From: Todd C. Miller Date: Fri, 5 Jun 2015 02:42:42 +0000 (-0600) Subject: Bring back VALIDATE_ERROR which will be used in the case of memory X-Git-Tag: SUDO_1_8_14^2~98 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=8eff57f070ba65da894dee5bd5807323c0bca1a4;p=sudo Bring back VALIDATE_ERROR which will be used in the case of memory allocation errors. --- diff --git a/plugins/sudoers/logging.c b/plugins/sudoers/logging.c index 16f50fc7a..5e4cf6847 100644 --- a/plugins/sudoers/logging.c +++ b/plugins/sudoers/logging.c @@ -770,7 +770,7 @@ should_mail(int status) { debug_decl(should_mail, SUDOERS_DEBUG_LOGGING) - debug_return_bool(def_mail_always || + debug_return_bool(def_mail_always || ISSET(status, VALIDATE_ERROR) || (def_mail_all_cmnds && ISSET(sudo_mode, (MODE_RUN|MODE_EDIT))) || (def_mail_no_user && ISSET(status, FLAG_NO_USER)) || (def_mail_no_host && ISSET(status, FLAG_NO_HOST)) || diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c index cdeadcac1..8d6b1db7c 100644 --- a/plugins/sudoers/sudoers.c +++ b/plugins/sudoers/sudoers.c @@ -294,7 +294,11 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[], TAILQ_FOREACH(nss, snl, entries) { validated = nss->lookup(nss, validated, pwflag); - if (ISSET(validated, VALIDATE_SUCCESS)) { + if (ISSET(validated, VALIDATE_ERROR)) { + /* The lookup function should have printed an error. */ + rval = -1; + goto done; + } else if (ISSET(validated, VALIDATE_SUCCESS)) { /* Handle [SUCCESS=return] */ if (nss->ret_if_found) break; diff --git a/plugins/sudoers/sudoers.h b/plugins/sudoers/sudoers.h index de4e87f3f..b44c118e0 100644 --- a/plugins/sudoers/sudoers.h +++ b/plugins/sudoers/sudoers.h @@ -113,8 +113,9 @@ struct sudo_user { * Return values for sudoers_lookup(), also used as arguments for log_auth() * Note: cannot use '0' as a value here. */ -#define VALIDATE_SUCCESS 0x001 -#define VALIDATE_FAILURE 0x002 +#define VALIDATE_ERROR 0x001 +#define VALIDATE_SUCCESS 0x002 +#define VALIDATE_FAILURE 0x004 #define FLAG_CHECK_USER 0x010 #define FLAG_NO_USER 0x020 #define FLAG_NO_HOST 0x040