#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_INTTYPES_H
+# include <inttypes.h>
+#endif
#ifdef HAVE_LOGIN_CAP_H
# include <login_cap.h>
# ifndef LOGIN_SETENV
#endif /* HAVE_LOGIN_CAP_H */
#include <ctype.h>
#include <errno.h>
+#include <limits.h>
#include <pwd.h>
#include "sudoers.h"
+/*
+ * If there is no SIZE_MAX or SIZE_T_MAX we have to assume that size_t
+ * could be signed (as it is on SunOS 4.x). This just means that
+ * emalloc2() and erealloc3() cannot allocate huge amounts on such a
+ * platform but that is OK since sudo doesn't need to do so anyway.
+ */
+#ifndef SIZE_MAX
+# ifdef SIZE_T_MAX
+# define SIZE_MAX SIZE_T_MAX
+# else
+# define SIZE_MAX INT_MAX
+# endif /* SIZE_T_MAX */
+#endif /* SIZE_MAX */
+
/*
* Flags used in rebuild_env()
*/
memset(env.envp, 0, env.env_size * sizeof(char *));
#endif
memcpy(env.envp, envp, len * sizeof(char *));
- env.envp[len] = '\0';
+ env.envp[len] = NULL;
/* Free the old envp we allocated, if any. */
if (env.old_envp != NULL)
bool found = false;
/* Make sure there is room for the new entry plus a NULL. */
- if (env.env_len + 2 > env.env_size) {
+ if (env.env_size > 2 && env.env_len > env.env_size - 2) {
char **nenvp;
- size_t nsize = env.env_size + 128;
- nenvp = env.envp ? realloc(env.envp, nsize * sizeof(char *)) :
- malloc(nsize * sizeof(char *));
+ size_t nsize;
+
+ if (env.env_size > SIZE_MAX - 128)
+ errorx2(1, _("internal error, sudo_putenv_nodebug() overflow"));
+ nsize = env.env_size + 128;
+ if (nsize > SIZE_MAX / sizeof(char *))
+ errorx2(1, _("internal error, sudo_putenv_nodebug() overflow"));
+ nenvp = realloc(env.envp, nsize * sizeof(char *));
if (nenvp == NULL) {
errno = ENOMEM;
return -1;
if (dupcheck) {
len = (strchr(str, '=') - str) + 1;
- for (ep = env.envp; !found && *ep != NULL; ep++) {
+ for (ep = env.envp; *ep != NULL; ep++) {
if (strncmp(str, *ep, len) == 0) {
if (overwrite)
*ep = str;
found = true;
+ break;
}
}
/* Prune out duplicate variables. */
{
char *estring;
size_t esize;
+ int rval;
debug_decl(sudo_setenv2, SUDO_DEBUG_ENV)
esize = strlen(var) + 1 + strlen(val) + 1;
errorx(1, _("internal error, sudo_setenv2() overflow"));
}
- debug_return_int(sudo_putenv(estring, dupcheck, overwrite));
+ rval = sudo_putenv(estring, dupcheck, overwrite);
+ if (rval == -1)
+ efree(estring);
+ debug_return_int(rval);
}
/*
{
char *estring;
size_t esize;
+ int rval = -1;
esize = strlen(var) + 1 + strlen(val) + 1;
if ((estring = malloc(esize)) == NULL) {
errno = ENOMEM;
- return -1;
+ goto done;
}
/* Build environment string and insert it. */
strlcat(estring, val, esize) >= esize) {
errno = EINVAL;
- return -1;
+ goto done;
}
- return sudo_putenv_nodebug(estring, true, overwrite);
+ rval = sudo_putenv_nodebug(estring, true, overwrite);
+done:
+ if (rval == -1)
+ efree(estring);
+ return rval;
}
/*
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_INTTYPES_H
+# include <inttypes.h>
+#endif
#if defined(YYBISON) && defined(HAVE_ALLOCA_H) && !defined(__GNUC__)
# include <alloca.h>
#endif /* YYBISON && HAVE_ALLOCA_H && !__GNUC__ */
parse_error = true;
debug_return;
}
-#line 116 "gram.y"
+#line 119 "gram.y"
#ifndef YYSTYPE_DEFINED
#define YYSTYPE_DEFINED
typedef union {
int tok;
} YYSTYPE;
#endif /* YYSTYPE_DEFINED */
-#line 143 "gram.c"
+#line 146 "gram.c"
#define COMMAND 257
#define ALIAS 258
#define DEFVAR 259
short *yysslim;
YYSTYPE *yyvs;
int yystacksize;
-#line 668 "gram.y"
+#line 671 "gram.y"
static struct defaults *
