src: add SafeGetenv() to internal API

Allow it to be used anywhere in src/ that env variables with security implications are accessed. PR-URL: #11006 Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
8 years ago · aec7ae2e67
2 changed files with 3 additions and 1 deletions
--- a/src/node.cc
+++ b/src/node.cc
@ -945,7 +945,7 @@ Local<Value> UVException(Isolate* isolate,


 // Look up environment variable unless running as setuid root.
-inline bool SafeGetenv(const char* key, std::string* text) {
+bool SafeGetenv(const char* key, std::string* text) {
 #ifndef _WIN32
  // TODO(bnoordhuis) Should perhaps also check whether getauxval(AT_SECURE)
  // is non-zero on Linux.
--- a/src/node_internals.h
+++ b/src/node_internals.h
@ -112,6 +112,8 @@ void RegisterSignalHandler(int signal,
                           bool reset_handler = false);
 #endif

+bool SafeGetenv(const char* key, std::string* text);
+
 template <typename T, size_t N>
 constexpr size_t arraysize(const T(&)[N]) { return N; }