$NetBSD: patch-ad,v 1.1 2000/06/30 17:07:36 danw Exp $

Fixes from glibc

--- intl/dcgettext.c.orig	Fri Jun 23 03:13:56 2000
+++ intl/dcgettext.c	Fri Jun 23 03:42:33 2000
@@ -217,6 +217,17 @@
 # define DCGETTEXT dcgettext__
 #endif
 
+static int enable_secure;
+# define ENABLE_SECURE (enable_secure == 1)
+# define DETERMINE_SECURE \
+  if (enable_secure == 0)						     \
+    {									     \
+      if (getuid () != geteuid () || getgid () != getegid ())		     \
+	enable_secure = 1;						     \
+      else								     \
+	enable_secure = -1;						     \
+    }
+
 /* Look up MSGID in the DOMAINNAME message catalog for the current CATEGORY
    locale.  */
 char *
@@ -241,6 +252,9 @@
   if (msgid == NULL)
     return NULL;
 
+  /* See whether this is a SUID binary or not.  */
+  DETERMINE_SECURE;
+
   /* If DOMAINNAME is NULL, we are interested in the default domain.  If
      CATEGORY is not LC_MESSAGES this might not make much sense but the
      defintion left this undefined.  */
@@ -339,6 +353,15 @@
 	  while (categoryvalue[0] != '\0' && categoryvalue[0] != ':')
 	    *cp++ = *categoryvalue++;
 	  *cp = '\0';
+
+	  /* When this is a SUID binary we must not allow accessing files
+	     outside the dedicated directories.  */
+	  if (ENABLE_SECURE
+	      && (memchr (single_locale, '/',
+			  _nl_find_language (single_locale) - single_locale)
+		  != NULL))
+	    /* Ignore this entry.  */
+	    continue;
 	}
 
       /* If the current locale value is C (or POSIX) we don't load a
@@ -396,7 +419,8 @@
      struct loaded_l10nfile *domain_file;
      const char *msgid;
 {
-  size_t top, act, bottom;
+  size_t act = 0;
+  size_t top, bottom;
   struct loaded_domain *domain;
 
   if (domain_file->decided == 0)
