From 597b02675751e48dd04777f1e91fee382bf3a966 Mon Sep 17 00:00:00 2001
From: Mariusz Zaborski <oshogbo@FreeBSD.org>
Date: Sun, 7 Nov 2021 16:15:28 +0100
Subject: libc: add clearenv function

The clearenv(3) function allows us to clear all environment
variable in one shot. This may be useful for security programs that
want to control the environment or what variables are passed to new
spawned programs.

Reviewed by:	scf, markj (secteam), 0mp (manpages)
Differential Revision:	https://reviews.freebsd.org/D28223
---
 lib/libc/stdlib/getenv.c | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

(limited to 'lib/libc/stdlib/getenv.c')

diff --git a/lib/libc/stdlib/getenv.c b/lib/libc/stdlib/getenv.c
index 5d445e18d93b..bf79cb6b0d79 100644
--- a/lib/libc/stdlib/getenv.c
+++ b/lib/libc/stdlib/getenv.c
@@ -691,3 +691,28 @@ unsetenv(const char *name)
 
 	return (0);
 }
+
+/*
+ * Unset all variable by flagging them as inactive.  No variable is
+ * ever freed.
+ */
+int
+clearenv(void)
+{
+	int ndx;
+
+	/* Initialize environment. */
+	if (__merge_environ() == -1 || (envVars == NULL && __build_env() == -1))
+		return (-1);
+
+	/* Remove from the end to not shuffle memory too much. */
+	for (ndx = envVarsTotal - 1; ndx >= 0; ndx--) {
+		envVars[ndx].active = false;
+		if (envVars[ndx].putenv)
+			__remove_putenv(ndx);
+	}
+
+	__rebuild_environ(0);
+
+	return (0);
+}
-- 
cgit v1.2.3