new_default(char *var, char *val, int op)
{
debug_return;
}
-#line 821 "gram.c"
+#line 824 "gram.c"
/* allocate initial stack or double stack size, up to YYMAXDEPTH */
#if defined(__cplusplus) || defined(__STDC__)
static int yygrowstack(void)
switch (yyn)
{
case 1:
-#line 198 "gram.y"
+#line 201 "gram.y"
{ ; }
break;
case 5:
-#line 206 "gram.y"
+#line 209 "gram.y"
{
;
}
break;
case 6:
-#line 209 "gram.y"
+#line 212 "gram.y"
{
yyerrok;
}
break;
case 7:
-#line 212 "gram.y"
+#line 215 "gram.y"
{
add_userspec(yyvsp[-1].member, yyvsp[0].privilege);
}
break;
case 8:
-#line 215 "gram.y"
+#line 218 "gram.y"
{
;
}
break;
case 9:
-#line 218 "gram.y"
+#line 221 "gram.y"
{
;
}
break;
case 10:
-#line 221 "gram.y"
+#line 224 "gram.y"
{
;
}
break;
case 11:
-#line 224 "gram.y"
+#line 227 "gram.y"
{
;
}
break;
case 12:
-#line 227 "gram.y"
+#line 230 "gram.y"
{
add_defaults(DEFAULTS, NULL, yyvsp[0].defaults);
}
break;
case 13:
-#line 230 "gram.y"
+#line 233 "gram.y"
{
add_defaults(DEFAULTS_USER, yyvsp[-1].member, yyvsp[0].defaults);
}
break;
case 14:
-#line 233 "gram.y"
+#line 236 "gram.y"
{
add_defaults(DEFAULTS_RUNAS, yyvsp[-1].member, yyvsp[0].defaults);
}
break;
case 15:
-#line 236 "gram.y"
+#line 239 "gram.y"
{
add_defaults(DEFAULTS_HOST, yyvsp[-1].member, yyvsp[0].defaults);
}
break;
case 16:
-#line 239 "gram.y"
+#line 242 "gram.y"
{
add_defaults(DEFAULTS_CMND, yyvsp[-1].member, yyvsp[0].defaults);
}
break;
case 18:
-#line 245 "gram.y"
+#line 248 "gram.y"
{
list_append(yyvsp[-2].defaults, yyvsp[0].defaults);
yyval.defaults = yyvsp[-2].defaults;
}
break;
case 19:
-#line 251 "gram.y"
+#line 254 "gram.y"
{
yyval.defaults = new_default(yyvsp[0].string, NULL, true);
}
break;
case 20:
-#line 254 "gram.y"
+#line 257 "gram.y"
{
yyval.defaults = new_default(yyvsp[0].string, NULL, false);
}
break;
case 21:
-#line 257 "gram.y"
+#line 260 "gram.y"
{
yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, true);
}
break;
case 22:
-#line 260 "gram.y"
+#line 263 "gram.y"
{
yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '+');
}
break;
case 23:
-#line 263 "gram.y"
+#line 266 "gram.y"
{
yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '-');
}
break;
case 25:
-#line 269 "gram.y"
+#line 272 "gram.y"
{
list_append(yyvsp[-2].privilege, yyvsp[0].privilege);
yyval.privilege = yyvsp[-2].privilege;
}
break;
case 26:
-#line 275 "gram.y"
+#line 278 "gram.y"
{
struct privilege *p = ecalloc(1, sizeof(*p));
list2tq(&p->hostlist, yyvsp[-2].member);
}
break;
case 27:
-#line 285 "gram.y"
+#line 288 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = false;
}
break;
case 28:
-#line 289 "gram.y"
+#line 292 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = true;
}
break;
case 29:
-#line 295 "gram.y"
+#line 298 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
}
break;
case 30:
-#line 298 "gram.y"
+#line 301 "gram.y"
{
yyval.member = new_member(NULL, ALL);
}
break;
case 31:
-#line 301 "gram.y"
+#line 304 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, NETGROUP);
}
break;
case 32:
-#line 304 "gram.y"
+#line 307 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, NTWKADDR);
}
break;
case 33:
-#line 307 "gram.y"
+#line 310 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, WORD);
}
break;
case 35:
-#line 313 "gram.y"
+#line 316 "gram.y"
{
list_append(yyvsp[-2].cmndspec, yyvsp[0].cmndspec);
#ifdef HAVE_SELINUX
}
break;
case 36:
-#line 352 "gram.y"
+#line 355 "gram.y"
{
