From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Thu, 8 Apr 2010 13:40:27 +0000 (-0400)
Subject: If log_input or log_output returns false, terminate the command.
X-Git-Tag: SUDO_1_8_0~739
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=b457f1371846211b9f101e1edd541aa06f926ba8;p=sudo

If log_input or log_output returns false, terminate the command.
---

diff --git a/src/script.c b/src/script.c
index 3e494edad..5ebd69973 100644
--- a/src/script.c
+++ b/src/script.c
@@ -140,39 +140,49 @@ script_setup(uid_t uid)
 }
 
 /* Call I/O plugin input method. */
-static void
+static int
 log_input(char *buf, unsigned int n)
 {
     struct plugin_container *plugin;
     sigset_t omask;
+    int rval = TRUE;
 
     sigprocmask(SIG_BLOCK, &ttyblock, &omask);
 
     tq_foreach_fwd(&io_plugins, plugin) {
-	/* XXX - die if return != TRUE */
-	if (plugin->u.io->log_input)
-	    plugin->u.io->log_input(buf, n);
+	if (plugin->u.io->log_input) {
+	    if (!plugin->u.io->log_input(buf, n)) {
+	    	rval = FALSE;
+		break;
+	    }
+	}
     }
 
     sigprocmask(SIG_SETMASK, &omask, NULL);
+    return rval;
 }
 
 /* Call I/O plugin output method. */
-static void
+static int
 log_output(char *buf, unsigned int n)
 {
     struct plugin_container *plugin;
     sigset_t omask;
+    int rval = TRUE;
 
     sigprocmask(SIG_BLOCK, &ttyblock, &omask);
 
     tq_foreach_fwd(&io_plugins, plugin) {
-	/* XXX - die if return != TRUE */
-	if (plugin->u.io->log_output)
-	    plugin->u.io->log_output(buf, n);
+	if (plugin->u.io->log_output) {
+	    if (!plugin->u.io->log_output(buf, n)) {
+	    	rval = FALSE;
+		break;
+	    }
+	}
     }
 
     sigprocmask(SIG_SETMASK, &omask, NULL);
+    return rval;
 }
 
 static void
@@ -637,7 +647,8 @@ script_execve(struct command_details *details, char *argv[], char *envp[],
 	    } else {
 		if (n == 0)
 		    break; /* got EOF */
-		log_input(input.buf + input.len, n);
+		if (!log_input(input.buf + input.len, n))
+		    terminate_child(child, TRUE);
 		input.len += n;
 	    }
 	}
@@ -664,7 +675,8 @@ script_execve(struct command_details *details, char *argv[], char *envp[],
 	    } else {
 		if (n == 0)
 		    break; /* got EOF */
-		log_output(output.buf + output.len, n);
+		if (!log_output(output.buf + output.len, n))
+		    terminate_child(child, TRUE);
 		output.len += n;
 	    }
 	}