From: Todd C. Miller Date: Wed, 9 Dec 2015 21:57:33 +0000 (-0700) Subject: When parsing sudoOptions that include an operator (!, +, +=, -=) X-Git-Tag: SUDO_1_8_16^2~97 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d46d0fbc6fb5e3204d3970f0d8c88ae105923681;p=sudo When parsing sudoOptions that include an operator (!, +, +=, -=) strip out any whitespace on either side of the operator. --- diff --git a/plugins/sudoers/ldap.c b/plugins/sudoers/ldap.c index f46fc2d77..1f547f557 100644 --- a/plugins/sudoers/ldap.c +++ b/plugins/sudoers/ldap.c @@ -1046,7 +1046,7 @@ static bool sudo_ldap_parse_options(LDAP *ld, LDAPMessage *entry) { struct berval **bv, **p; - char *var, *val; + char *cp, *var; int op; bool rc = false; debug_decl(sudo_ldap_parse_options, SUDOERS_DEBUG_LDAP) @@ -1064,17 +1064,25 @@ sudo_ldap_parse_options(LDAP *ld, LDAPMessage *entry) DPRINTF2("ldap sudoOption: '%s'", var); /* check for equals sign past first char */ - val = strchr(var, '='); - if (val > var) { - *val++ = '\0'; /* split on = and truncate var */ - op = val[-2]; /* peek for += or -= cases */ + cp = strchr(var, '='); + if (cp > var) { + char *val = cp + 1; + op = cp[-1]; /* peek for += or -= cases */ if (op == '+' || op == '-') { /* case var+=val or var-=val */ - val[-2] = '\0'; /* remove extra + or - char */ + cp--; } else { /* case var=val */ op = true; } + /* Trim whitespace between var and operator. */ + while (cp > var && isblank((unsigned char)cp[-1])) + cp--; + /* Truncate variable name. */ + *cp = '\0'; + /* Trim leading whitespace from val. */ + while (isblank((unsigned char)*val)) + val++; /* Strip double quotes if present. */ if (*val == '"') { char *ep = val + strlen(val); @@ -1086,7 +1094,10 @@ sudo_ldap_parse_options(LDAP *ld, LDAPMessage *entry) set_default(var, val, op); } else if (*var == '!') { /* case !var Boolean False */ - set_default(var + 1, NULL, false); + do { + var++; + } while (isblank((unsigned char)*var)); + set_default(var, NULL, false); } else { /* case var Boolean True */ set_default(var, NULL, true); diff --git a/plugins/sudoers/sssd.c b/plugins/sudoers/sssd.c index 5bdc4d5af..0fb19f970 100644 --- a/plugins/sudoers/sssd.c +++ b/plugins/sudoers/sssd.c @@ -1024,7 +1024,7 @@ sudo_sss_parse_options(struct sudo_sss_handle *handle, struct sss_sudo_rule *rul { int i, op; bool ret = false; - char *v, *val; + char *cp, *v; char **val_array = NULL; debug_decl(sudo_sss_parse_options, SUDOERS_DEBUG_SSSD); @@ -1052,17 +1052,25 @@ sudo_sss_parse_options(struct sudo_sss_handle *handle, struct sss_sudo_rule *rul } /* check for equals sign past first char */ - val = strchr(v, '='); - if (val > v) { - *val++ = '\0'; /* split on = and truncate var */ - op = val[-2]; /* peek for += or -= cases */ + cp = strchr(v, '='); + if (cp > v) { + char *val = cp + 1; + op = cp[-1]; /* peek for += or -= cases */ if (op == '+' || op == '-') { /* case var+=val or var-=val */ - val[-2] = '\0'; /* remove extra + or - char */ + cp--; } else { /* case var=val */ op = true; } + /* Trim whitespace between var and operator. */ + while (cp > v && isblank((unsigned char)cp[-1])) + cp--; + /* Truncate variable name. */ + *cp = '\0'; + /* Trim leading whitespace from val. */ + while (isblank((unsigned char)*val)) + val++; /* Strip double quotes if present. */ if (*val == '"') { char *ep = val + strlen(val); @@ -1074,7 +1082,10 @@ sudo_sss_parse_options(struct sudo_sss_handle *handle, struct sss_sudo_rule *rul set_default(v, val, op); } else if (*v == '!') { /* case !var Boolean False */ - set_default(v + 1, NULL, false); + do { + v++; + } while (isblank((unsigned char)*v)); + set_default(v, NULL, false); } else { /* case var Boolean True */ set_default(v, NULL, true);