From bd36d4f2ab6b05da000dd7fdc359139c68fd94e8 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 20 May 2011 15:25:03 -0400 Subject: [PATCH] Add primitive format string support to the lbuf code to make translations simpler. --- common/lbuf.c | 122 +++++++++++++++++---------------- include/lbuf.h | 4 +- plugins/sudoers/ldap.c | 62 +++++++---------- plugins/sudoers/parse.c | 107 ++++++++++++++--------------- plugins/sudoers/sudo_nss.c | 17 ++--- src/parse_args.c | 136 +++++++++++++++---------------------- 6 files changed, 207 insertions(+), 241 deletions(-) diff --git a/common/lbuf.c b/common/lbuf.c index 92f489ef1..dc2b7bfaf 100644 --- a/common/lbuf.c +++ b/common/lbuf.c @@ -69,81 +69,89 @@ lbuf_destroy(struct lbuf *lbuf) } /* - * Append strings to the buffer, expanding it as needed. + * Parse the format and append strings, only %s and %% escapes are supported. + * Any characters in set are quoted with a backslash. */ void -lbuf_append_quoted(struct lbuf *lbuf, const char *set, ...) +lbuf_append_quoted(struct lbuf *lbuf, const char *set, const char *fmt, ...) { va_list ap; - int len = 0; - char *cp, *s; - - va_start(ap, set); - while ((s = va_arg(ap, char *)) != NULL) { - len += strlen(s); - for (cp = s; (cp = strpbrk(cp, set)) != NULL; cp++) - len++; - } - va_end(ap); - - /* Expand buffer as needed. */ - if (lbuf->len + len >= lbuf->size) { - do { - lbuf->size += 256; - } while (lbuf->len + len >= lbuf->size); - lbuf->buf = erealloc(lbuf->buf, lbuf->size); - } + int len; + char *cp, *s = NULL; - va_start(ap, set); - /* Append each string. */ - while ((s = va_arg(ap, char *)) != NULL) { - while ((cp = strpbrk(s, set)) != NULL) { - len = (int)(cp - s); - memcpy(lbuf->buf + lbuf->len, s, len); - lbuf->len += len; - lbuf->buf[lbuf->len++] = '\\'; - lbuf->buf[lbuf->len++] = *cp; - s = cp + 1; - } - if (*s != '\0') { + va_start(ap, fmt); + while (*fmt != '\0') { + len = 1; + if (fmt[0] == '%' && fmt[1] == 's') { + s = va_arg(ap, char *); len = strlen(s); - memcpy(lbuf->buf + lbuf->len, s, len); - lbuf->len += len; } + /* Assume worst case that all chars must be escaped. */ + if (lbuf->len + (len * 2) + 1 >= lbuf->size) { + do { + lbuf->size += 256; + } while (lbuf->len + len + 1 >= lbuf->size); + lbuf->buf = erealloc(lbuf->buf, lbuf->size); + } + if (*fmt == '%') { + if (*(++fmt) == 's') { + while ((cp = strpbrk(s, set)) != NULL) { + len = (int)(cp - s); + memcpy(lbuf->buf + lbuf->len, s, len); + lbuf->len += len; + lbuf->buf[lbuf->len++] = '\\'; + lbuf->buf[lbuf->len++] = *cp; + s = cp + 1; + } + if (*s != '\0') { + len = strlen(s); + memcpy(lbuf->buf + lbuf->len, s, len); + lbuf->len += len; + } + fmt++; + continue; + } + } + if (strchr(set, *fmt) != NULL) + lbuf->buf[lbuf->len++] = '\\'; + lbuf->buf[lbuf->len++] = *fmt++; } lbuf->buf[lbuf->len] = '\0'; va_end(ap); } /* - * Append strings to the buffer, expanding it as needed. + * Parse the format and append strings, only %s and %% escapes are supported. */ void -lbuf_append(struct lbuf *lbuf, ...) +lbuf_append(struct lbuf *lbuf, const char *fmt, ...) { va_list ap; - int len = 0; - char *s; - - va_start(ap, lbuf); - while ((s = va_arg(ap, char *)) != NULL) - len += strlen(s); - va_end(ap); - - /* Expand buffer as needed. */ - if (lbuf->len + len >= lbuf->size) { - do { - lbuf->size += 256; - } while (lbuf->len + len >= lbuf->size); - lbuf->buf = erealloc(lbuf->buf, lbuf->size); - } + int len; + char *s = NULL; - va_start(ap, lbuf); - /* Append each string. */ - while ((s = va_arg(ap, char *)) != NULL) { - len = strlen(s); - memcpy(lbuf->buf + lbuf->len, s, len); - lbuf->len += len; + va_start(ap, fmt); + while (*fmt != '\0') { + len = 1; + if (fmt[0] == '%' && fmt[1] == 's') { + s = va_arg(ap, char *); + len = strlen(s); + } + if (lbuf->len + len + 1 >= lbuf->size) { + do { + lbuf->size += 256; + } while (lbuf->len + len + 1 >= lbuf->size); + lbuf->buf = erealloc(lbuf->buf, lbuf->size); + } + if (*fmt == '%') { + if (*(++fmt) == 's') { + memcpy(lbuf->buf + lbuf->len, s, len); + lbuf->len += len; + fmt++; + continue; + } + } + lbuf->buf[lbuf->len++] = *fmt++; } lbuf->buf[lbuf->len] = '\0'; va_end(ap); diff --git a/include/lbuf.h b/include/lbuf.h index 501eeafc0..c6d509335 100644 --- a/include/lbuf.h +++ b/include/lbuf.h @@ -34,8 +34,8 @@ struct lbuf { void lbuf_init(struct lbuf *, int (*)(const char *), int, const char *, int); void lbuf_destroy(struct lbuf *); -void lbuf_append(struct lbuf *, ...); -void lbuf_append_quoted(struct lbuf *, const char *, ...); +void lbuf_append(struct lbuf *, const char *, ...) __printflike(2, 3); +void lbuf_append_quoted(struct lbuf *, const char *, const char *, ...) __printflike(3, 4); void lbuf_print(struct lbuf *); #endif /* _SUDO_LBUF_H */ diff --git a/plugins/sudoers/ldap.c b/plugins/sudoers/ldap.c index bd5e3ffed..08835d8f9 100644 --- a/plugins/sudoers/ldap.c +++ b/plugins/sudoers/ldap.c @@ -1430,7 +1430,7 @@ sudo_ldap_display_defaults(struct sudo_nss *nss, struct passwd *pw, else prefix = ", "; for (p = bv; *p != NULL; p++) { - lbuf_append(lbuf, prefix, (*p)->bv_val, NULL); + lbuf_append(lbuf, "%s%s", prefix, (*p)->bv_val); prefix = ", "; count++; } @@ -1464,7 +1464,7 @@ sudo_ldap_display_entry_short(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf) struct berval **bv, **p; int count = 0; - lbuf_append(lbuf, " (", NULL); + lbuf_append(lbuf, " ("); /* get the RunAsUser Values from the entry */ bv = ldap_get_values_len(ld, entry, "sudoRunAsUser"); @@ -1472,26 +1472,22 @@ sudo_ldap_display_entry_short(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf) bv = ldap_get_values_len(ld, entry, "sudoRunAs"); if (bv != NULL) { for (p = bv; *p != NULL; p++) { - if (p != bv) - lbuf_append(lbuf, ", ", NULL); - lbuf_append(lbuf, (*p)->bv_val, NULL); + lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); } ldap_value_free_len(bv); } else - lbuf_append(lbuf, def_runas_default, NULL); + lbuf_append(lbuf, "%s", def_runas_default); /* get the RunAsGroup Values from the entry */ bv = ldap_get_values_len(ld, entry, "sudoRunAsGroup"); if (bv != NULL) { - lbuf_append(lbuf, " : ", NULL); + lbuf_append(lbuf, " : "); for (p = bv; *p != NULL; p++) { - if (p != bv) - lbuf_append(lbuf, ", ", NULL); - lbuf_append(lbuf, (*p)->bv_val, NULL); + lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); } ldap_value_free_len(bv); } - lbuf_append(lbuf, ") ", NULL); + lbuf_append(lbuf, ") "); /* get the Option Values from the entry */ bv = ldap_get_values_len(ld, entry, "sudoOption"); @@ -1513,7 +1509,7 @@ sudo_ldap_display_entry_short(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf) tag = (*p)->bv_val[0] == '!' ? "NOSETENV: " : "SETENV: "; if (tag != NULL) - lbuf_append(lbuf, tag, NULL); + lbuf_append(lbuf, tag); } ldap_value_free_len(bv); } @@ -1522,14 +1518,12 @@ sudo_ldap_display_entry_short(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf) bv = ldap_get_values_len(ld, entry, "sudoCommand"); if (bv != NULL) { for (p = bv; *p != NULL; p++) { - if (p != bv) - lbuf_append(lbuf, ", ", NULL); - lbuf_append(lbuf, (*p)->bv_val, NULL); + lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); count++; } ldap_value_free_len(bv); } - lbuf_append(lbuf, "\n", NULL); + lbuf_append(lbuf, "\n"); return count; } @@ -1547,52 +1541,46 @@ sudo_ldap_display_entry_long(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf) /* extract the dn, only show the first rdn */ rdn = sudo_ldap_get_first_rdn(ld, entry); if (rdn != NULL) - lbuf_append(lbuf, _("\nLDAP Role: "), rdn, "\n", NULL); + lbuf_append(lbuf, _("\nLDAP Role: %s\n"), rdn); else - lbuf_append(lbuf, _("\nLDAP Role: UNKNOWN\n"), NULL); + lbuf_append(lbuf, _("\nLDAP Role: UNKNOWN\n")); if (rdn) ldap_memfree(rdn); /* get the RunAsUser Values from the entry */ - lbuf_append(lbuf, " RunAsUsers: ", NULL); + lbuf_append(lbuf, " RunAsUsers: "); bv = ldap_get_values_len(ld, entry, "sudoRunAsUser"); if (bv == NULL) bv = ldap_get_values_len(ld, entry, "sudoRunAs"); if (bv != NULL) { for (p = bv; *p != NULL; p++) { - if (p != bv) - lbuf_append(lbuf, ", ", NULL); - lbuf_append(lbuf, (*p)->bv_val, NULL); + lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); } ldap_value_free_len(bv); } else - lbuf_append(lbuf, def_runas_default, NULL); - lbuf_append(lbuf, "\n", NULL); + lbuf_append(lbuf, "%s", def_runas_default); + lbuf_append(lbuf, "\n"); /* get the RunAsGroup Values from the entry */ bv = ldap_get_values_len(ld, entry, "sudoRunAsGroup"); if (bv != NULL) { - lbuf_append(lbuf, " RunAsGroups: ", NULL); + lbuf_append(lbuf, " RunAsGroups: "); for (p = bv; *p != NULL; p++) { - if (p != bv) - lbuf_append(lbuf, ", ", NULL); - lbuf_append(lbuf, (*p)->bv_val, NULL); + lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); } ldap_value_free_len(bv); - lbuf_append(lbuf, "\n", NULL); + lbuf_append(lbuf, "\n"); } /* get the Option Values from the entry */ bv = ldap_get_values_len(ld, entry, "sudoOption"); if (bv != NULL) { - lbuf_append(lbuf, " Options: ", NULL); + lbuf_append(lbuf, " Options: "); for (p = bv; *p != NULL; p++) { - if (p != bv) - lbuf_append(lbuf, ", ", NULL); - lbuf_append(lbuf, (*p)->bv_val, NULL); + lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); } ldap_value_free_len(bv); - lbuf_append(lbuf, "\n", NULL); + lbuf_append(lbuf, "\n"); } /* @@ -1602,7 +1590,7 @@ sudo_ldap_display_entry_long(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf) bv = ldap_get_values_len(ld, entry, "sudoOrder"); if (bv != NULL) { if (*bv != NULL) { - lbuf_append(lbuf, " Order: ", (*bv)->bv_val, "\n", NULL); + lbuf_append(lbuf, _(" Order: %s\n"), (*bv)->bv_val); } ldap_value_free_len(bv); } @@ -1610,9 +1598,9 @@ sudo_ldap_display_entry_long(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf) /* Get the command values from the entry. */ bv = ldap_get_values_len(ld, entry, "sudoCommand"); if (bv != NULL) { - lbuf_append(lbuf, " Commands:\n", NULL); + lbuf_append(lbuf, _(" Commands:\n")); for (p = bv; *p != NULL; p++) { - lbuf_append(lbuf, "\t", (*p)->bv_val, "\n", NULL); + lbuf_append(lbuf, "\t%s\n", (*p)->bv_val); count++; } ldap_value_free_len(bv); diff --git a/plugins/sudoers/parse.c b/plugins/sudoers/parse.c index b487336cd..00693e5a6 100644 --- a/plugins/sudoers/parse.c +++ b/plugins/sudoers/parse.c @@ -266,33 +266,28 @@ sudo_file_append_cmnd(struct cmndspec *cs, struct cmndtag *tags, #ifdef HAVE_SELINUX if (cs->role) - lbuf_append(lbuf, "ROLE=", cs->role, " ", NULL); + lbuf_append(lbuf, "ROLE=%s ", cs->role); if (cs->type) - lbuf_append(lbuf, "TYPE=", cs->type, " ", NULL); + lbuf_append(lbuf, "TYPE=%s ", cs->type); #endif /* HAVE_SELINUX */ if (TAG_CHANGED(setenv)) { - lbuf_append(lbuf, cs->tags.setenv ? "SETENV: " : - "NOSETENV: ", NULL); + lbuf_append(lbuf, cs->tags.setenv ? "SETENV: " : "NOSETENV: "); tags->setenv = cs->tags.setenv; } if (TAG_CHANGED(noexec)) { - lbuf_append(lbuf, cs->tags.noexec ? "NOEXEC: " : - "EXEC: ", NULL); + lbuf_append(lbuf, cs->tags.noexec ? "NOEXEC: " : "EXEC: "); tags->noexec = cs->tags.noexec; } if (TAG_CHANGED(nopasswd)) { - lbuf_append(lbuf, cs->tags.nopasswd ? "NOPASSWD: " : - "PASSWD: ", NULL); + lbuf_append(lbuf, cs->tags.nopasswd ? "NOPASSWD: " : "PASSWD: "); tags->nopasswd = cs->tags.nopasswd; } if (TAG_CHANGED(log_input)) { - lbuf_append(lbuf, cs->tags.log_input ? "LOG_INPUT: " : - "NOLOG_INPUT: ", NULL); + lbuf_append(lbuf, cs->tags.log_input ? "LOG_INPUT: " : "NOLOG_INPUT: "); tags->log_input = cs->tags.log_input; } if (TAG_CHANGED(log_output)) { - lbuf_append(lbuf, cs->tags.log_output ? "LOG_OUTPUT: " : - "NOLOG_OUTPUT: ", NULL); + lbuf_append(lbuf, cs->tags.log_output ? "LOG_OUTPUT: " : "NOLOG_OUTPUT: "); tags->log_output = cs->tags.log_output; } m = cs->cmnd; @@ -318,37 +313,37 @@ sudo_file_display_priv_short(struct passwd *pw, struct userspec *us, tags.nopasswd = UNSPEC; tags.log_input = UNSPEC; tags.log_output = UNSPEC; - lbuf_append(lbuf, " ", NULL); + lbuf_append(lbuf, " "); tq_foreach_fwd(&priv->cmndlist, cs) { if (cs != tq_first(&priv->cmndlist)) - lbuf_append(lbuf, ", ", NULL); - lbuf_append(lbuf, "(", NULL); + lbuf_append(lbuf, ", "); + lbuf_append(lbuf, "("); if (!tq_empty(&cs->runasuserlist)) { tq_foreach_fwd(&cs->runasuserlist, m) { if (m != tq_first(&cs->runasuserlist)) - lbuf_append(lbuf, ", ", NULL); + lbuf_append(lbuf, ", "); print_member(lbuf, m->name, m->type, m->negated, RUNASALIAS); } } else if (tq_empty(&cs->runasgrouplist)) { - lbuf_append(lbuf, def_runas_default, NULL); + lbuf_append(lbuf, "%s", def_runas_default); } else { - lbuf_append(lbuf, pw->pw_name, NULL); + lbuf_append(lbuf, "%s", pw->pw_name); } if (!tq_empty(&cs->runasgrouplist)) { - lbuf_append(lbuf, " : ", NULL); + lbuf_append(lbuf, " : "); tq_foreach_fwd(&cs->runasgrouplist, m) { if (m != tq_first(&cs->runasgrouplist)) - lbuf_append(lbuf, ", ", NULL); + lbuf_append(lbuf, ", "); print_member(lbuf, m->name, m->type, m->negated, RUNASALIAS); } } - lbuf_append(lbuf, ") ", NULL); + lbuf_append(lbuf, ") "); sudo_file_append_cmnd(cs, &tags, lbuf); nfound++; } - lbuf_append(lbuf, "\n", NULL); + lbuf_append(lbuf, "\n"); } return nfound; } @@ -371,35 +366,35 @@ sudo_file_display_priv_long(struct passwd *pw, struct userspec *us, tags.nopasswd = UNSPEC; tags.log_input = UNSPEC; tags.log_output = UNSPEC; - lbuf_append(lbuf, _("\nSudoers entry:\n"), NULL); + lbuf_append(lbuf, _("\nSudoers entry:\n")); tq_foreach_fwd(&priv->cmndlist, cs) { - lbuf_append(lbuf, " ", _("RunAsUsers: "), NULL); + lbuf_append(lbuf, _(" RunAsUsers: ")); if (!tq_empty(&cs->runasuserlist)) { tq_foreach_fwd(&cs->runasuserlist, m) { if (m != tq_first(&cs->runasuserlist)) - lbuf_append(lbuf, ", ", NULL); + lbuf_append(lbuf, ", "); print_member(lbuf, m->name, m->type, m->negated, RUNASALIAS); } } else if (tq_empty(&cs->runasgrouplist)) { - lbuf_append(lbuf, def_runas_default, NULL); + lbuf_append(lbuf, "%s", def_runas_default); } else { - lbuf_append(lbuf, pw->pw_name, NULL); + lbuf_append(lbuf, "%s", pw->pw_name); } - lbuf_append(lbuf, "\n", NULL); + lbuf_append(lbuf, "\n"); if (!tq_empty(&cs->runasgrouplist)) { - lbuf_append(lbuf, " ", _("RunAsGroups: "), NULL); + lbuf_append(lbuf, _(" RunAsGroups: ")); tq_foreach_fwd(&cs->runasgrouplist, m) { if (m != tq_first(&cs->runasgrouplist)) - lbuf_append(lbuf, ", ", NULL); + lbuf_append(lbuf, ", "); print_member(lbuf, m->name, m->type, m->negated, RUNASALIAS); } - lbuf_append(lbuf, "\n", NULL); + lbuf_append(lbuf, "\n"); } - lbuf_append(lbuf, " ", _("Commands:\n\t"), NULL); + lbuf_append(lbuf, _(" Commands:\n\t")); sudo_file_append_cmnd(cs, &tags, lbuf); - lbuf_append(lbuf, "\n", NULL); + lbuf_append(lbuf, "\n"); nfound++; } } @@ -462,18 +457,18 @@ sudo_file_display_defaults(struct sudo_nss *nss, struct passwd *pw, case DEFAULTS_CMND: continue; } - lbuf_append(lbuf, prefix, NULL); + lbuf_append(lbuf, prefix); if (d->val != NULL) { - lbuf_append(lbuf, d->var, d->op == '+' ? "+=" : - d->op == '-' ? "-=" : "=", NULL); + lbuf_append(lbuf, "%s%s", d->var, d->op == '+' ? "+=" : + d->op == '-' ? "-=" : "="); if (strpbrk(d->val, " \t") != NULL) { - lbuf_append(lbuf, "\"", NULL); - lbuf_append_quoted(lbuf, "\"", d->val, NULL); - lbuf_append(lbuf, "\"", NULL); + lbuf_append(lbuf, "\""); + lbuf_append_quoted(lbuf, "\"", "%s", d->val); + lbuf_append(lbuf, "\""); } else - lbuf_append_quoted(lbuf, SUDOERS_QUOTED, d->val, NULL); + lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", d->val); } else - lbuf_append(lbuf, d->op == FALSE ? "!" : "", d->var, NULL); + lbuf_append(lbuf, "%s%s", d->op == FALSE ? "!" : "", d->var); prefix = ", "; nfound++; } @@ -541,21 +536,21 @@ display_bound_defaults(int dtype, struct lbuf *lbuf) if (binding != tq_first(&d->binding)) { binding = tq_first(&d->binding); if (nfound != 1) - lbuf_append(lbuf, "\n", NULL); - lbuf_append(lbuf, " Defaults", dsep, NULL); + lbuf_append(lbuf, "\n"); + lbuf_append(lbuf, " Defaults%s", dsep); for (m = binding; m != NULL; m = m->next) { if (m != binding) - lbuf_append(lbuf, ",", NULL); + lbuf_append(lbuf, ","); print_member(lbuf, m->name, m->type, m->negated, atype); - lbuf_append(lbuf, " ", NULL); + lbuf_append(lbuf, " "); } } else - lbuf_append(lbuf, ", ", NULL); + lbuf_append(lbuf, ", "); if (d->val != NULL) { - lbuf_append(lbuf, d->var, d->op == '+' ? "+=" : - d->op == '-' ? "-=" : "=", d->val, NULL); + lbuf_append(lbuf, "%s%s%s", d->var, d->op == '+' ? "+=" : + d->op == '-' ? "-=" : "=", d->val); } else - lbuf_append(lbuf, d->op == FALSE ? "!" : "", d->var, NULL); + lbuf_append(lbuf, "%s%s", d->op == FALSE ? "!" : "", d->var); } return nfound; @@ -619,23 +614,23 @@ _print_member(struct lbuf *lbuf, char *name, int type, int negated, switch (type) { case ALL: - lbuf_append(lbuf, negated ? "!ALL" : "ALL", NULL); + lbuf_append(lbuf, "%sALL", negated ? "!" : ""); break; case COMMAND: c = (struct sudo_command *) name; if (negated) - lbuf_append(lbuf, "!", NULL); - lbuf_append_quoted(lbuf, SUDOERS_QUOTED, c->cmnd, NULL); + lbuf_append(lbuf, "!"); + lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", c->cmnd); if (c->args) { - lbuf_append(lbuf, " ", NULL); - lbuf_append_quoted(lbuf, SUDOERS_QUOTED, c->args, NULL); + lbuf_append(lbuf, " "); + lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", c->args); } break; case ALIAS: if ((a = alias_find(name, alias_type)) != NULL) { tq_foreach_fwd(&a->members, m) { if (m != tq_first(&a->members)) - lbuf_append(lbuf, ", ", NULL); + lbuf_append(lbuf, ", "); _print_member(lbuf, m->name, m->type, negated ? !m->negated : m->negated, alias_type); } @@ -643,7 +638,7 @@ _print_member(struct lbuf *lbuf, char *name, int type, int negated, } /* FALLTHROUGH */ default: - lbuf_append(lbuf, negated ? "!" : "", name, NULL); + lbuf_append(lbuf, "%s%s", negated ? "!" : "", name); break; } } diff --git a/plugins/sudoers/sudo_nss.c b/plugins/sudoers/sudo_nss.c index aaf1f9950..22257d212 100644 --- a/plugins/sudoers/sudo_nss.c +++ b/plugins/sudoers/sudo_nss.c @@ -263,33 +263,34 @@ display_privs(struct sudo_nss_list *snl, struct passwd *pw) lbuf_init(&privs, output, 4, NULL, sudo_user.cols); /* Display defaults from all sources. */ - lbuf_append(&defs, _("Matching Defaults entries for "), pw->pw_name, - _(" on this host:\n"), NULL); + lbuf_append(&defs, _("Matching Defaults entries for %s on this host:\n"), + pw->pw_name); count = 0; tq_foreach_fwd(snl, nss) { count += nss->display_defaults(nss, pw, &defs); } if (count) - lbuf_append(&defs, "\n\n", NULL); + lbuf_append(&defs, "\n\n"); else defs.len = 0; /* Display Runas and Cmnd-specific defaults from all sources. */ olen = defs.len; - lbuf_append(&defs, _("Runas and Command-specific defaults for "), - pw->pw_name, ":\n", NULL); + lbuf_append(&defs, _("Runas and Command-specific defaults for %s:\n"), + pw->pw_name); count = 