From: Todd C. Miller Date: Sun, 14 Aug 2011 14:44:31 +0000 (-0400) Subject: Add primitive format string support to the lbuf code. X-Git-Tag: SUDO_1_7_7~5 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ff6795241926fcb2f3b4a08eb485f8c43b5b99ba;p=sudo Add primitive format string support to the lbuf code. --HG-- branch : 1.7 --- diff --git a/lbuf.c b/lbuf.c index bafea18f8..42db57cc8 100644 --- a/lbuf.c +++ b/lbuf.c @@ -104,110 +104,112 @@ lbuf_destroy(lbuf) } /* - * Append strings to the buffer, expanding it as needed. + * Parse the format and append strings, only %s and %% escapes are supported. + * Any characters in set are quoted with a backslash. */ void #ifdef __STDC__ -lbuf_append_quoted(struct lbuf *lbuf, const char *set, ...) +lbuf_append_quoted(struct lbuf *lbuf, const char *set, const char *fmt, ...) #else -lbuf_append_quoted(lbuf, set, va_alist) - struct lbuf *lbuf; - const char *set; - va_dcl +lbuf_append_quoted(lbuf, set, fmt, va_alist) + struct lbuf *lbuf; + const char *set; + const char *fmt; + va_dcl #endif { va_list ap; - int len = 0; - char *cp, *s; - -#ifdef __STDC__ - va_start(ap, set); -#else - va_start(ap); -#endif - while ((s = va_arg(ap, char *)) != NULL) { - len += strlen(s); - for (cp = s; (cp = strpbrk(cp, set)) != NULL; cp++) - len++; - } - va_end(ap); - - /* Expand buffer as needed. */ - if (lbuf->len + len >= lbuf->size) { - do { - lbuf->size += 256; - } while (lbuf->len + len >= lbuf->size); - lbuf->buf = erealloc(lbuf->buf, lbuf->size); - } + int len; + char *cp, *s = NULL; #ifdef __STDC__ - va_start(ap, set); + va_start(ap, fmt); #else va_start(ap); #endif - /* Append each string. */ - while ((s = va_arg(ap, char *)) != NULL) { - while ((cp = strpbrk(s, set)) != NULL) { - len = (int)(cp - s); - memcpy(lbuf->buf + lbuf->len, s, len); - lbuf->len += len; - lbuf->buf[lbuf->len++] = '\\'; - lbuf->buf[lbuf->len++] = *cp; - s = cp + 1; - } - if (*s != '\0') { + while (*fmt != '\0') { + len = 1; + if (fmt[0] == '%' && fmt[1] == 's') { + s = va_arg(ap, char *); len = strlen(s); - memcpy(lbuf->buf + lbuf->len, s, len); - lbuf->len += len; } + /* Assume worst case that all chars must be escaped. */ + if (lbuf->len + (len * 2) + 1 >= lbuf->size) { + do { + lbuf->size += 256; + } while (lbuf->len + len + 1 >= lbuf->size); + lbuf->buf = erealloc(lbuf->buf, lbuf->size); + } + if (*fmt == '%') { + if (*(++fmt) == 's') { + while ((cp = strpbrk(s, set)) != NULL) { + len = (int)(cp - s); + memcpy(lbuf->buf + lbuf->len, s, len); + lbuf->len += len; + lbuf->buf[lbuf->len++] = '\\'; + lbuf->buf[lbuf->len++] = *cp; + s = cp + 1; + } + if (*s != '\0') { + len = strlen(s); + memcpy(lbuf->buf + lbuf->len, s, len); + lbuf->len += len; + } + fmt++; + continue; + } + } + if (strchr(set, *fmt) != NULL) + lbuf->buf[lbuf->len++] = '\\'; + lbuf->buf[lbuf->len++] = *fmt++; } lbuf->buf[lbuf->len] = '\0'; va_end(ap); } /* - * Append strings to the buffer, expanding it