From: Todd C. Miller Date: Tue, 8 Jun 2010 20:52:21 +0000 (-0400) Subject: If a file in a #includedir has improper permissions or owner just X-Git-Tag: SUDO_1_7_3~100 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=59df1a8e0d0a174b18d08c0364336d7d012b8586;p=sudo If a file in a #includedir has improper permissions or owner just skip it. This prevents packages that incorrectly install a file into /etc/sudoers.d from breaking sudo so easily. Syntax errors in #includedir files still result in a parse error (for now). --HG-- branch : 1.7 --- diff --git a/toke.c b/toke.c index c342c8643..337c42c90 100644 --- a/toke.c +++ b/toke.c @@ -3,7 +3,7 @@ /* A lexical scanner generated by flex */ /* Scanner skeleton version: - * $Header$ + * $Header: /home/cvs/openbsd/src/usr.bin/lex/flex.skl,v 1.10 2007/01/26 14:38:19 tsi Exp $ */ #define FLEX_SCANNER @@ -1458,7 +1458,7 @@ extern void yyerror __P((const char *)); #define INSTR 5 -#line 1466 "lex.yy.c" +#line 1462 "lex.yy.c" /* Macros after this point can all be overridden by user definitions in * section 1. @@ -1612,9 +1612,9 @@ YY_DECL register char *yy_cp, *yy_bp; register int yy_act; -#line 132 "toke.l" +#line 128 "toke.l" -#line 1622 "lex.yy.c" +#line 1618 "lex.yy.c" if ( yy_init ) { @@ -1700,12 +1700,12 @@ do_action: /* This label is used only to access EOF actions. */ case 1: YY_RULE_SETUP -#line 133 "toke.l" +#line 129 "toke.l" BEGIN STARTDEFS; YY_BREAK case 2: YY_RULE_SETUP -#line 135 "toke.l" +#line 131 "toke.l" { BEGIN INDEFS; LEXTRACE("DEFVAR "); @@ -1717,7 +1717,7 @@ YY_RULE_SETUP case 3: YY_RULE_SETUP -#line 144 "toke.l" +#line 140 "toke.l" { BEGIN STARTDEFS; LEXTRACE(", "); @@ -1726,7 +1726,7 @@ YY_RULE_SETUP YY_BREAK case 4: YY_RULE_SETUP -#line 150 "toke.l" +#line 146 "toke.l" { LEXTRACE("= "); return('='); @@ -1734,7 +1734,7 @@ YY_RULE_SETUP YY_BREAK case 5: YY_RULE_SETUP -#line 155 "toke.l" +#line 151 "toke.l" { LEXTRACE("+= "); return('+'); @@ -1742,7 +1742,7 @@ YY_RULE_SETUP YY_BREAK case 6: YY_RULE_SETUP -#line 160 "toke.l" +#line 156 "toke.l" { LEXTRACE("-= "); return('-'); @@ -1750,7 +1750,7 @@ YY_RULE_SETUP YY_BREAK case 7: YY_RULE_SETUP -#line 165 "toke.l" +#line 161 "toke.l" { LEXTRACE("BEGINSTR "); yylval.string = NULL; @@ -1759,7 +1759,7 @@ YY_RULE_SETUP YY_BREAK case 8: YY_RULE_SETUP -#line 171 "toke.l" +#line 167 "toke.l" { LEXTRACE("WORD(2) "); if (!fill(yytext, yyleng)) @@ -1771,7 +1771,7 @@ YY_RULE_SETUP case 9: YY_RULE_SETUP -#line 180 "toke.l" +#line 176 "toke.l" { /* Line continuation char followed by newline. */ ++sudolineno; @@ -1780,7 +1780,7 @@ YY_RULE_SETUP YY_BREAK case 10: YY_RULE_SETUP -#line 186 "toke.l" +#line 182 "toke.l" { LEXTRACE("ENDSTR "); BEGIN INDEFS; @@ -1789,7 +1789,7 @@ YY_RULE_SETUP