0; tq_foreach_fwd(snl, nss) { count += nss->display_bound_defaults(nss, pw, &defs); } if (count) - lbuf_append(&defs, "\n\n", NULL); + lbuf_append(&defs, "\n\n"); else defs.len = olen; /* Display privileges from all sources. */ - lbuf_append(&privs, _("User "), pw->pw_name, - _(" may run the following commands on this host:\n"), NULL); + lbuf_append(&privs, + _("User %s may run the following commands on this host:\n"), + pw->pw_name); count = 0; tq_foreach_fwd(snl, nss) { count += nss->display_privs(nss, pw, &privs); diff --git a/src/parse_args.c b/src/parse_args.c index 79b881db5..c2a7842d3 100644 --- a/src/parse_args.c +++ b/src/parse_args.c @@ -485,7 +485,7 @@ usage(int fatal) lbuf_init(&lbuf, fatal ? usage_err : usage_out, ulen, NULL, user_details.ts_cols); for (i = 0; uvec[i] != NULL; i++) { - lbuf_append(&lbuf, "usage: ", getprogname(), uvec[i], NULL); + lbuf_append(&lbuf, "usage: %s%s", getprogname(), uvec[i]); lbuf_print(&lbuf); } lbuf_destroy(&lbuf); @@ -512,100 +512,74 @@ help(void) lbuf_init(&lbuf, usage_out, indent, NULL, user_details.ts_cols); if (strcmp(pname, "sudoedit") == 0) - lbuf_append(&lbuf, pname, _(" - edit files as another user\n\n"), NULL); + lbuf_append(&lbuf, _("%s - edit files as another user\n\n"), pname); else - lbuf_append(&lbuf, pname, _(" - execute a command as another user\n\n"), NULL); + lbuf_append(&lbuf, _("%s - execute a command as another user\n\n"), pname); lbuf_print(&lbuf); usage(0); - lbuf_append(&lbuf, _("\nOptions:\n"), NULL); + lbuf_append(&lbuf, _("\nOptions:\n")); #ifdef HAVE_BSD_AUTH_H - lbuf_append(&lbuf, - " -A ", - _("use helper program for password prompting\n"), NULL); + lbuf_append(&lbuf, " -A %s", + _("use helper program for password prompting\n")); #endif - lbuf_append(&lbuf, - " -a type ", - _("use specified BSD authentication type\n"), NULL); - lbuf_append(&lbuf, - " -b ", - _("run command in the background\n"), NULL); - lbuf_append(&lbuf, - " -C fd ", - _("close all file descriptors >= fd\n"), NULL); + lbuf_append(&lbuf, " -a type %s", + _("use specified BSD authentication type\n")); + lbuf_append(&lbuf, " -b %s", + _("run command in the background\n")); + lbuf_append(&lbuf, " -C fd %s", + _("close all file descriptors >= fd\n")); #ifdef HAVE_LOGIN_CAP_H - lbuf_append(&lbuf, - " -c class ", - _("run command with specified login class\n"), NULL); + lbuf_append(&lbuf, " -c class %s", + _("run command with specified login class\n")); #endif - lbuf_append(&lbuf, - " -E ", - _("preserve user environment when executing command\n"), NULL); - lbuf_append(&lbuf, - " -e ", - _("edit files instead of running a command\n"), NULL); - lbuf_append(&lbuf, - " -g group ", - _("execute command as the specified group\n"), NULL); - lbuf_append(&lbuf, - " -H ", - _("set HOME variable to target user's home dir.