as needed. + * Parse the format and append strings, only %s and %% escapes are supported. */ void #ifdef __STDC__ -lbuf_append(struct lbuf *lbuf, ...) +lbuf_append(struct lbuf *lbuf, const char *fmt, ...) #else -lbuf_append(lbuf, va_alist) - struct lbuf *lbuf; - va_dcl +lbuf_append_quoted(lbuf, fmt, va_alist) + struct lbuf *lbuf; + const char *fmt; + va_dcl #endif { va_list ap; - int len = 0; - char *s; - -#ifdef __STDC__ - va_start(ap, lbuf); -#else - va_start(ap); -#endif - while ((s = va_arg(ap, char *)) != NULL) - len += strlen(s); - va_end(ap); - - /* Expand buffer as needed. */ - if (lbuf->len + len >= lbuf->size) { - do { - lbuf->size += 256; - } while (lbuf->len + len >= lbuf->size); - lbuf->buf = erealloc(lbuf->buf, lbuf->size); - } + int len; + char *s = NULL; #ifdef __STDC__ - va_start(ap, lbuf); + va_start(ap, fmt); #else va_start(ap); #endif - /* Append each string. */ - while ((s = va_arg(ap, char *)) != NULL) { - len = strlen(s); - memcpy(lbuf->buf + lbuf->len, s, len); - lbuf->len += len; + while (*fmt != '\0') { + len = 1; + if (fmt[0] == '%' && fmt[1] == 's') { + s = va_arg(ap, char *); + len = strlen(s); + } + if (lbuf->len + len + 1 >= lbuf->size) { + do { + lbuf->size += 256; + } while (lbuf->len + len + 1 >= lbuf->size); + lbuf->buf = erealloc(lbuf->buf, lbuf->size); + } + if (*fmt == '%') { + if (*(++fmt) == 's') { + memcpy(lbuf->buf + lbuf->len, s, len); + lbuf->len += len; + fmt++; + continue; + } + } + lbuf->buf[lbuf->len++] = *fmt++; } lbuf->buf[lbuf->len] = '\0'; va_end(ap); diff --git a/lbuf.h b/lbuf.h index db6f96451..fabddc748 100644 --- a/lbuf.h +++ b/lbuf.h @@ -33,8 +33,8 @@ struct lbuf { }; int get_ttycols __P((void)); -void lbuf_append __P((struct lbuf *, ...)); -void lbuf_append_quoted __P((struct lbuf *, const char *, ...)); +void lbuf_append __P((struct lbuf *, const char *, ...) __printflike(2, 3)); +void lbuf_append_quoted __P((struct lbuf *, const char *, const char *, ...)) __printflike(3, 4); void lbuf_destroy __P((struct lbuf *)); void lbuf_init __P((struct lbuf *, int (*)(const char *), int, const char *)); void lbuf_print __P((struct lbuf *)); diff --git a/ldap.c b/ldap.c index a1cf4a6c8..700b410a8 100644 --- a/ldap.c +++ b/ldap.c @@ -1480,7 +1480,7 @@ sudo_ldap_display_defaults(nss, pw, lbuf) else prefix = ", "; for (p = bv; *p != NULL; p++) { - lbuf_append(lbuf, prefix, (*p)->bv_val, NULL); + lbuf_append(lbuf, "%s%s", prefix, (*p)->bv_val); prefix = ", "; count++; } @@ -1519,7 +1519,7 @@ sudo_ldap_display_entry_short(ld, entry, lbuf) struct berval **bv, **p; int count = 0; - lbuf_append(lbuf, " (", NULL); + lbuf_append(lbuf, " ("); /* get the RunAsUser Values from the entry */ bv = ldap_get_values_len(ld, entry, "sudoRunAsUser"); @@ -1527,26 +1527,22 @@ sudo_ldap_display_entry_short(ld, entry, lbuf) bv = ldap_get_values_len(ld, entry, "sudoRunAs"); if (bv != NULL) { for (p = bv; *p != NULL; p++) { - if (p != bv) - lbuf_append(lbuf, ", ", NULL); - lbuf_append(lbuf, (*p)->bv_val, NULL); + lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); } ldap_value_free_len(bv); } else - lbuf_append(lbuf, def_runas_default, NULL); + lbuf_append(lbuf, "%s", def_runas_default); /* get the RunAsGroup Values from the entry */ bv = ldap_get_values_len(ld, entry, "sudoRunAsGroup"); if (bv != NULL) { - lbuf_append(lbuf, " : ", NULL); + lbuf_append(lbuf, " : "); for (p = bv; *p != NULL; p++) { - if (p != bv) - lbuf_append(lbuf, ", ", NULL); - lbuf_append(lbuf, (*p)->bv_val, NULL); + lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); } ldap_value_free_len(bv); } - lbuf_append(lbuf, ") ", NULL); + lbuf_append(lbuf, ") "); /* get the Option Values from the entry */ bv = ldap_get_values_len(ld, entry, "sudoOption"); @@ -1568,7 +1564,7 @@ sudo_ldap_display_entry_short(ld, entry, lbuf) tag = (*p)->bv_val[0] == '!' ? "NOSETENV: " : "SETENV: "; if (tag != NULL) - lbuf_append(lbuf, tag, NULL); + lbuf_append(lbuf, tag); } ldap_value_free_len(bv); } @@ -1577,14 +1573,12 @@ sudo_ldap_display_entry_short(ld, entry, lbuf) bv = ldap_get_values_len(ld, entry, "sudoCommand"); if (bv != NULL) { for (p = bv; *p != NULL; p++) { - if (p != bv) - lbuf_append(lbuf, ", ", NULL); - lbuf_append(lbuf, (*p)->bv_val, NULL); + lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); count++; } ldap_value_free_len(bv); } - lbuf_append(lbuf, "\n", NULL); + lbuf_append(lbuf, "\n"); return count; } @@ -1604,50 +1598,44 @@ sudo_ldap_display_entry_long(ld, entry, lbuf) /* extract the dn, only show the first rdn */ rdn = sudo_ldap_get_first_rdn(ld, entry); - lbuf_append(lbuf, "\nLDAP Role: ", rdn ? rdn : "UNKNOWN", "\n", NULL); + lbuf_append(lbuf, "\nLDAP Role: %s\n", rdn ? rdn : "UNKNOWN"); if (rdn) ldap_memfree(rdn); /* get the RunAsUser Values from the entry */ - lbuf_append(lbuf, " RunAsUsers: ", NULL); + lbuf_append(lbuf, " RunAsUsers: "); bv = ldap_get_values_len(ld, entry, "sudoRunAsUser"); if (bv == NULL) bv = ldap_get_values_len(ld, entry, "sudoRunAs"); if (bv != NULL) { for (p = bv; *p != NULL; p++) { - if (p != bv) - lbuf_append(lbuf, ", ", NULL); - lbuf_append(lbuf, (*p)->bv_val, NULL); + lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); } ldap_value_free_len(bv); } else - lbuf_append(lbuf, def_runas_default, NULL); - lbuf_append(lbuf, "\n", NULL); + lbuf_append(lbuf, "%s", def_runas_default); + lbuf_append(lbuf, "\n"); /* get the RunAsGroup Values from the entry */ bv = ldap_get_values_len(ld, entry, "sudoRunAsGroup"); if (bv != NULL) { - lbuf_append(lbuf, " RunAsGroups: ", NULL); + lbuf_append(lbuf, " RunAsGroups: "); for (p = bv; *p != NULL; p++) { - if (p != bv) - lbuf_append(lbuf, ", ", NULL); - lbuf_append(lbuf, (*p)->bv_val, NULL); + lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); } ldap_value_free_len(bv); - lbuf_append(lbuf, "\n", NULL); + lbuf_append(lbuf, "\n"); } /* get the Option Values from the