struct cmndspec *cs = ecalloc(1, sizeof(*cs));
if (yyvsp[-4].runas != NULL) {
}
break;
case 37:
-#line 382 "gram.y"
+#line 385 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = false;
}
break;
case 38:
-#line 386 "gram.y"
+#line 389 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = true;
}
break;
case 39:
-#line 392 "gram.y"
+#line 395 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 40:
-#line 397 "gram.y"
+#line 400 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 41:
-#line 402 "gram.y"
+#line 405 "gram.y"
{
yyval.seinfo.role = NULL;
yyval.seinfo.type = NULL;
}
break;
case 42:
-#line 406 "gram.y"
+#line 409 "gram.y"
{
yyval.seinfo.role = yyvsp[0].string;
yyval.seinfo.type = NULL;
}
break;
case 43:
-#line 410 "gram.y"
+#line 413 "gram.y"
{
yyval.seinfo.type = yyvsp[0].string;
yyval.seinfo.role = NULL;
}
break;
case 44:
-#line 414 "gram.y"
+#line 417 "gram.y"
{
yyval.seinfo.role = yyvsp[-1].string;
yyval.seinfo.type = yyvsp[0].string;
}
break;
case 45:
-#line 418 "gram.y"
+#line 421 "gram.y"
{
yyval.seinfo.type = yyvsp[-1].string;
yyval.seinfo.role = yyvsp[0].string;
}
break;
case 46:
-#line 424 "gram.y"
+#line 427 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 47:
-#line 428 "gram.y"
+#line 431 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 48:
-#line 433 "gram.y"
+#line 436 "gram.y"
{
yyval.privinfo.privs = NULL;
yyval.privinfo.limitprivs = NULL;
}
break;
case 49:
-#line 437 "gram.y"
+#line 440 "gram.y"
{
yyval.privinfo.privs = yyvsp[0].string;
yyval.privinfo.limitprivs = NULL;
}
break;
case 50:
-#line 441 "gram.y"
+#line 444 "gram.y"
{
yyval.privinfo.privs = NULL;
yyval.privinfo.limitprivs = yyvsp[0].string;
}
break;
case 51:
-#line 445 "gram.y"
+#line 448 "gram.y"
{
yyval.privinfo.privs = yyvsp[-1].string;
yyval.privinfo.limitprivs = yyvsp[0].string;
}
break;
case 52:
-#line 449 "gram.y"
+#line 452 "gram.y"
{
yyval.privinfo.limitprivs = yyvsp[-1].string;
yyval.privinfo.privs = yyvsp[0].string;
}
break;
case 53:
-#line 454 "gram.y"
+#line 457 "gram.y"
{
yyval.runas = NULL;
}
break;
case 54:
-#line 457 "gram.y"
+#line 460 "gram.y"
{
yyval.runas = yyvsp[-1].runas;
}
break;
case 55:
-#line 462 "gram.y"
+#line 465 "gram.y"
{
yyval.runas = ecalloc(1, sizeof(struct runascontainer));
yyval.runas->runasusers = new_member(NULL, MYSELF);
}
break;
case 56:
-#line 467 "gram.y"
+#line 470 "gram.y"
{
yyval.runas = ecalloc(1, sizeof(struct runascontainer));
yyval.runas->runasusers = yyvsp[0].member;
}
break;
case 57:
-#line 472 "gram.y"
+#line 475 "gram.y"
{
yyval.runas = ecalloc(1, sizeof(struct runascontainer));
yyval.runas->runasusers = yyvsp[-2].member;
}
break;
case 58:
-#line 477 "gram.y"
+#line 480 "gram.y"
{
yyval.runas = ecalloc(1, sizeof(struct runascontainer));
/* $$->runasusers = NULL; */
}
break;
case 59:
-#line 482 "gram.y"
+#line 485 "gram.y"
{
yyval.runas = ecalloc(1, sizeof(struct runascontainer));
yyval.runas->runasusers = new_member(NULL, MYSELF);
}
break;
case 60:
-#line 489 "gram.y"
+#line 492 "gram.y"
{
yyval.tag.nopasswd = yyval.tag.noexec = yyval.tag.setenv =
yyval.tag.log_input = yyval.tag.log_output = UNSPEC;
}
break;
case 61:
-#line 493 "gram.y"
+#line 496 "gram.y"
{
yyval.tag.nopasswd = true;
}
break;
case 62:
-#line 496 "gram.y"
+#line 499 "gram.y"
{
yyval.tag.nopasswd = false;
}
break;
case 63:
-#line 499 "gram.y"
+#line 502 "gram.y"
{
yyval.tag.noexec = true;
}
break;
case 64:
-#line 502 "gram.y"
+#line 505 "gram.y"
{
yyval.tag.noexec = false;
