From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Wed, 26 Mar 2014 20:15:15 +0000 (-0600)
Subject: In find_path(), return NOT_FOUND_ERROR instead of calling fatal()
X-Git-Tag: SUDO_1_8_11^2~243
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=639ac92e6d6753e82d51ea89e6e63308ec57fc9f;p=sudo

In find_path(), return NOT_FOUND_ERROR instead of calling fatal()
if the path is too long.  Remove an extraneous check against PATH_MAX
in set_cmnd() since find_path() already contains such a check.
---

diff --git a/plugins/sudoers/find_path.c b/plugins/sudoers/find_path.c
index 7dea1edac..d806eecf6 100644
--- a/plugins/sudoers/find_path.c
+++ b/plugins/sudoers/find_path.c
@@ -66,7 +66,7 @@ find_path(char *infile, char **outfile, struct stat *sbp, char *path,
 
     if (strlen(infile) >= PATH_MAX) {
 	errno = ENAMETOOLONG;
-	fatal("%s", infile);
+	debug_return_int(NOT_FOUND_ERROR);
     }
 
     /*
@@ -106,8 +106,9 @@ find_path(char *infile, char **outfile, struct stat *sbp, char *path,
 	 */
 	len = snprintf(command, sizeof(command), "%s/%s", path, infile);
 	if (len <= 0 || (size_t)len >= sizeof(command)) {
+	    efree(origpath);
 	    errno = ENAMETOOLONG;
-	    fatal("%s", infile);
+	    debug_return_int(NOT_FOUND_ERROR);
 	}
 	if ((found = sudo_goodpath(command, sbp)))
 	    break;
@@ -124,7 +125,7 @@ find_path(char *infile, char **outfile, struct stat *sbp, char *path,
 	len = snprintf(command, sizeof(command), "./%s", infile);
 	if (len <= 0 || (size_t)len >= sizeof(command)) {
 	    errno = ENAMETOOLONG;
-	    fatal("%s", infile);
+	    debug_return_int(NOT_FOUND_ERROR);
 	}
 	found = sudo_goodpath(command, sbp);
 	if (found && ignore_dot)
diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c
index fe4550460..377c7ce75 100644
--- a/plugins/sudoers/sudoers.c
+++ b/plugins/sudoers/sudoers.c
@@ -623,13 +623,18 @@ set_cmnd(void)
 	    rval = find_path(NewArgv[0], &user_cmnd, user_stat, path,
 		def_ignore_dot);
 	    restore_perms();
-	    if (rval != FOUND) {
+	    if (rval == NOT_FOUND) {
 		/* Failed as root, try as invoking user. */
 		set_perms(PERM_USER);
 		rval = find_path(NewArgv[0], &user_cmnd, user_stat, path,
 		    def_ignore_dot);
 		restore_perms();
 	    }
+	    if (rval == NOT_FOUND_ERROR) {
+		if (errno == ENAMETOOLONG)
+		    audit_failure(NewArgv, N_("command too long"));
+		log_fatal(NO_MAIL|USE_ERRNO, NewArgv[0]);
+	    }
 	}
 
 	/* set user_args */
@@ -668,11 +673,6 @@ set_cmnd(void)
 	    }
 	}
     }
-    if (strlen(user_cmnd) >= PATH_MAX) {
-	audit_failure(NewArgv, N_("command too long"));
-	errno = ENAMETOOLONG;
-	fatal("%s", user_cmnd);
-    }
 
     if ((user_base = strrchr(user_cmnd, '/')) != NULL)
 	user_base++;
diff --git a/plugins/sudoers/sudoers.h b/plugins/sudoers/sudoers.h
index 5ffe98c06..7338a61d2 100644
--- a/plugins/sudoers/sudoers.h
+++ b/plugins/sudoers/sudoers.h
@@ -128,9 +128,10 @@ struct sudo_user {
 /*
  * find_path()/set_cmnd() return values
  */
-#define FOUND                   0
-#define NOT_FOUND               1
+#define FOUND			0
+#define NOT_FOUND		1
 #define NOT_FOUND_DOT		2
+#define NOT_FOUND_ERROR		3
 
 /*
  * Various modes sudo can be in (based on arguments) in hex