From 4f9a93f658a6ea15c4218e2cb35747ccee19d2ba Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 28 Jul 2011 10:59:37 -0400 Subject: [PATCH] Fix some potential problems found by the clang static analyzer, none serious. --- plugins/sudoers/check.c | 3 +- plugins/sudoers/group_plugin.c | 1 - plugins/sudoers/ldap.c | 10 +++--- plugins/sudoers/parse.c | 7 +--- plugins/sudoers/set_perms.c | 60 ++++++++++++++++++++++------------ plugins/sudoers/toke.c | 6 ++-- plugins/sudoers/toke.l | 4 ++- 7 files changed, 55 insertions(+), 36 deletions(-) diff --git a/plugins/sudoers/check.c b/plugins/sudoers/check.c index 62c7f2c69..6a361054d 100644 --- a/plugins/sudoers/check.c +++ b/plugins/sudoers/check.c @@ -653,7 +653,8 @@ remove_timestamp(int remove) path, strerror(errno)); remove = FALSE; } - } else { + } + if (!remove) { timevalclear(&tv); if (touch(-1, path, &tv) == -1 && errno != ENOENT) error(1, _("unable to reset %s to the epoch"), path); diff --git a/plugins/sudoers/group_plugin.c b/plugins/sudoers/group_plugin.c index 614ce1a29..a60a87dc7 100644 --- a/plugins/sudoers/group_plugin.c +++ b/plugins/sudoers/group_plugin.c @@ -77,7 +77,6 @@ group_plugin_load(char *plugin_info) /* * Fill in .so path and split out args (if any). */ - args = strpbrk(plugin_info, " \t"); if ((args = strpbrk(plugin_info, " \t")) != NULL) { len = snprintf(path, sizeof(path), "%s%.*s", (*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "", diff --git a/plugins/sudoers/ldap.c b/plugins/sudoers/ldap.c index 19cd5ece9..a788543ac 100644 --- a/plugins/sudoers/ldap.c +++ b/plugins/sudoers/ldap.c @@ -2059,7 +2059,7 @@ sudo_ldap_setdefs(struct sudo_nss *nss) } result = NULL; rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE, - filt, NULL, 0, NULL, NULL, NULL, 0, &result); + filt, NULL, 0, NULL, NULL, tvp, 0, &result); if (rc == LDAP_SUCCESS && (entry = ldap_first_entry(ld, result))) { DPRINTF(("found:%s", ldap_get_dn(ld, entry)), 1); sudo_ldap_parse_options(ld, entry); @@ -2083,7 +2083,7 @@ sudo_ldap_lookup(struct sudo_nss *nss, int ret, int pwflag) struct sudo_ldap_handle *handle = nss->handle; LDAP *ld; LDAPMessage *entry; - int i, rc, setenv_implied, matched = UNSPEC; + int i, rc, setenv_implied; struct ldap_result *lres = NULL; if (handle == NULL || handle->ld == NULL) @@ -2098,11 +2098,12 @@ sudo_ldap_lookup(struct sudo_nss *nss, int ret, int pwflag) * password is required, so the order of the entries doesn't matter. */ if (pwflag) { - DPRINTF(("perform search for pwflag %d", pwflag), 1); int doauth = UNSPEC; + int matched = UNSPEC; enum def_tuple pwcheck = (pwflag == -1) ? never : sudo_defs_table[pwflag].sd_un.tuple; + DPRINTF(("perform search for pwflag %d", pwflag), 1); for (i = 0; i < lres->nentries; i++) { entry = lres->entries[i].entry; if ((pwcheck == any && doauth != FALSE) || @@ -2152,7 +2153,6 @@ sudo_ldap_lookup(struct sudo_nss *nss, int ret, int pwflag) if (rc != UNSPEC) { /* We have a match. */ DPRINTF(("Command %sallowed", rc == TRUE ? "" : "NOT "), 1); - matched = TRUE; if (rc == TRUE) { DPRINTF(("LDAP entry: %p", entry), 1); /* Apply entry-specific options. */ @@ -2354,7 +2354,7 @@ sudo_ldap_result_get(struct sudo_nss *nss, struct passwd *pw) } result = NULL; rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE, filt, - NULL, 0, NULL, NULL, NULL, 0, &result); + NULL, 0, NULL, NULL, tvp, 0, &result); if (rc != LDAP_SUCCESS) { DPRINTF(("nothing found for '%s'", filt), 1); continue; diff --git a/plugins/sudoers/parse.c b/plugins/sudoers/parse.c index 1895d7aef..303d13500 100644 --- a/plugins/sudoers/parse.c +++ b/plugins/sudoers/parse.c @@ -500,34 +500,29 @@ display_bound_defaults(int dtype, struct lbuf *lbuf) { struct defaults *d; struct member *m, *binding = NULL; - char *dname, *dsep; + char *dsep; int atype, nfound = 0; switch (dtype) { case DEFAULTS_HOST: atype = HOSTALIAS; - dname = "host"; dsep = "@"; break; case DEFAULTS_USER: atype = USERALIAS; - dname = "user"; dsep = ":"; break; case DEFAULTS_RUNAS: atype = RUNASALIAS; - dname = "runas"; dsep = ">"; break; case DEFAULTS_CMND: atype = CMNDALIAS; - dname = "cmnd"; dsep = "!"; break; default: return -1; } - /* sudo_printf(SUDO_CONV_INFO_MSG, _("Per-%s Defaults entries:\n"), dname); */ tq_foreach_fwd(&defaults, d) { if (d->type != dtype) continue; diff --git a/plugins/sudoers/set_perms.c b/plugins/sudoers/set_perms.c index 4beb0ab95..84215fb09 100644 --- a/plugins/sudoers/set_perms.c +++ b/plugins/sudoers/set_perms.c @@ -98,7 +98,7 @@ rewind_perms(void) int set_perms(int perm) { - struct perm_state *state, *ostate = NULL; + struct perm_state *state, *ostate; const char *errstr; int noexit; @@ -112,11 +112,16 @@ set_perms(int perm) } state = &perm_stack[perm_stack_depth]; - if (perm_stack_depth) + if (perm != PERM_INITIAL) { + if (perm_stack_depth == 0) { + errstr = _("perm stack underflow"); + errno = EINVAL; + goto bad; + } ostate = &perm_stack[perm_stack_depth - 1]; - - if (perm != PERM_INITIAL && memcmp(state, ostate, sizeof(*state)) == 0) - goto done; + if (memcmp(state, ostate, sizeof(*state)) == 0) + goto done; + } switch (perm) { case PERM_INITIAL: @@ -339,7 +344,7 @@ bad: int set_perms(int perm) { - struct perm_state *state, *ostate = NULL; + struct perm_state *state, *ostate; const char *errstr; int noexit; @@ -353,11 +358,16 @@ set_perms(int perm) } state = &perm_stack[perm_stack_depth]; - if (perm_stack_depth) + if (perm != PERM_INITIAL) { + if (perm_stack_depth == 0) { + errstr = _("perm stack underflow"); + errno = EINVAL; + goto bad; + } ostate = &perm_stack[perm_stack_depth - 1]; - - if (perm != PERM_INITIAL && memcmp(state, ostate, sizeof(*state)) == 0) - goto done; + if (memcmp(state, ostate, sizeof(*state)) == 0) + goto done; + } switch (perm) { case PERM_INITIAL: @@ -566,7 +576,7 @@ bad: int set_perms(int perm) { - struct perm_state *state, *ostate = NULL; + struct perm_state *state, *ostate; const char *errstr; int noexit; @@ -580,11 +590,16 @@ set_perms(int perm) } state = &perm_stack[perm_stack_depth]; - if (perm_stack_depth) + if (perm != PERM_INITIAL) { + if (perm_stack_depth == 0) { + errstr = _("perm stack underflow"); + errno = EINVAL; + goto bad; + } ostate = &perm_stack[perm_stack_depth - 1]; - - if (perm != PERM_INITIAL && memcmp(state, ostate, sizeof(*state)) == 0) - goto done; + if (memcmp(state, ostate, sizeof(*state)) == 0) + goto done; + } /* * Since we only have setuid() and seteuid() and semantics @@ -795,7 +810,7 @@ bad: int set_perms(int perm) { - struct perm_state *state, *ostate = NULL; + struct perm_state *state, *ostate; const char *errstr; int noexit; @@ -809,11 +824,16 @@ set_perms(int perm) } state = &perm_stack[perm_stack_depth]; - if (perm_stack_depth) + if (perm != PERM_INITIAL) { + if (perm_stack_depth == 0) { + errstr = _("perm stack underflow"); + errno = EINVAL; + goto bad; + } ostate = &perm_stack[perm_stack_depth - 1]; - - if (perm != PERM_INITIAL && memcmp(state, ostate, sizeof(*state)) == 0) - goto done; + if (memcmp(state, ostate, sizeof(*state)) == 0) + goto done; + } switch (perm) { case PERM_INITIAL: diff --git a/plugins/sudoers/toke.c b/plugins/sudoers/toke.c index 44f89f15f..7bb8eb310 100644 --- a/plugins/sudoers/toke.c +++ b/plugins/sudoers/toke.c @@ -4,7 +4,7 @@ /* A lexical scanner generated by flex */ /* Scanner skeleton version: - * $Header: /home/cvs/openbsd/src/usr.bin/lex/flex.skl,v 1.11 2010/08/04 18:24:50 millert Exp $ + * $Header: /cvs/src/usr.bin/lex/flex.skl,v 1.11 2010/08/04 18:24:50 millert Exp $ */ #define FLEX_SCANNER @@ -3609,8 +3609,10 @@ parse_include(char *base) /* Make a copy of path and return it. */ len += (int)(ep - cp); - if ((path = malloc(len + 1)) == NULL) + if ((path = malloc(len + 1)) == NULL) { yyerror(_("unable to allocate memory")); + return NULL; + } if (subst) { /* substitute for %h */ char *pp = path; diff --git a/plugins/sudoers/toke.l b/plugins/sudoers/toke.l index 42540e256..398e1d135 100644 --- a/plugins/sudoers/toke.l +++ b/plugins/sudoers/toke.l @@ -900,8 +900,10 @@ parse_include(char *base) /* Make a copy of path and return it. */ len += (int)(ep - cp); - if ((path = malloc(len + 1)) == NULL) + if ((path = malloc(len + 1)) == NULL) { yyerror(_("unable to allocate memory")); + return NULL; + } if (subst) { /* substitute for %h */ char *pp = path; -- 2.40.0