sudo_ldap_parse_option() never returns '=' as the operator.

author Todd C. Miller <Todd.Miller@sudo.ws>

Tue, 16 Oct 2018 18:49:34 +0000 (12:49 -0600)

committer Todd C. Miller <Todd.Miller@sudo.ws>

Tue, 16 Oct 2018 18:49:34 +0000 (12:49 -0600)
author Todd C. Miller <Todd.Miller@sudo.ws>
Tue, 16 Oct 2018 18:49:34 +0000 (12:49 -0600)
committer Todd C. Miller <Todd.Miller@sudo.ws>
Tue, 16 Oct 2018 18:49:34 +0000 (12:49 -0600)
diff --git a/plugins/sudoers/ldap_util.c b/plugins/sudoers/ldap_util.c

index d9be95a6127dd7600be966bd0ab88005131d70e8..fecb7a6c5919b1408ac140c9e0a94ccb71a98cc4 100644 (file)
--- a/plugins/sudoers/ldap_util.c
+++ b/plugins/sudoers/ldap_util.c
@@ -405,32 +405,23 @@ sudo_ldap_role_to_priv(const char *cn, void *hosts, void *runasusers,
                     int op;
  
                     op = sudo_ldap_parse_option(opt, &var, &val);
-                   if (strcmp(var, "command_timeout") == 0) {
-                       if (op == '=')
-                           cmndspec->timeout = parse_timeout(val);
+                   if (strcmp(var, "command_timeout") == 0 && val != NULL) {
+                       cmndspec->timeout = parse_timeout(val);
  #ifdef HAVE_SELINUX
-                   } else if (strcmp(var, "role") == 0) {
-                       if (op == '=') {
-                           if ((cmndspec->role = strdup(val)) == NULL)
-                               goto oom;
-                       }
-                   } else if (strcmp(var, "type") == 0) {
-                       if (op == '=') {
-                           if ((cmndspec->type = strdup(val)) == NULL)
-                               goto oom;
-                       }
+                   } else if (strcmp(var, "role") == 0 && val != NULL) {
+                       if ((cmndspec->role = strdup(val)) == NULL)
+                           goto oom;
+                   } else if (strcmp(var, "type") == 0 && val != NULL) {
+                       if ((cmndspec->type = strdup(val)) == NULL)
+                           goto oom;
  #endif /* HAVE_SELINUX */
  #ifdef HAVE_PRIV_SET
-                   } else if (strcmp(var, "privs") == 0) {
-                       if (op == '=') {
-                           if ((cmndspec->privs = strdup(val)) == NULL)
-                               goto oom;
-                       }
-                   } else if (strcmp(var, "limitprivs") == 0) {
-                       if (op == '=') {
-                           if ((cmndspec->limitprivs = strdup(val)) == NULL)
-                               goto oom;
-                       }
+                   } else if (strcmp(var, "privs") == 0 && val != NULL) {
+                       if ((cmndspec->privs = strdup(val)) == NULL)
+                           goto oom;
+                   } else if (strcmp(var, "limitprivs") == 0 && val != NULL) {
+                       if ((cmndspec->limitprivs = strdup(val)) == NULL)
+                           goto oom;
  #endif /* HAVE_PRIV_SET */
                     } else if (store_options) {
                         if (!sudo_ldap_add_default(var, val, op, source,
author	Todd C. Miller <Todd.Miller@sudo.ws>
	Tue, 16 Oct 2018 18:49:34 +0000 (12:49 -0600)
committer	Todd C. Miller <Todd.Miller@sudo.ws>
	Tue, 16 Oct 2018 18:49:34 +0000 (12:49 -0600)