]> granicus.if.org Git - sudo/commitdiff
projects / sudo / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c739a70)
Avoid a NULL deref on unrecognized escapes.
authorTodd C. Miller <Todd.Miller@courtesan.com>
Mon, 28 Mar 2011 16:54:41 +0000 (12:54 -0400)
committerTodd C. Miller <Todd.Miller@courtesan.com>
Mon, 28 Mar 2011 16:54:41 +0000 (12:54 -0400)
Collapse %% -> % like strftime() does.

plugins/sudoers/iolog_path.c patch | blob | history
plugins/sudoers/regress/iolog_path/data patch | blob | history

diff --git a/plugins/sudoers/iolog_path.c b/plugins/sudoers/iolog_path.c
index 826f9fbdfcfe32589335c5bfefea9b8ef1bbfe45..74f5fdff175cd619a190262c06973d8a848e8b34 100644 (file)
--- a/plugins/sudoers/iolog_path.c
+++ b/plugins/sudoers/iolog_path.c
@@ -197,19 +197,24 @@ expand_iolog_path(const char *prefix, const char *dir, const char *file,
                                esc->name[len] == '\0')
                                break;
                        }
-                       for (;;) {
-                           len = esc->copy_fn(dst, psize - (dst - path));
-                           if (len < psize - (dst - path))
-                               break;
-                           path = erealloc3(path, 2, psize);
-                           psize *= 2;
-                           dst = path + plen;
+                       if (esc->name != NULL) {
+                           for (;;) {
+                               len = esc->copy_fn(dst, psize - (dst - path));
+                               if (len < psize - (dst - path))
+                                   break;
+                               path = erealloc3(path, 2, psize);
+                               psize *= 2;
+                               dst = path + plen;
+                           }
+                           dst += len;
+                           plen += len;
+                           src = ep;
+                           continue;
                        }
-                       dst += len;
-                       plen += len;
-                       src = ep;
-                       continue;
                    }
+               } else if (src[1] == '%') {
+                   /* Collapse %% -> % */
+                   src++;
                } else {
                    /* May need strftime() */
                    strfit = 1;
diff --git a/plugins/sudoers/regress/iolog_path/data b/plugins/sudoers/regress/iolog_path/data
index afcd54606a00e97549342be9cd983e4e01ab03ad..e2877b2b7271c2206f492763fc43dc7d400f13b3 100644 (file)
--- a/plugins/sudoers/regress/iolog_path/data
+++ b/plugins/sudoers/regress/iolog_path/data
@@ -1,3 +1,27 @@
+000001
+nobody
+1
+root
+0
+somehost
+id
+/var/log/sudo-io
+%%{bogus}
+/var/log/sudo-io
+%%{bogus}
+
+000001
+nobody
+1
+root
+0
+somehost
+id
+/var/log/sudo-io
+%%{seq}
+/var/log/sudo-io
+%%{seq}
+
 000001
 nobody
 1
Unnamed repository; edit this file 'description' to name the repository.