From 8eff57f070ba65da894dee5bd5807323c0bca1a4 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 4 Jun 2015 20:42:42 -0600 Subject: [PATCH] Bring back VALIDATE_ERROR which will be used in the case of memory allocation errors. --- plugins/sudoers/logging.c | 2 +- plugins/sudoers/sudoers.c | 6 +++++- plugins/sudoers/sudoers.h | 5 +++-- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/plugins/sudoers/logging.c b/plugins/sudoers/logging.c index 16f50fc7a..5e4cf6847 100644 --- a/plugins/sudoers/logging.c +++ b/plugins/sudoers/logging.c @@ -770,7 +770,7 @@ should_mail(int status) { debug_decl(should_mail, SUDOERS_DEBUG_LOGGING) - debug_return_bool(def_mail_always || + debug_return_bool(def_mail_always || ISSET(status, VALIDATE_ERROR) || (def_mail_all_cmnds && ISSET(sudo_mode, (MODE_RUN|MODE_EDIT))) || (def_mail_no_user && ISSET(status, FLAG_NO_USER)) || (def_mail_no_host && ISSET(status, FLAG_NO_HOST)) || diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c index cdeadcac1..8d6b1db7c 100644 --- a/plugins/sudoers/sudoers.c +++ b/plugins/sudoers/sudoers.c @@ -294,7 +294,11 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[], TAILQ_FOREACH(nss, snl, entries) { validated = nss->lookup(nss, validated, pwflag); - if (ISSET(validated, VALIDATE_SUCCESS)) { + if (ISSET(validated, VALIDATE_ERROR)) { + /* The lookup function should have printed an error. */ + rval = -1; + goto done; + } else if (ISSET(validated, VALIDATE_SUCCESS)) { /* Handle [SUCCESS=return] */ if (nss->ret_if_found) break; diff --git a/plugins/sudoers/sudoers.h b/plugins/sudoers/sudoers.h index de4e87f3f..b44c118e0 100644 --- a/plugins/sudoers/sudoers.h +++ b/plugins/sudoers/sudoers.h @@ -113,8 +113,9 @@ struct sudo_user { * Return values for sudoers_lookup(), also used as arguments for log_auth() * Note: cannot use '0' as a value here. */ -#define VALIDATE_SUCCESS 0x001 -#define VALIDATE_FAILURE 0x002 +#define VALIDATE_ERROR 0x001 +#define VALIDATE_SUCCESS 0x002 +#define VALIDATE_FAILURE 0x004 #define FLAG_CHECK_USER 0x010 #define FLAG_NO_USER 0x020 #define FLAG_NO_HOST 0x040 -- 2.40.0