entry */ bv = ldap_get_values_len(ld, entry, "sudoOption"); if (bv != NULL) { - lbuf_append(lbuf, " Options: ", NULL); + lbuf_append(lbuf, " Options: "); for (p = bv; *p != NULL; p++) { - if (p != bv) - lbuf_append(lbuf, ", ", NULL); - lbuf_append(lbuf, (*p)->bv_val, NULL); + lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); } ldap_value_free_len(bv); - lbuf_append(lbuf, "\n", NULL); + lbuf_append(lbuf, "\n"); } /* @@ -1657,7 +1645,7 @@ sudo_ldap_display_entry_long(ld, entry, lbuf) bv = ldap_get_values_len(ld, entry, "sudoOrder"); if (bv != NULL) { if (*bv != NULL) { - lbuf_append(lbuf, " Order: ", (*bv)->bv_val, "\n", NULL); + lbuf_append(lbuf, " Order: %s\n", (*bv)->bv_val); } ldap_value_free_len(bv); } @@ -1665,9 +1653,9 @@ sudo_ldap_display_entry_long(ld, entry, lbuf) /* Get the command values from the entry. */ bv = ldap_get_values_len(ld, entry, "sudoCommand"); if (bv != NULL) { - lbuf_append(lbuf, " Commands:\n", NULL); + lbuf_append(lbuf, " Commands:\n"); for (p = bv; *p != NULL; p++) { - lbuf_append(lbuf, "\t", (*p)->bv_val, "\n", NULL); + lbuf_append(lbuf, "\t%s\n", (*p)->bv_val); count++; } ldap_value_free_len(bv); diff --git a/parse.c b/parse.c index 1da7d0a02..be719d4d1 100644 --- a/parse.c +++ b/parse.c @@ -275,33 +275,28 @@ sudo_file_append_cmnd(cs, tags, lbuf) #ifdef HAVE_SELINUX if (cs->role) - lbuf_append(lbuf, "ROLE=", cs->role, " ", NULL); + lbuf_append(lbuf, "ROLE=%s ", cs->role); if (cs->type) - lbuf_append(lbuf, "TYPE=", cs->type, " ", NULL); + lbuf_append(lbuf, "TYPE=%s ", cs->type); #endif /* HAVE_SELINUX */ if (TAG_CHANGED(setenv)) { - lbuf_append(lbuf, cs->tags.setenv ? "SETENV: " : - "NOSETENV: ", NULL); + lbuf_append(lbuf, cs->tags.setenv ? "SETENV: " : "NOSETENV: "); tags->setenv = cs->tags.setenv; } if (TAG_CHANGED(noexec)) { - lbuf_append(lbuf, cs->tags.noexec ? "NOEXEC: " : - "EXEC: ", NULL); + lbuf_append(lbuf, cs->tags.noexec ? "NOEXEC: " : "EXEC: "); tags->noexec = cs->tags.noexec; } if (TAG_CHANGED(nopasswd)) { - lbuf_append(lbuf, cs->tags.nopasswd ? "NOPASSWD: " : - "PASSWD: ", NULL); + lbuf_append(lbuf, cs->tags.nopasswd ? "NOPASSWD: " : "PASSWD: "); tags->nopasswd = cs->tags.nopasswd; } if (TAG_CHANGED(log_input)) { - lbuf_append(lbuf, cs->tags.log_input ? "LOG_INPUT: " : - "NOLOG_INPUT: ", NULL); + lbuf_append(lbuf, cs->tags.log_input ? "LOG_INPUT: " : "NOLOG_INPUT: "); tags->log_input = cs->tags.log_input; } if (TAG_CHANGED(log_output)) { - lbuf_append(lbuf, cs->tags.log_output ? "LOG_OUTPUT: " : - "NOLOG_OUTPUT: ", NULL); + lbuf_append(lbuf, cs->tags.log_output ? "LOG_OUTPUT: " : "NOLOG_OUTPUT: "); tags->log_output = cs->tags.log_output; } m = cs->cmnd; @@ -329,37 +324,37 @@ sudo_file_display_priv_short(pw, us, lbuf) tags.nopasswd = UNSPEC; tags.log_input = UNSPEC; tags.log_output = UNSPEC; - lbuf_append(lbuf, " ", NULL); + lbuf_append(lbuf, " "); tq_foreach_fwd(&priv->cmndlist, cs) { if (cs != tq_first(&priv->cmndlist)) - lbuf_append(lbuf, ", ", NULL); - lbuf_append(lbuf, "(", NULL); + lbuf_append(lbuf, ", "); + lbuf_append(lbuf, "("); if (!tq_empty(&cs->runasuserlist)) { tq_foreach_fwd(&cs->runasuserlist, m) { if (m != tq_first(&cs->runasuserlist)) - lbuf_append(lbuf, ", ", NULL); + lbuf_append(lbuf, ", "); print_member(lbuf, m->name, m->type, m->negated, RUNASALIAS); } } else if (tq_empty(&cs->runasgrouplist)) { - lbuf_append(lbuf, def_runas_default, NULL); + lbuf_append(lbuf, "%s", def_runas_default); } else { - lbuf_append(lbuf, pw->pw_name, NULL); + lbuf_append(lbuf, "%s", pw->pw_name); } if (!tq_empty(&cs->runasgrouplist)) { - lbuf_append(lbuf, " : ", NULL); + lbuf_append(lbuf, " : "); tq_foreach_fwd(&cs->runasgrouplist, m) { if (m != tq_first(&cs->runasgrouplist)) - lbuf_append(lbuf, ", ", NULL); + lbuf_append(lbuf, ", "); print_member(lbuf, m->name, m->type, m->negated, RUNASALIAS); } } - lbuf_append(lbuf, ") ", NULL); + lbuf_append(lbuf, ") "); sudo_file_append_cmnd(cs, &tags, lbuf); nfound++; } - lbuf_append(lbuf, "\n", NULL); + lbuf_append(lbuf, "\n"); } return nfound; } @@ -384,35 +379,35 @@ sudo_file_display_priv_long(pw, us, lbuf) tags.nopasswd = UNSPEC; tags.log_input = UNSPEC; tags.log_output = UNSPEC; - lbuf_append(lbuf, "\nSudoers entry:\n", NULL); + lbuf_append(lbuf, "\nSudoers entry:\n"); tq_foreach_fwd(&priv->cmndlist, cs) { - lbuf_append(lbuf, " RunAsUsers: ", NULL); + lbuf_append(lbuf, " RunAsUsers: "); if (!tq_empty(&cs->runasuserlist)) { tq_foreach_fwd(&cs->runasuserlist, m) { if (m != tq_first(&cs->runasuserlist)) - lbuf_append(lbuf, ", ", NULL); + lbuf_append(lbuf, ", "); print_member(lbuf, m->name, m->type, m->negated, RUNASALIAS); } } else if (tq_empty(&cs->runasgrouplist)) { - lbuf_append(lbuf, def_runas_default, NULL); + lbuf_append(lbuf, "%s", def_runas_default); } else { - lbuf_append(lbuf, pw->pw_name, NULL); + lbuf_append(lbuf, "%s", pw->pw_name); } - lbuf_append(lbuf, "\n", NULL); + lbuf_append(lbuf, "\n"); if (!tq_empty(&cs->runasgrouplist)) { - lbuf_append(lbuf, " RunAsGroups: ", NULL); + lbuf_append(lbuf, " RunAsGroups: "); tq_foreach_fwd(&cs->runasgrouplist, m) { if (m != tq_first(&cs->runasgrouplist)) - lbuf_append(lbuf, ", ", NULL); + lbuf_append(lbuf, ", "); print_member(lbuf, m->name, m->type, m->negated, RUNASALIAS); } - lbuf_append(lbuf, "\n", NULL); + lbuf_append(lbuf, "\n"); } - lbuf_append(lbuf, " Commands:\n\t", NULL); + lbuf_append(lbuf, " Commands:\n\t"); sudo_file_append_cmnd(cs, &tags, lbuf); - lbuf_append(lbuf, "\n", NULL); + lbuf_append(lbuf, "\n"); nfound++; } } @@ -479,18 +474,18 @@ sudo_file_display_defaults(nss, pw, lbuf) case DEFAULTS_CMND: continue; } - lbuf_append(lbuf, prefix, NULL); + lbuf_append(lbuf, prefix); if (d->val != NULL) { - lbuf_append(lbuf, d->var, d->op == '+' ? "+=" : - d->op == '-' ? "-=" : "=", NULL); + lbuf_append(lbuf, "%s%s", d->var, d->op == '+' ? "+=" : + d->op == '-' ? "-=" : "="); if (strpbrk(d->val, " \t") != NULL) { - lbuf_append(lbuf, "\"", NULL); - lbuf_append_quoted(lbuf, "\"", d->val, NULL); - lbuf_append(lbuf, "\"", NULL); + lbuf_append(lbuf, "\""); + lbuf_append_quoted(lbuf, "\"", "%s", d->val); + lbuf_append(lbuf, "\""); } else - lbuf_append_quoted(lbuf, SUDOERS_QUOTED, d->val, NULL); + lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", d->val); } else - lbuf_append(lbuf, d->op == FALSE ? "!" : "", d->var, NULL); + lbuf_append(lbuf, "%s%s", d->op == FALSE ? "!" : "", d->var); prefix = ", "; nfound++; } @@ -557,21 +552,21 @@ display_bound_defaults(dtype, lbuf) if (binding != tq_first(&d->binding)) { binding = tq_first(&d->binding); if (nfound != 1) - lbuf_append(lbuf, "\n", NULL); - lbuf_append(lbuf, " Defaults", dsep, NULL); + lbuf_append(lbuf, "\n"); + lbuf_append(lbuf, " Defaults%s", dsep); for (m = binding; m != NULL; m = m->next) { if (m != binding) - lbuf_append(lbuf, ",", NULL); + lbuf_append(lbuf, ","); print_member(lbuf, m->name, m->type, m->negated, atype); - lbuf_append(lbuf, " ", NULL); + lbuf_append(lbuf, " "); } } else - lbuf_append(lbuf, ", ", NULL); + lbuf_append(lbuf, ", "); if (d->val != NULL) { - lbuf_append(lbuf, d->var, d->op == '+' ? "+=" : - d->op == '-' ? "-=" : "=", d->val, NULL); + lbuf_append(lbuf, "%s%s%s", d->var, d->op == '+' ? "+=" : + d->op == '-' ? "-=" : "=", d->val); } else - lbuf_append(lbuf, d->op == FALSE ? "!" : "", d->var, NULL); + lbuf_append(lbuf, "%s%s", d->op == FALSE ? "!" : "", d->var); } return nfound; @@ -639,23 +634,23 @@ _print_member(lbuf, name, type, negated, alias_type) switch (type) { case ALL: - lbuf_append(lbuf, negated ? "!ALL" : "ALL", NULL); + lbuf_append(lbuf, "%sALL", negated ? "!" : ""); break; case COMMAND: c = (struct sudo_command *) name; if (negated) - lbuf_append(lbuf, "!", NULL); - lbuf_append_quoted(lbuf, SUDOERS_QUOTED, c->cmnd, NULL); + lbuf_append(lbuf, "!"); + lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", c->cmnd); if (c->args) { - lbuf_append(lbuf, " ", NULL); - lbuf_append_quoted(lbuf, SUDOERS_QUOTED, c->args, NULL); + lbuf_append(lbuf, " "); + lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", c->args); } break; case ALIAS: if ((a = alias_find(name, alias_type)) != NULL) { tq_foreach_fwd(&a->members, m) { if (m != tq_first(&a->members)) - lbuf_append(lbuf, ", ", NULL); + lbuf_append(lbuf, ", "); _print_member(lbuf, m->name, m->type, negated ? !m->negated : m->negated, alias_type); } @@ -663,7 +658,7 @@ _print_member(lbuf, name, type, negated, alias_type) } /* FALLTHROUGH */ default: - lbuf_append(lbuf, negated ? "!" : "", name, NULL); + lbuf_append(lbuf, "%s%s", negated ? "!" : "", name); break; } } diff --git a/parse_args.c b/parse_args.c index ee4245b25..d6fa8426f 100644 --- a/parse_args.c +++ b/parse_args.c @@ -353,7 +353,7 @@ usage(fatal) ulen = (int)strlen(getprogname()) + 8; lbuf_init(&lbuf, fatal ? usage_err : usage_out, ulen, NULL); for (i = 