intel/compute-runtime
1
0
Fork 0
mirror of https://github.com/intel/compute-runtime.git synced 2026-01-05 18:06:32 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: untrusted input

Browse Source 
Do not read an unlimited size of environment variables.

Signed-off-by: Kamil Kopryk <kamil.kopryk@intel.com>
This commit is contained in:
Kamil Kopryk
2025-02-07 13:56:19 +00:00
committed by Compute-Runtime-Automation
parent 7149743162
commit 03b56dc919
6 changed files with 67 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
shared/source/utilities/io_functions.h
View File

@@ -1,11 +1,14 @@
/*
* Copyright (C) 2020-2024 Intel Corporation
* Copyright (C) 2020-2025 Intel Corporation
*
* SPDX-License-Identifier: MIT
*
*/
#pragma once
#include "shared/source/helpers/constants.h"
#include "shared/source/helpers/string.h"
#include <cstdarg>
#include <cstdio>
#include <stdlib.h>
@@ -49,6 +52,17 @@ inline bool getEnvToBool(const char *name) {
return false;
return (0 == strcmp("1", env));
}
} // namespace IoFunctions
inline char *getEnvironmentVariable(const char *name) {
char *environmentVariable = getenvPtr(name);
if (strnlen_s(environmentVariable, CommonConstants::maxAllowedEnvVariableSize) < CommonConstants::maxAllowedEnvVariableSize) {
return environmentVariable;
}
return nullptr;
}
} // namespace IoFunctions
} // namespace NEO