From 54f9de6ccec7f156b256d9061c0634df9336608a Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 26 Jun 2015 15:58:04 -0600 Subject: [PATCH] Add an error flag to the lbuf struct to simplify error checking. Callers of the lbuf functions now check the error flag to tell if a memory allocation error ocurred. --- include/sudo_lbuf.h | 7 +++++- lib/util/lbuf.c | 29 ++++++++++++++++++++++- lib/util/util.exp.in | 2 ++ plugins/sudoers/ldap.c | 5 ++++ plugins/sudoers/parse.c | 35 +++++++++++++++++----------- plugins/sudoers/sssd.c | 4 ++++ plugins/sudoers/sudo_nss.c | 47 ++++++++++++++++++++++++++++++-------- 7 files changed, 104 insertions(+), 25 deletions(-) diff --git a/include/sudo_lbuf.h b/include/sudo_lbuf.h index ab565e1aa..d542a2adb 100644 --- a/include/sudo_lbuf.h +++ b/include/sudo_lbuf.h @@ -30,7 +30,8 @@ struct sudo_lbuf { int indent; int len; int size; - int cols; + short cols; + short error; }; typedef int (*sudo_lbuf_output_t)(const char *); @@ -40,11 +41,15 @@ __dso_public void sudo_lbuf_destroy_v1(struct sudo_lbuf *lbuf); __dso_public bool sudo_lbuf_append_v1(struct sudo_lbuf *lbuf, const char *fmt, ...) __printflike(2, 3); __dso_public bool sudo_lbuf_append_quoted_v1(struct sudo_lbuf *lbuf, const char *set, const char *fmt, ...) __printflike(3, 4); __dso_public void sudo_lbuf_print_v1(struct sudo_lbuf *lbuf); +__dso_public bool sudo_lbuf_error_v1(struct sudo_lbuf *lbuf); +__dso_public void sudo_lbuf_clearerr_v1(struct sudo_lbuf *lbuf); #define sudo_lbuf_init(_a, _b, _c, _d, _e) sudo_lbuf_init_v1((_a), (_b), (_c), (_d), (_e)) #define sudo_lbuf_destroy(_a) sudo_lbuf_destroy_v1((_a)) #define sudo_lbuf_append sudo_lbuf_append_v1 #define sudo_lbuf_append_quoted sudo_lbuf_append_quoted_v1 #define sudo_lbuf_print(_a) sudo_lbuf_print_v1((_a)) +#define sudo_lbuf_error(_a) sudo_lbuf_error_v1((_a)) +#define sudo_lbuf_clearerr(_a) sudo_lbuf_clearerr_v1((_a)) #endif /* SUDO_LBUF_H */ diff --git a/lib/util/lbuf.c b/lib/util/lbuf.c index ae4afbf83..d3411f163 100644 --- a/lib/util/lbuf.c +++ b/lib/util/lbuf.c @@ -46,6 +46,7 @@ sudo_lbuf_init_v1(struct sudo_lbuf *lbuf, sudo_lbuf_output_t output, lbuf->continuation = continuation; lbuf->indent = indent; lbuf->cols = cols; + lbuf->error = 0; lbuf->len = 0; lbuf->size = 0; lbuf->buf = NULL; @@ -74,8 +75,10 @@ sudo_lbuf_expand(struct sudo_lbuf *lbuf, int extra) do { new_size += 256; } while (lbuf->len + extra + 1 >= new_size); - if ((new_buf = realloc(lbuf->buf, new_size)) == NULL) + if ((new_buf = realloc(lbuf->buf, new_size)) == NULL) { + lbuf->error = 1; return false; + } lbuf->buf = new_buf; lbuf->size = new_size; } @@ -95,6 +98,9 @@ sudo_lbuf_append_quoted_v1(struct sudo_lbuf *lbuf, const char *set, const char * va_list ap; debug_decl(sudo_lbuf_append_quoted, SUDO_DEBUG_UTIL) + if (sudo_lbuf_error(lbuf)) + debug_return_bool(false); + va_start(ap, fmt); while (*fmt != '\0') { if (fmt[0] == '%' && fmt[1] == 's') { @@ -150,6 +156,9 @@ sudo_lbuf_append_v1(struct sudo_lbuf *lbuf, const char *fmt, ...) char *s; debug_decl(sudo_lbuf_append, SUDO_DEBUG_UTIL) + if (sudo_lbuf_error(lbuf)) + debug_return_bool(false); + va_start(ap, fmt); while (*fmt != '\0') { if (fmt[0] == '%' && fmt[1] == 's') { @@ -179,6 +188,7 @@ done: debug_return_bool(ret); } +/* XXX - check output function return value */ static void sudo_lbuf_println(struct sudo_lbuf *lbuf, char *line, int len) { @@ -240,6 +250,7 @@ sudo_lbuf_println(struct sudo_lbuf *lbuf, char *line, int len) /* * Print the buffer with word wrap based on the tty width. * The lbuf is reset on return. + * XXX - check output function return value */ void sudo_lbuf_print_v1(struct sudo_lbuf *lbuf) @@ -280,6 +291,22 @@ sudo_lbuf_print_v1(struct sudo_lbuf *lbuf) done: lbuf->len = 0; /* reset the buffer for re-use. */ + lbuf->error = 0; debug_return; } + +bool +sudo_lbuf_error_v1(struct sudo_lbuf *lbuf) +{ + if (lbuf != NULL && lbuf->error != 0) + return true; + return false; +} + +void +sudo_lbuf_clearerr_v1(struct sudo_lbuf *lbuf) +{ + if (lbuf != NULL) + lbuf->error = 0; +} diff --git a/lib/util/util.exp.in b/lib/util/util.exp.in index 2adcfa349..93c346ec9 100644 --- a/lib/util/util.exp.in +++ b/lib/util/util.exp.in @@ -61,7 +61,9 @@ sudo_gettime_mono_v1 sudo_gettime_real_v1 sudo_lbuf_append_quoted_v1 sudo_lbuf_append_v1 +sudo_lbuf_clearerr_v1 sudo_lbuf_destroy_v1 +sudo_lbuf_error_v1 sudo_lbuf_init_v1 sudo_lbuf_print_v1 sudo_lock_file_v1 diff --git a/plugins/sudoers/ldap.c b/plugins/sudoers/ldap.c index 0de60c3a6..540e13146 100644 --- a/plugins/sudoers/ldap.c +++ b/plugins/sudoers/ldap.c @@ -2225,6 +2225,7 @@ sudo_ldap_display_defaults(struct sudo_nss *nss, struct passwd *pw, filt = sudo_ldap_build_default_filter(); if (filt == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); + count = -1; goto done; } STAILQ_FOREACH(base, &ldap_conf.base, entries) { @@ -2256,6 +2257,8 @@ sudo_ldap_display_defaults(struct sudo_nss *nss, struct passwd *pw, } free(filt); done: + if (sudo_lbuf_error(lbuf)) + debug_return_int(-1); debug_return_int(count); } @@ -2457,6 +2460,8 @@ sudo_ldap_display_privs(struct sudo_nss *nss, struct passwd *pw, } done: + if (sudo_lbuf_error(lbuf)) + debug_return_int(-1); debug_return_int(count); } diff --git a/plugins/sudoers/parse.c b/plugins/sudoers/parse.c index 3b4baf836..f6ddff364 100644 --- a/plugins/sudoers/parse.c +++ b/plugins/sudoers/parse.c @@ -354,7 +354,7 @@ done: #define TAG_CHANGED(t) \ (TAG_SET(cs->tags.t) && cs->tags.t != tags->t) -static void +static bool sudo_file_append_cmnd(struct cmndspec *cs, struct cmndtag *tags, struct sudo_lbuf *lbuf) { @@ -373,31 +373,31 @@ sudo_file_append_cmnd(struct cmndspec *cs, struct cmndtag *tags, sudo_lbuf_append(lbuf, "TYPE=%s ", cs->type); #endif /* HAVE_SELINUX */ if (TAG_CHANGED(setenv)) { - sudo_lbuf_append(lbuf, cs->tags.setenv ? "SETENV: " : "NOSETENV: "); tags->setenv = cs->tags.setenv; + sudo_lbuf_append(lbuf, tags->setenv ? "SETENV: " : "NOSETENV: "); } if (TAG_CHANGED(noexec)) { - sudo_lbuf_append(lbuf, cs->tags.noexec ? "NOEXEC: " : "EXEC: "); tags->noexec = cs->tags.noexec; + sudo_lbuf_append(lbuf, tags->noexec ? "NOEXEC: " : "EXEC: "); } if (TAG_CHANGED(nopasswd)) { - sudo_lbuf_append(lbuf, cs->tags.nopasswd ? "NOPASSWD: " : "PASSWD: "); tags->nopasswd = cs->tags.nopasswd; + sudo_lbuf_append(lbuf, tags->nopasswd ? "NOPASSWD: " : "PASSWD: "); } if (TAG_CHANGED(log_input)) { - sudo_lbuf_append(lbuf, cs->tags.log_input ? "LOG_INPUT: " : "NOLOG_INPUT: "); tags->log_input = cs->tags.log_input; + sudo_lbuf_append(lbuf, tags->log_input ? "LOG_INPUT: " : "NOLOG_INPUT: "); } if (TAG_CHANGED(log_output)) { - sudo_lbuf_append(lbuf, cs->tags.log_output ? "LOG_OUTPUT: " : "NOLOG_OUTPUT: "); tags->log_output = cs->tags.log_output; + sudo_lbuf_append(lbuf, tags->log_output ? "LOG_OUTPUT: " : "NOLOG_OUTPUT: "); } if (TAG_CHANGED(send_mail)) { - sudo_lbuf_append(lbuf, cs->tags.send_mail ? "MAIL: " : "NOMAIL: "); tags->send_mail = cs->tags.send_mail; + sudo_lbuf_append(lbuf, tags->send_mail ? "MAIL: " : "NOMAIL: "); } print_member(lbuf, cs->cmnd, CMNDALIAS); - debug_return; + debug_return_bool(!sudo_lbuf_error(lbuf)); } #define RUNAS_CHANGED(cs1, cs2) \ @@ -451,11 +451,12 @@ sudo_file_display_priv_short(struct passwd *pw, struct userspec *us, } } sudo_lbuf_append(lbuf, ") "); - tags.noexec = UNSPEC; - tags.setenv = UNSPEC; - tags.nopasswd = UNSPEC; tags.log_input = UNSPEC; tags.log_output = UNSPEC; + tags.noexec = UNSPEC; + tags.nopasswd = UNSPEC; + tags.send_mail = UNSPEC; + tags.setenv = UNSPEC; } else if (cs != TAILQ_FIRST(&priv->cmndlist)) { sudo_lbuf_append(lbuf, ", "); } @@ -606,6 +607,8 @@ sudo_file_display_privs(struct sudo_nss *nss, struct passwd *pw, else nfound += sudo_file_display_priv_short(pw, us, lbuf); } + if (sudo_lbuf_error(lbuf)) + debug_return_int(-1); done: debug_return_int(nfound); } @@ -659,6 +662,8 @@ sudo_file_display_defaults(struct sudo_nss *nss, struct passwd *pw, prefix = ", "; nfound++; } + if (sudo_lbuf_error(lbuf)) + debug_return_int(-1); done: debug_return_int(nfound); } @@ -677,6 +682,8 @@ sudo_file_display_bound_defaults(struct sudo_nss *nss, struct passwd *pw, nfound += display_bound_defaults(DEFAULTS_RUNAS, lbuf); nfound += display_bound_defaults(DEFAULTS_CMND, lbuf); + if (sudo_lbuf_error(lbuf)) + debug_return_int(-1); debug_return_int(nfound); } @@ -738,6 +745,8 @@ display_bound_defaults(int dtype, struct sudo_lbuf *lbuf) sudo_lbuf_append(lbuf, "%s%s", d->op == false ? "!" : "", d->var); } + if (sudo_lbuf_error(lbuf)) + debug_return_int(-1); debug_return_int(nfound); } @@ -783,9 +792,9 @@ sudo_file_display_cmnd(struct sudo_nss *nss, struct passwd *pw) } matched: if (match != NULL && !match->negated) { - sudo_printf(SUDO_CONV_INFO_MSG, "%s%s%s\n", + const int len = sudo_printf(SUDO_CONV_INFO_MSG, "%s%s%s\n", safe_cmnd, user_args ? " " : "", user_args ? user_args : ""); - rval = 0; + rval = len == -1 ? -1 : 0; } done: debug_return_int(rval); diff --git a/plugins/sudoers/sssd.c b/plugins/sudoers/sssd.c index a30fdf9f5..5c9cf1d0c 100644 --- a/plugins/sudoers/sssd.c +++ b/plugins/sudoers/sssd.c @@ -1317,6 +1317,8 @@ sudo_sss_display_defaults(struct sudo_nss *nss, struct passwd *pw, handle->fn_free_result(sss_result); done: + if (sudo_lbuf_error(lbuf)) + debug_return_int(-1); debug_return_int(count); } @@ -1572,6 +1574,8 @@ sudo_sss_display_privs(struct sudo_nss *nss, struct passwd *pw, if (sss_result != NULL) handle->fn_free_result(sss_result); + if (sudo_lbuf_error(lbuf)) + debug_return_int(-1); debug_return_int(count); } diff --git a/plugins/sudoers/sudo_nss.c b/plugins/sudoers/sudo_nss.c index 8cef62574..e3d7e77b4 100644 --- a/plugins/sudoers/sudo_nss.c +++ b/plugins/sudoers/sudo_nss.c @@ -293,12 +293,17 @@ display_privs(struct sudo_nss_list *snl, struct passwd *pw) pw->pw_name, user_srunhost); count = 0; TAILQ_FOREACH(nss, snl, entries) { - count += nss->display_defaults(nss, pw, &defs); + const int n = nss->display_defaults(nss, pw, &defs); + if (n == -1) + goto bad; + count += n; } - if (count) + if (count) { sudo_lbuf_append(&defs, "\n\n"); - else + } else { + /* Undo Defaults header. */ defs.len = 0; + } /* Display Runas and Cmnd-specific defaults from all sources. */ olen = defs.len; @@ -306,12 +311,17 @@ display_privs(struct sudo_nss_list *snl, struct passwd *pw) pw->pw_name); count = 0; TAILQ_FOREACH(nss, snl, entries) { - count += nss->display_bound_defaults(nss, pw, &defs); + const int n = nss->display_bound_defaults(nss, pw, &defs); + if (n == -1) + goto bad; + count += n; } - if (count) + if (count) { sudo_lbuf_append(&defs, "\n\n"); - else + } else { + /* Undo Defaults header. */ defs.len = olen; + } /* Display privileges from all sources. */ sudo_lbuf_append(&privs, @@ -319,14 +329,21 @@ display_privs(struct sudo_nss_list *snl, struct passwd *pw) pw->pw_name, user_srunhost); count = 0; TAILQ_FOREACH(nss, snl, entries) { - count += nss->display_privs(nss, pw, &privs); + const int n = nss->display_privs(nss, pw, &privs); + if (n == -1) + goto bad; + count += n; } if (count == 0) { defs.len = 0; privs.len = 0; - sudo_lbuf_append(&privs, _("User %s is not allowed to run sudo on %s.\n"), + sudo_lbuf_append(&privs, + _("User %s is not allowed to run sudo on %s.\n"), pw->pw_name, user_shost); } + if (sudo_lbuf_error(&defs) || sudo_lbuf_error(&privs)) + goto bad; + sudo_lbuf_print(&defs); sudo_lbuf_print(&privs); @@ -334,6 +351,11 @@ display_privs(struct sudo_nss_list *snl, struct passwd *pw) sudo_lbuf_destroy(&privs); debug_return_int(count > 0); +bad: + sudo_lbuf_destroy(&defs); + sudo_lbuf_destroy(&privs); + + debug_return_int(-1); } /* @@ -348,9 +370,14 @@ display_cmnd(struct sudo_nss_list *snl, struct passwd *pw) debug_decl(display_cmnd, SUDOERS_DEBUG_NSS) /* XXX - display_cmnd return value is backwards */ + /* XXX - doesn't handle commands allowed by one backend denied by another. */ TAILQ_FOREACH(nss, snl, entries) { - if (nss->display_cmnd(nss, pw) == 0) - debug_return_int(true); + switch (nss->display_cmnd(nss, pw)) { + case 0: + debug_return_int(true); + case -1: + debug_return_int(-1); + } } debug_return_int(false); } -- 2.40.0