0; uvec[i] != NULL; i++) { - lbuf_append(&lbuf, "usage: ", getprogname(), uvec[i], NULL); + lbuf_append(&lbuf, "usage: %s%s", getprogname(), uvec[i]); lbuf_print(&lbuf); } lbuf_destroy(&lbuf); @@ -381,83 +381,76 @@ help() lbuf_init(&lbuf, usage_out, indent, NULL); if (strcmp(pname, "sudoedit") == 0) - lbuf_append(&lbuf, pname, " - edit files as another user\n\n", NULL); + lbuf_append(&lbuf, pname, " - edit files as another user\n\n"); else - lbuf_append(&lbuf, pname, " - execute a command as another user\n\n", NULL); + lbuf_append(&lbuf, pname, " - execute a command as another user\n\n"); lbuf_print(&lbuf); usage(0); - lbuf_append(&lbuf, "\nOptions:\n", NULL); + lbuf_append(&lbuf, "\nOptions:\n"); #ifdef HAVE_BSD_AUTH_H lbuf_append(&lbuf, - " -A use helper program for password prompting\n", NULL); + " -A use helper program for password prompting\n"); #endif lbuf_append(&lbuf, - " -a type use specified BSD authentication type\n", NULL); + " -a type use specified BSD authentication type\n"); lbuf_append(&lbuf, - " -b run command in the background\n", NULL); + " -b run command in the background\n"); lbuf_append(&lbuf, - " -C fd close all file descriptors >= fd\n", NULL); + " -C fd close all file descriptors >= fd\n"); #ifdef HAVE_LOGIN_CAP_H lbuf_append(&lbuf, - " -c class run command with specified login class\n", NULL); + " -c class run command with specified login class\n"); #endif lbuf_append(&lbuf, - " -E preserve user environment when executing command\n", - NULL); + " -E preserve user environment when executing command\n"); lbuf_append(&lbuf, - " -e edit files instead of running a command\n", NULL); + " -e edit files instead of running a command\n"); lbuf_append(&lbuf, - " -g group execute command as the specified group\n", NULL); + " -g group execute command as the specified group\n"); lbuf_append(&lbuf, - " -H set HOME variable to target user's home dir.\n", - NULL); + " -H set HOME variable to target user's home dir.\n"); lbuf_append(&lbuf, - " -h display help message and exit\n", NULL); + " -h display help message and exit\n"); lbuf_append(&lbuf, - " -i [command] run a login shell as target user\n", NULL); + " -i [command] run a login shell as target user\n"); lbuf_append(&lbuf, - " -K remove timestamp file completely\n", NULL); + " -K remove timestamp file completely\n"); lbuf_append(&lbuf, - " -k invalidate timestamp file\n", NULL); + " -k invalidate timestamp file\n"); lbuf_append(&lbuf, - " -L list supported sudoers Defaults values\n", NULL); + " -L list supported sudoers Defaults values\n"); lbuf_append(&lbuf, - " -l[l] command list user's available commands\n", NULL); + " -l[l] command list user's available commands\n"); lbuf_append(&lbuf, - " -n non-interactive mode, will not prompt user\n", NULL); + " -n non-interactive mode, will not prompt user\n"); lbuf_append(&lbuf, - " -P preserve group vector instead of setting to target's\n", - NULL); + " -P preserve group