From 7eb117a1716e373b7eec5f49689c571b4ac62f5d Mon Sep 17 00:00:00 2001
From: "Carl.Zhang" <carl.zhang@intel.com>
Date: Mon, 23 Mar 2026 14:36:55 +0800
Subject: [PATCH] va: use secure_getenv instead of getenv in va_x11.c

Move the secure_getenv fallback from va.c to va_internal.h so it is
available to all internal callers, and replace the plain getenv call
in va_x11.c with secure_getenv. On Windows, secure_getenv is defined
as getenv since there is no setuid/setgid concept. This prevents
environment variables from influencing behavior in setuid/setgid
programs on Linux.

Signed-off-by: Carl.Zhang <carl.zhang@intel.com>
---
 va/compat_win32.h |  1 +
 va/va.c           | 13 -------------
 va/va_internal.h  | 15 +++++++++++++++
 va/x11/va_x11.c   |  2 +-
 4 files changed, 17 insertions(+), 14 deletions(-)

diff --git a/va/compat_win32.h b/va/compat_win32.h
index 8294f2fcb..4ddf50335 100644
--- a/va/compat_win32.h
+++ b/va/compat_win32.h
@@ -53,6 +53,7 @@ typedef unsigned int __uid_t;
 
 #if _MSC_VER
 #define getenv _getenv
+#undef secure_getenv
 #define secure_getenv _getenv
 #define HAVE_SECURE_GETENV
 inline char* _getenv(const char *varname)
diff --git a/va/va.c b/va/va.c
index 850c746f4..059a9089b 100644
--- a/va/va.c
+++ b/va/va.c
@@ -59,19 +59,6 @@
 
 #define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]))
 
-#ifndef HAVE_SECURE_GETENV
-static char * secure_getenv(const char *name)
-{
-#if defined(__MINGW32__) || defined(__MINGW64__)
-    if (getuid() == geteuid())
-#else
-    if (getuid() == geteuid() && getgid() == getegid())
-#endif
-        return getenv(name);
-    else
-        return NULL;
-}
-#endif
 
 /*
  * read a config "env" for libva.conf or from environment setting
diff --git a/va/va_internal.h b/va/va_internal.h
index 3a834f8bd..0dfe9b411 100644
--- a/va/va_internal.h
+++ b/va/va_internal.h
@@ -29,6 +29,21 @@
 extern "C" {
 #endif
 
+#ifndef HAVE_SECURE_GETENV
+#ifdef _WIN32
+/* No setuid/setgid on Windows, secure_getenv is just getenv */
+#define secure_getenv getenv
+#else
+static inline char * secure_getenv(const char *name)
+{
+    if (getuid() == geteuid() && getgid() == getegid())
+        return getenv(name);
+    else
+        return NULL;
+}
+#endif
+#endif
+
 #define CTX(dpy) (((VADisplayContextP)dpy)->pDriverContext)
 #define CHECK_DISPLAY(dpy) if (!vaDisplayIsValid(dpy)) { return VA_STATUS_ERROR_INVALID_DISPLAY; }
 
diff --git a/va/x11/va_x11.c b/va/x11/va_x11.c
index cd3bf9ee8..1a2436060 100644
--- a/va/x11/va_x11.c
+++ b/va/x11/va_x11.c
@@ -77,7 +77,7 @@ static VAStatus va_DisplayContextGetDriverNames(
 {
     VAStatus vaStatus = VA_STATUS_ERROR_UNKNOWN;
 
-    if (!getenv("LIBVA_DRI3_DISABLE"))
+    if (!secure_getenv("LIBVA_DRI3_DISABLE"))
         vaStatus = va_DRI3_GetDriverNames(pDisplayContext, drivers, num_drivers);
     if (vaStatus != VA_STATUS_SUCCESS)
         vaStatus = va_DRI2_GetDriverNames(pDisplayContext, drivers, num_drivers);