\n"), NULL); - lbuf_append(&lbuf, - " -h ", - _("display help message and exit\n"), NULL); - lbuf_append(&lbuf, - " -i [command] ", - _("run a login shell as target user\n"), NULL); - lbuf_append(&lbuf, - " -K ", - _("remove timestamp file completely\n"), NULL); - lbuf_append(&lbuf, - " -k ", - _("invalidate timestamp file\n"), NULL); - lbuf_append(&lbuf, - " -l[l] command ", - _("list user's available commands\n"), NULL); - lbuf_append(&lbuf, - " -n ", - _("non-interactive mode, will not prompt user\n"), NULL); - lbuf_append(&lbuf, - " -P ", - _("preserve group vector instead of setting to target's\n"), NULL); - lbuf_append(&lbuf, - " -p prompt ", - _("use specified password prompt\n"), NULL); + lbuf_append(&lbuf, " -E %s", + _("preserve user environment when executing command\n")); + lbuf_append(&lbuf, " -e %s", + _("edit files instead of running a command\n")); + lbuf_append(&lbuf, " -g group %s", + _("execute command as the specified group\n")); + lbuf_append(&lbuf, " -H %s", + _("set HOME variable to target user's home dir.\n")); + lbuf_append(&lbuf, " -h %s", + _("display help message and exit\n")); + lbuf_append(&lbuf, " -i [command] %s", + _("run a login shell as target user\n")); + lbuf_append(&lbuf, " -K %s", + _("remove timestamp file completely\n")); + lbuf_append(&lbuf, " -k %s", + _("invalidate timestamp file\n")); + lbuf_append(&lbuf, " -l[l] command %s", + _("list user's available commands\n")); + lbuf_append(&lbuf, " -n %s", + _("non-interactive mode, will not prompt user\n")); + lbuf_append(&lbuf, " -P %s", + _("preserve group vector instead of setting to target's\n")); + lbuf_append(&lbuf, " -p prompt %s", + _("use specified password prompt\n")); #ifdef HAVE_SELINUX - lbuf_append(&lbuf, - " -r role ", - _("create SELinux security context with specified role\n"), NULL); + lbuf_append(&lbuf, " -r role %s", + _("create SELinux security context with specified role\n")); #endif + lbuf_append(&lbuf, " -S %s", + _("read password from standard input\n")); lbuf_append(&lbuf, - " -S ", - _("read password from standard input\n"), NULL); - lbuf_append(&lbuf, - " -s [command] ", - _("run a shell as target user\n"), NULL); + " -s [command] %s", _("run a shell as target user\n")); #ifdef HAVE_SELINUX - lbuf_append(&lbuf, - " -t type ", - _("create SELinux security context with specified role\n"), NULL); + lbuf_append(&lbuf, " -t type %s", + _("create SELinux security context with specified role\n")); #endif - lbuf_append(&lbuf, - " -U user ", - _("when listing, list specified user's privileges\n"), NULL); - lbuf_append(&lbuf, - " -u user ", - _("run command (or edit file) as specified user\n"), NULL); - lbuf_append(&lbuf, - " -V ", - _("display version information and exit\n"), NULL); - lbuf_append(&lbuf, - " -v ", - _("update user's timestamp without running a command\n"), NULL); - lbuf_append(&lbuf, - " -- ", - _("stop processing command line arguments\n"), NULL); + lbuf_append(&lbuf, " -U user %s", + _("when listing, list specified user's privileges\n")); + lbuf_append(&lbuf, " -u user %s", + _("run command (or edit file) as specified user\n")); + lbuf_append(&lbuf, " -V %s", + _("display version information and exit\n")); + lbuf_append(&lbuf, " -v %s", + _("update user's timestamp without running a command\n")); + lbuf_append(&lbuf, " -- %s", + _("stop processing command line arguments\n")); lbuf_print(&lbuf); lbuf_destroy(&lbuf); exit(0); -- 2.40.0