a preprocessor macro will replace secure_getenv(3) with our getenv_wrapper(), which utilizes the check: getuid() == geteuid() && getgid() == getegid() See getuid(2) and getgid(2) for further details.
7 lines
218 B
Text
7 lines
218 B
Text
@comment $NetBSD: PLIST,v 1.3 2017/01/23 18:20:59 adam Exp $
|
|
include/vdpau/vdpau.h
|
|
include/vdpau/vdpau_x11.h
|
|
lib/libvdpau.la
|
|
lib/pkgconfig/vdpau.pc
|
|
lib/vdpau/libvdpau_trace.la
|
|
share/examples/libvdpau/vdpau_wrapper.cfg
|