YY_BREAK case 11: YY_RULE_SETUP -#line 192 "toke.l" +#line 188 "toke.l" { LEXTRACE("BACKSLASH "); if (!append(yytext, yyleng)) @@ -1798,7 +1798,7 @@ YY_RULE_SETUP YY_BREAK case 12: YY_RULE_SETUP -#line 198 "toke.l" +#line 194 "toke.l" { LEXTRACE("STRBODY "); if (!append(yytext, yyleng)) @@ -1809,7 +1809,7 @@ YY_RULE_SETUP case 13: YY_RULE_SETUP -#line 206 "toke.l" +#line 202 "toke.l" { /* quoted fnmatch glob char, pass verbatim */ LEXTRACE("QUOTEDCHAR "); @@ -1820,7 +1820,7 @@ YY_RULE_SETUP YY_BREAK case 14: YY_RULE_SETUP -#line 214 "toke.l" +#line 210 "toke.l" { /* quoted sudoers special char, strip backslash */ LEXTRACE("QUOTEDCHAR "); @@ -1831,7 +1831,7 @@ YY_RULE_SETUP YY_BREAK case 15: YY_RULE_SETUP -#line 222 "toke.l" +#line 218 "toke.l" { BEGIN INITIAL; yyless(0); @@ -1840,7 +1840,7 @@ YY_RULE_SETUP YY_BREAK case 16: YY_RULE_SETUP -#line 228 "toke.l" +#line 224 "toke.l" { LEXTRACE("ARG "); if (!fill_args(yytext, yyleng, sawspace)) @@ -1851,7 +1851,7 @@ YY_RULE_SETUP case 17: YY_RULE_SETUP -#line 236 "toke.l" +#line 232 "toke.l" { char *path; @@ -1867,7 +1867,7 @@ YY_RULE_SETUP YY_BREAK case 18: YY_RULE_SETUP -#line 249 "toke.l" +#line 245 "toke.l" { char *path; @@ -1886,7 +1886,7 @@ YY_RULE_SETUP YY_BREAK case 19: YY_RULE_SETUP -#line 265 "toke.l" +#line 261 "toke.l" { int n; for (n = 0; isblank((unsigned char)yytext[n]); n++) @@ -1918,7 +1918,7 @@ YY_RULE_SETUP YY_BREAK case 20: YY_RULE_SETUP -#line 294 "toke.l" +#line 290 "toke.l" { int n; for (n = 0; isblank((unsigned char)yytext[n]); n++) @@ -1941,7 +1941,7 @@ YY_RULE_SETUP YY_BREAK case 21: YY_RULE_SETUP -#line 314 "toke.l" +#line 310 "toke.l" { /* cmnd does not require passwd for this user */ LEXTRACE("NOPASSWD "); @@ -1950,7 +1950,7 @@ YY_RULE_SETUP YY_BREAK case 22: YY_RULE_SETUP -#line 320 "toke.l" +#line 316 "toke.l" { /* cmnd requires passwd for this user */ LEXTRACE("PASSWD "); @@ -1959,7 +1959,7 @@ YY_RULE_SETUP YY_BREAK case 23: YY_RULE_SETUP -#line 326 "toke.l" +#line 322 "toke.l" { LEXTRACE("NOEXEC "); return(NOEXEC); @@ -1967,7 +1967,7 @@ YY_RULE_SETUP YY_BREAK case 24: YY_RULE_SETUP -#line 331 "toke.l" +#line 327 "toke.l" { LEXTRACE("EXEC "); return(EXEC); @@ -1975,7 +1975,7 @@ YY_RULE_SETUP YY_BREAK case 25: YY_RULE_SETUP -#line 336 "toke.l" +#line 332 "toke.l" { LEXTRACE("SETENV "); return(SETENV); @@ -1983,7 +1983,7 @@ YY_RULE_SETUP YY_BREAK case 26: YY_RULE_SETUP -#line 341 "toke.l" +#line 337 "toke.l" { LEXTRACE("NOSETENV "); return(NOSETENV); @@ -1991,7 +1991,7 @@ YY_RULE_SETUP YY_BREAK case 27: YY_RULE_SETUP -#line 346 "toke.l" +#line 342 "toke.l" { /* netgroup */ if (!fill(yytext, yyleng)) @@ -2002,7 +2002,7 @@ YY_RULE_SETUP YY_BREAK case 28: YY_RULE_SETUP -#line 354 "toke.l" +#line 350 "toke.l" { /* UN*X group */ if (!fill(yytext, yyleng)) @@ -2013,7 +2013,7 @@ YY_RULE_SETUP YY_BREAK case 29: YY_RULE_SETUP -#line 362 "toke.l" +#line 358 "toke.l" { if (!fill(yytext, yyleng)) yyterminate(); @@ -2023,7 +2023,7 @@ YY_RULE_SETUP YY_BREAK case 30: YY_RULE_SETUP -#line 369 "toke.l" +#line 365 "toke.l" { if (!fill(yytext, yyleng)) yyterminate(); @@ -2033,7 +2033,7 @@ YY_RULE_SETUP YY_BREAK case 31: YY_RULE_SETUP -#line 376 "toke.l" +#line 372 "toke.l" { if (!ipv6_valid(yytext)) { LEXTRACE("ERROR "); @@ -2047,7 +2047,7 @@ YY_RULE_SETUP YY_BREAK case 32: YY_RULE_SETUP -#line 387 "toke.l" +#line 383 "toke.l" { if (!ipv6_valid(yytext)) { LEXTRACE("ERROR "); @@ -2061,7 +2061,7 @@ YY_RULE_SETUP YY_BREAK case 33: YY_RULE_SETUP -#line 398 "toke.l" +#line 394 "toke.l" { if (strcmp(yytext, "ALL") == 0) { LEXTRACE("ALL "); @@ -2086,7 +2086,7 @@ YY_RULE_SETUP YY_BREAK case 34: YY_RULE_SETUP -#line 420 "toke.l" +#line 416 "toke.l" { /* no command args allowed for Defaults!/path */ if (!fill_cmnd(yytext, yyleng)) @@ -2097,7 +2097,7 @@ YY_RULE_SETUP YY_BREAK case 35: YY_RULE_SETUP -#line 428 "toke.l" +#line 424 "toke.l" { BEGIN GOTCMND; LEXTRACE("COMMAND "); @@ -2107,7 +2107,7 @@ YY_RULE_SETUP YY_BREAK case 36: YY_RULE_SETUP -#line 435 "toke.l" +#line 431 "toke.l" { /* directories can't have args... */ if (yytext[yyleng - 1] == '/') { @@ -2125,7 +2125,7 @@ YY_RULE_SETUP YY_BREAK case 37: YY_RULE_SETUP -#line 450 "toke.l" +#line 446 "toke.l" { /* a quoted user/group name */ if (!fill(yytext + 1, yyleng - 2)) @@ -2145,7 +2145,7 @@ YY_RULE_SETUP YY_BREAK case 38: YY_RULE_SETUP -#line 467 "toke.l" +#line 463 "toke.l" { /* a word */ if (!fill(yytext, yyleng)) @@ -2156,7 +2156,7 @@ YY_RULE_SETUP YY_BREAK case 39: YY_RULE_SETUP -#line 475 "toke.l" +#line 471 "toke.l" { LEXTRACE("( "); return ('('); @@ -2164,7 +2164,7 @@ YY_RULE_SETUP YY_BREAK case 40: YY_RULE_SETUP -#line 480 "toke.l" +#line 476 "toke.l" { LEXTRACE(") "); return(')'); @@ -2172,7 +2172,7 @@ YY_RULE_SETUP YY_BREAK case 41: YY_RULE_SETUP -#line 485 "toke.l" +#line 481 "toke.l" { LEXTRACE(", "); return(','); @@ -2180,7 +2180,7 @@ YY_RULE_SETUP YY_BREAK case 42: YY_RULE_SETUP -#line 490 "toke.l" +#line 486 "toke.l" { LEXTRACE("= "); return('='); @@ -2188,7 +2188,7 @@ YY_RULE_SETUP YY_BREAK case 43: YY_RULE_SETUP -#line 495 "toke.l" +#line 491 "toke.l" { LEXTRACE(": "); return(':'); @@ -2196,7 +2196,7 @@ YY_RULE_SETUP YY_BREAK case 44: YY_RULE_SETUP -#line 500 "toke.l" +#line 496 "toke.l" { if (yyleng % 2 == 1) return('!'); /* return '!' */ @@ -2204,7 +2204,7 @@ YY_RULE_SETUP YY_BREAK case 45: YY_RULE_SETUP -#line 505 "toke.l" +#line 501 "toke.l" { BEGIN INITIAL; ++sudolineno; @@ -2214,14 +2214,14 @@ YY_RULE_SETUP YY_BREAK case 46: YY_RULE_SETUP -#line 512 "toke.l" +#line 508 "toke.l" { /* throw away space/tabs */ sawspace = TRUE; /* but remember for fill_args */ } YY_BREAK case 47: YY_RULE_SETUP -#line 516 "toke.l" +#line 512 "toke.l" { sawspace = TRUE; /* remember for fill_args */ ++sudolineno; @@ -2230,7 +2230,7 @@ YY_RULE_SETUP YY_BREAK case 48: YY_RULE_SETUP -#line 522 "toke.l" +#line 518 "toke.l" { BEGIN INITIAL; ++sudolineno; @@ -2240,7 +2240,7 @@ YY_RULE_SETUP YY_BREAK case 49: YY_RULE_SETUP -#line 529 "toke.l" +#line 525 "toke.l" { LEXTRACE("ERROR "); return(ERROR); @@ -2252,7 +2252,7 @@ case YY_STATE_EOF(GOTCMND): case YY_STATE_EOF(STARTDEFS): case YY_STATE_EOF(INDEFS): case YY_STATE_EOF(INSTR): -#line 534 "toke.l" +#line 530 "toke.l" { if (YY_START != INITIAL) { BEGIN INITIAL; @@ -2265,10 +2265,10 @@ case YY_STATE_EOF(INSTR): YY_BREAK case 50: YY_RULE_SETUP -#line 544 "toke.l" +#line 540 "toke.l" ECHO; YY_BREAK -#line 2276 "lex.yy.c" +#line 2272 "lex.yy.c" case YY_END_OF_BUFFER: { @@ -3157,7 +3157,7 @@ int main() return 0; } #endif -#line 544 "toke.l" +#line 540 "toke.l" static unsigned char hexchar(s) @@ -3461,7 +3461,7 @@ init_lexer() efree(pl); } efree(istack[idepth].path); - if (!istack[idepth].keepopen) + if (idepth && !istack[idepth].keepopen) fclose(istack[idepth].bs->yy_input_file); yy_delete_buffer(istack[idepth].bs); } @@ -3476,6 +3476,7 @@ _push_include(path, isdir) char *path; int isdir; { + struct path_list *pl; FILE *fp; /* push current state onto stack */ @@ -3486,7 +3487,7 @@ _push_include(path, isdir) } istacksize += SUDOERS_STACK_INCREMENT; istack = (struct include_stack *) realloc(istack, - sizeof(istack) * istacksize); + sizeof(*istack) * istacksize); if (istack == NULL) { yyerror("unable to allocate memory"); return(FALSE); @@ -3497,9 +3498,14 @@ _push_include(path, isdir) /* switch_dir() called yyerror() for us */ return(FALSE); } - if ((fp = open_sudoers(path, FALSE, &keepopen)) == NULL) { - yyerror(path); - return(FALSE); /* XXX - just to go next one */ + while ((fp = open_sudoers(path, FALSE, &keepopen)) == NULL) { + /* Unable to open path in includedir, go to next one, if any. */ + efree(path); + if ((pl = istack[idepth].more) == NULL) + return(FALSE); + path = pl->path; + istack[idepth].more = pl->next; + efree(pl); } } else { if ((fp = open_sudoers(path, TRUE, &keepopen)) == NULL) { @@ -3534,19 +3540,25 @@ pop_include() fclose(YY_CURRENT_BUFFER->yy_input_file); yy_delete_buffer(YY_CURRENT_BUFFER); keepopen = FALSE; - if ((pl = istack[idepth - 1].more) != NULL) { - /* Move to next file in the dir. */ - istack[idepth - 1].more = pl->next; - if ((fp = open_sudoers(pl->path, FALSE, &keepopen)) == NULL) { - yyerror(pl->path); - return(FALSE); /* XXX - just to go next one */ + /* If we are in an include dir, move to the next file. */ + while ((pl = istack[idepth - 1].more) != NULL) { + fp = open_sudoers(pl->path, FALSE, &keepopen); + if (fp != NULL) { + istack[idepth - 1].more = pl->next; + efree(sudoers); + sudoers = pl->path; + sudolineno = 1; + yy_switch_to_buffer(yy_create_buffer(fp, YY_BUF_SIZE)); + efree(pl); + break; } - efree(sudoers); - sudoers = pl->path; - sudolineno = 1; - yy_switch_to_buffer(yy_create_buffer(fp, YY_BUF_SIZE)); + /* Unable to open path in include dir, go to next one. */ + istack[idepth - 1].more = pl->next; + efree(pl->path); efree(pl); - } else { + } + /* If no path list, just pop the last dir on the stack. */ + if (pl == NULL) { idepth--; yy_switch_to_buffer(istack[idepth].bs); efree(sudoers); diff --git a/toke.l b/toke.l index d5fc72400..4437d7d76 100644 --- a/toke.l +++ b/toke.l @@ -855,6 +855,7 @@ _push_include(path, isdir) char *path; int isdir; { + struct path_list *pl; FILE *fp; /* push current state onto stack */ @@ -876,9 +877,14 @@ _push_include(path, isdir) /* switch_dir() called yyerror() for us */ return(FALSE); } - if ((fp = open_sudoers(path, FALSE, &keepopen)) == NULL) { - yyerror(path); - return(FALSE); /* XXX - just to go next one */ + while ((fp = open_sudoers(path, FALSE, &keepopen)) == NULL) { + /* Unable to open path in includedir, go to next one, if any. */ + efree(path); + if ((pl = istack[idepth].more) == NULL) + return(FALSE); + path = pl->path; + istack[idepth].more = pl->next; + efree(pl); } } else { if ((fp = open_sudoers(path, TRUE, &keepopen)) == NULL) { @@ -913,19 +919,25 @@ pop_include() fclose(YY_CURRENT_BUFFER->yy_input_file); yy_delete_buffer(YY_CURRENT_BUFFER); keepopen = FALSE; - if ((pl = istack[idepth - 1].more) != NULL) { - /* Move to next file in the dir. */ - istack[idepth - 1].more = pl->next; - if ((fp = open_sudoers(pl->path, FALSE, &keepopen)) == NULL) { - yyerror(pl->path); - return(FALSE); /* XXX - just to go next one */ + /* If we are in an include dir, move to the next file. */ + while ((pl = istack[idepth - 1].more) != NULL) { + fp = open_sudoers(pl->path, FALSE, &keepopen); + if (fp != NULL) { + istack[idepth - 1].more = pl->next; + efree(sudoers); + sudoers = pl->path; + sudolineno = 1; + yy_switch_to_buffer(yy_create_buffer(fp, YY_BUF_SIZE)); + efree(pl); + break; } - efree(sudoers); - sudoers = pl->path; - sudolineno = 1; - yy_switch_to_buffer(yy_create_buffer(fp, YY_BUF_SIZE)); + /* Unable to open path in include dir, go to next one. */ + istack[idepth - 1].more = pl->next; + efree(pl->path); efree(pl); - } else { + } + /* If no path list, just pop the last dir on the stack. */ + if (pl == NULL) { idepth--; yy_switch_to_buffer(istack[idepth].bs); efree(sudoers);