vector instead of setting to target's\n"); lbuf_append(&lbuf, - " -p prompt use specified password prompt\n", NULL); + " -p prompt use specified password prompt\n"); #ifdef HAVE_SELINUX lbuf_append(&lbuf, - " -r role create SELinux security context with specified role\n", - NULL); + " -r role create SELinux security context with specified role\n"); #endif lbuf_append(&lbuf, - " -S read password from standard input\n", NULL); + " -S read password from standard input\n"); lbuf_append(&lbuf, - " -s [command] run a shell as target user\n", NULL); + " -s [command] run a shell as target user\n"); #ifdef HAVE_SELINUX lbuf_append(&lbuf, - " -t type create SELinux security context with specified role\n", - NULL); + " -t type create SELinux security context with specified role\n"); #endif lbuf_append(&lbuf, - " -U user when listing, list specified user's privileges\n", - NULL); + " -U user when listing, list specified user's privileges\n"); lbuf_append(&lbuf, - " -u user run command (or edit file) as specified user\n", NULL); + " -u user run command (or edit file) as specified user\n"); lbuf_append(&lbuf, - " -V display version information and exit\n", NULL); + " -V display version information and exit\n"); lbuf_append(&lbuf, - " -v update user's timestamp without running a command\n", - NULL); + " -v update user's timestamp without running a command\n"); lbuf_append(&lbuf, - " -- stop processing command line arguments\n", NULL); + " -- stop processing command line arguments\n"); lbuf_print(&lbuf); lbuf_destroy(&lbuf); exit(0); diff --git a/sudo_nss.c b/sudo_nss.c index 96303202e..f9dc1128d 100644 --- a/sudo_nss.c +++ b/sudo_nss.c @@ -257,33 +257,33 @@ display_privs(snl, pw) lbuf_init(&privs, output, 4, NULL); /* Display defaults from all sources. */ - lbuf_append(&defs, "Matching Defaults entries for ", pw->pw_name, - " on this host:\n", NULL); + lbuf_append(&defs, "Matching Defaults entries for %s on this host:\n", + pw->pw_name); count = 0; tq_foreach_fwd(snl, nss) { count += nss->display_defaults(nss, pw, &defs); } if (count) - lbuf_append(&defs, "\n\n", NULL); + lbuf_append(&defs, "\n\n"); else defs.len = 0; /* Display Runas and Cmnd-specific defaults from all sources. */ olen = defs.len; - lbuf_append(&defs, "Runas and Command-specific defaults for ", pw->pw_name, - ":\n", NULL); + lbuf_append(&defs, "Runas and Command-specific defaults for %s:\n", + pw->pw_name); count = 0; tq_foreach_fwd(snl, nss) { count += nss->display_bound_defaults(nss, pw, &defs); } if (count) - lbuf_append(&defs, "\n\n", NULL); + lbuf_append(&defs, "\n\n"); else defs.len = olen; /* Display privileges from all sources. */ - lbuf_append(&privs, "User ", pw->pw_name, - " may run the following commands on this host:\n", NULL); + lbuf_append(&privs, + "User %s may run the following commands on this host:\n", pw->pw_name); count = 0; tq_foreach_fwd(snl, nss) { count += nss->display_privs(nss, pw, &privs);