summaryrefslogtreecommitdiff
path: root/common
diff options
context:
space:
mode:
authorWolfgang Denk <wd@denx.de>2006-10-28 01:14:32 +0200
committerWolfgang Denk <wd@denx.de>2006-10-28 01:14:32 +0200
commit471a7be7a042e95e440f5de969c9765214ae8d6e (patch)
tree328c7850f1499ddb2758b7407c1096a8ec62899b /common
parent19973b6ad9863a56f5c5fbcfd90e20ab2490a2c2 (diff)
Check for illegal character '=' in environment variable names.
Make sure the string passed as variable name does not contain a '=' character. This not only prevents the common error or typing "setenv foo=bar" instead of "setenv foo bar", but (more importantly) also closes a backdoor which allowed to delete write-protected environment variables, for example by using "setenv ethaddr=".
Diffstat (limited to 'common')
-rw-r--r--common/cmd_nvedit.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/common/cmd_nvedit.c b/common/cmd_nvedit.c
index 6257fbd23e6..d3f50f87f35 100644
--- a/common/cmd_nvedit.c
+++ b/common/cmd_nvedit.c
@@ -167,6 +167,11 @@ int _do_setenv (int flag, int argc, char *argv[])
name = argv[1];
+ if (strchr(name, '=')) {
+ printf ("## Error: illegal character '=' in variable name \"%s\"\n", name);
+ return 1;
+ }
+
/*
* search if variable with this name already exists
*/