From cc31b3fd40c1daef5cc448f8a2d0c9d78637f444 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 26 Jan 2018 17:29:56 -0700 Subject: [PATCH] Parse sudoers in the front end, not the back end. --- plugins/sudoers/cvtsudoers.c | 28 ++++++++++++++++++--- plugins/sudoers/cvtsudoers_json.c | 42 ++++++------------------------- 2 files changed, 33 insertions(+), 37 deletions(-) diff --git a/plugins/sudoers/cvtsudoers.c b/plugins/sudoers/cvtsudoers.c index 8a85366fb..beb81497a 100644 --- a/plugins/sudoers/cvtsudoers.c +++ b/plugins/sudoers/cvtsudoers.c @@ -49,7 +49,7 @@ # include "compat/getopt.h" #endif /* HAVE_GETOPT_LONG */ -extern bool convert_sudoers_json(const char *, const char *); +extern bool convert_sudoers_json(const char *output_file); extern void parse_sudoers_options(void); extern void get_hostname(void); @@ -180,8 +180,30 @@ main(int argc, char *argv[]) if (!init_defaults()) sudo_fatalx(U_("unable to initialize sudoers default values")); - exitcode = convert_sudoers_json(input_file, output_file) ? - EXIT_SUCCESS : EXIT_FAILURE; + /* Open sudoers file and parse it. */ + if (strcmp(input_file, "-") == 0) { + sudoersin = stdin; + input_file = "stdin"; + } else if ((sudoersin = fopen(input_file, "r")) == NULL) + sudo_fatal(U_("unable to open %s"), input_file); + init_parser(input_file, false); + if (sudoersparse() && !parse_error) { + sudo_warnx(U_("failed to parse %s file, unknown error"), input_file); + parse_error = true; + rcstr_delref(errorfile); + if ((errorfile = rcstr_dup(input_file)) == NULL) + sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); + } + if (parse_error) { + if (errorlineno != -1) + sudo_warnx(U_("parse error in %s near line %d\n"), + errorfile, errorlineno); + else if (errorfile != NULL) + sudo_warnx(U_("parse error in %s\n"), errorfile); + goto done; + } + + exitcode = convert_sudoers_json(output_file) ? EXIT_SUCCESS : EXIT_FAILURE; done: sudo_debug_exit_int(__func__, __FILE__, __LINE__, sudo_debug_subsys, exitcode); diff --git a/plugins/sudoers/cvtsudoers_json.c b/plugins/sudoers/cvtsudoers_json.c index 440d6fd6c..92ead6329 100644 --- a/plugins/sudoers/cvtsudoers_json.c +++ b/plugins/sudoers/cvtsudoers_json.c @@ -984,40 +984,17 @@ print_userspecs_json(FILE *fp, int indent, bool need_comma) * Export the parsed sudoers file in JSON format. */ bool -convert_sudoers_json(const char *input_file, const char *output_file) +convert_sudoers_json(const char *output_file) { - bool ret = false, need_comma = false; + bool ret = true, need_comma = false; const int indent = 4; FILE *output_fp = stdout; debug_decl(convert_sudoers_json, SUDOERS_DEBUG_UTIL) - if (strcmp(input_file, "-") == 0) { - sudoersin = stdin; - input_file = "stdin"; - } else if ((sudoersin = fopen(input_file, "r")) == NULL) - sudo_fatal(U_("unable to open %s"), input_file); - if (strcmp(output_file, "-") != 0) { + if (strcmp(output_file, "-") != 0) { if ((output_fp = fopen(output_file, "w")) == NULL) sudo_fatal(U_("unable to open %s"), output_file); } - init_parser(input_file, false); - if (sudoersparse() && !parse_error) { - sudo_warnx(U_("failed to parse %s file, unknown error"), input_file); - parse_error = true; - rcstr_delref(errorfile); - if ((errorfile = rcstr_dup(input_file)) == NULL) - sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); - } - ret = !parse_error; - - if (parse_error) { - if (errorlineno != -1) - sudo_warnx(U_("parse error in %s near line %d\n"), - errorfile, errorlineno); - else if (errorfile != NULL) - sudo_warnx(U_("parse error in %s\n"), errorfile); - goto done; - } /* Open JSON output. */ putc('{', output_fp); @@ -1033,14 +1010,11 @@ convert_sudoers_json(const char *input_file, const char *output_file) /* Close JSON output. */ fputs("\n}\n", output_fp); + (void)fflush(output_fp); + if (ferror(output_fp)) + ret = false; + if (output_fp != stdout) + fclose(output_fp); -done: - if (output_fp != NULL) { - (void)fflush(output_fp); - if (ferror(output_fp)) - ret = false; - if (output_fp != stdout) - fclose(output_fp); - } debug_return_bool(ret); } -- 2.40.0