}
break;
case 65:
-#line 505 "gram.y"
+#line 508 "gram.y"
{
yyval.tag.setenv = true;
}
break;
case 66:
-#line 508 "gram.y"
+#line 511 "gram.y"
{
yyval.tag.setenv = false;
}
break;
case 67:
-#line 511 "gram.y"
+#line 514 "gram.y"
{
yyval.tag.log_input = true;
}
break;
case 68:
-#line 514 "gram.y"
+#line 517 "gram.y"
{
yyval.tag.log_input = false;
}
break;
case 69:
-#line 517 "gram.y"
+#line 520 "gram.y"
{
yyval.tag.log_output = true;
}
break;
case 70:
-#line 520 "gram.y"
+#line 523 "gram.y"
{
yyval.tag.log_output = false;
}
break;
case 71:
-#line 525 "gram.y"
+#line 528 "gram.y"
{
yyval.member = new_member(NULL, ALL);
}
break;
case 72:
-#line 528 "gram.y"
+#line 531 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
}
break;
case 73:
-#line 531 "gram.y"
+#line 534 "gram.y"
{
struct sudo_command *c = ecalloc(1, sizeof(*c));
c->cmnd = yyvsp[0].command.cmnd;
}
break;
case 76:
-#line 543 "gram.y"
+#line 546 "gram.y"
{
char *s;
if ((s = alias_add(yyvsp[-2].string, HOSTALIAS, yyvsp[0].member)) != NULL) {
}
break;
case 78:
-#line 553 "gram.y"
+#line 556 "gram.y"
{
list_append(yyvsp[-2].member, yyvsp[0].member);
yyval.member = yyvsp[-2].member;
}
break;
case 81:
-#line 563 "gram.y"
+#line 566 "gram.y"
{
char *s;
if ((s = alias_add(yyvsp[-2].string, CMNDALIAS, yyvsp[0].member)) != NULL) {
}
break;
case 83:
-#line 573 "gram.y"
+#line 576 "gram.y"
{
list_append(yyvsp[-2].member, yyvsp[0].member);
yyval.member = yyvsp[-2].member;
}
break;
case 86:
-#line 583 "gram.y"
+#line 586 "gram.y"
{
char *s;
if ((s = alias_add(yyvsp[-2].string, RUNASALIAS, yyvsp[0].member)) != NULL) {
}
break;
case 89:
-#line 596 "gram.y"
+#line 599 "gram.y"
{
char *s;
if ((s = alias_add(yyvsp[-2].string, USERALIAS, yyvsp[0].member)) != NULL) {
}
break;
case 91:
-#line 606 "gram.y"
+#line 609 "gram.y"
{
list_append(yyvsp[-2].member, yyvsp[0].member);
yyval.member = yyvsp[-2].member;
}
break;
case 92:
-#line 612 "gram.y"
+#line 615 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = false;
}
break;
case 93:
-#line 616 "gram.y"
+#line 619 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = true;
}
break;
case 94:
-#line 622 "gram.y"
+#line 625 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
}
break;
case 95:
-#line 625 "gram.y"
+#line 628 "gram.y"
{
yyval.member = new_member(NULL, ALL);
}
break;
case 96:
-#line 628 "gram.y"
+#line 631 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, NETGROUP);
}
break;
case 97:
-#line 631 "gram.y"
+#line 634 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, USERGROUP);
}
break;
case 98:
-#line 634 "gram.y"
+#line 637 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, WORD);
}
break;
case 100:
-#line 640 "gram.y"
+#line 643 "gram.y"
{
list_append(yyvsp[-2].member, yyvsp[0].member);
yyval.member = yyvsp[-2].member;
}
break;
case 101:
-#line 646 "gram.y"
+#line 649 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = false;
}
break;
case 102:
-#line 650 "gram.y"
+#line 653 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = true;
}
break;
case 103:
-#line 656 "gram.y"
+#line 659 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
}
break;
case 104:
-#line 659 "gram.y"
+#line 662 "gram.y"
{
yyval.member = new_member(NULL, ALL);
}
break;
case 105:
-#line 662 "gram.y"
+#line 665 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, WORD);
}
break;
-#line 1662 "gram.c"
+#line 1665 "gram.c"
}
yyssp -= yym;
yystate = *yyssp;
projects / sudo / commitdiff