From owner-cvs-lib  Tue Aug 26 22:29:20 1997
Return-Path: <owner-cvs-lib>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id WAA10037
          for cvs-lib-outgoing; Tue, 26 Aug 1997 22:29:20 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id WAA10011;
          Tue, 26 Aug 1997 22:28:46 -0700 (PDT)
From: Warner Losh <imp@FreeBSD.ORG>
Received: (from imp@localhost)
	by freefall.freebsd.org (8.8.6/8.8.5) id WAA28844;
	Tue, 26 Aug 1997 22:27:54 -0700 (PDT)
Date: Tue, 26 Aug 1997 22:27:54 -0700 (PDT)
Message-Id: <199708270527.WAA28844@freefall.freebsd.org>
To: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, cvs-lib@FreeBSD.ORG
Subject: cvs commit: src/lib/libc/gen glob.c
Sender: owner-cvs-lib@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

imp         1997/08/26 22:27:53 PDT

  Modified files:
    lib/libc/gen         glob.c 
  Log:
  Don't getenv(HOME) when set[ug]od.  This can lead to a buffer overflow and
  elevated privs.
  Obtained from: OpenBSD
  
  Revision  Changes    Path
  1.9       +4 -3      src/lib/libc/gen/glob.c