1: #include <config.h>
2: #include <stdlib.h>
3: #include <string.h>
4: #define YYBYACC 1
5: #define YYMAJOR 1
6: #define YYMINOR 9
7: #define YYLEX yylex()
8: #define YYEMPTY -1
9: #define yyclearin (yychar=(YYEMPTY))
10: #define yyerrok (yyerrflag=0)
11: #define YYRECOVERING() (yyerrflag!=0)
12: #define yyparse sudoersparse
13: #define yylex sudoerslex
14: #define yyerror sudoerserror
15: #define yychar sudoerschar
16: #define yyval sudoersval
17: #define yylval sudoerslval
18: #define yydebug sudoersdebug
19: #define yynerrs sudoersnerrs
20: #define yyerrflag sudoerserrflag
21: #define yyss sudoersss
22: #define yysslim sudoerssslim
23: #define yyssp sudoersssp
24: #define yyvs sudoersvs
25: #define yyvsp sudoersvsp
26: #define yystacksize sudoersstacksize
27: #define yylhs sudoerslhs
28: #define yylen sudoerslen
29: #define yydefred sudoersdefred
30: #define yydgoto sudoersdgoto
31: #define yysindex sudoerssindex
32: #define yyrindex sudoersrindex
33: #define yygindex sudoersgindex
34: #define yytable sudoerstable
35: #define yycheck sudoerscheck
36: #define yyname sudoersname
37: #define yyrule sudoersrule
38: #define YYPREFIX "sudoers"
39: #line 2 "gram.y"
40: /*
41: * Copyright (c) 1996, 1998-2005, 2007-2013
42: * Todd C. Miller <Todd.Miller@courtesan.com>
43: *
44: * Permission to use, copy, modify, and distribute this software for any
45: * purpose with or without fee is hereby granted, provided that the above
46: * copyright notice and this permission notice appear in all copies.
47: *
48: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
49: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
50: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
51: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
52: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
53: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
54: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
55: * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
56: * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
57: *
58: * Sponsored in part by the Defense Advanced Research Projects
59: * Agency (DARPA) and Air Force Research Laboratory, Air Force
60: * Materiel Command, USAF, under agreement number F39502-99-1-0512.
61: */
62:
63: #include <config.h>
64:
65: #include <sys/types.h>
66: #include <stdio.h>
67: #ifdef STDC_HEADERS
68: # include <stdlib.h>
69: # include <stddef.h>
70: #else
71: # ifdef HAVE_STDLIB_H
72: # include <stdlib.h>
73: # endif
74: #endif /* STDC_HEADERS */
75: #ifdef HAVE_STRING_H
76: # include <string.h>
77: #endif /* HAVE_STRING_H */
78: #ifdef HAVE_STRINGS_H
79: # include <strings.h>
80: #endif /* HAVE_STRINGS_H */
81: #ifdef HAVE_UNISTD_H
82: # include <unistd.h>
83: #endif /* HAVE_UNISTD_H */
84: #ifdef HAVE_INTTYPES_H
85: # include <inttypes.h>
86: #endif
87: #if defined(YYBISON) && defined(HAVE_ALLOCA_H) && !defined(__GNUC__)
88: # include <alloca.h>
89: #endif /* YYBISON && HAVE_ALLOCA_H && !__GNUC__ */
90: #include <limits.h>
91:
92: #include "sudoers.h" /* XXX */
93: #include "parse.h"
94: #include "toke.h"
95:
96: /*
97: * We must define SIZE_MAX for yacc's skeleton.c.
98: * If there is no SIZE_MAX or SIZE_T_MAX we have to assume that size_t
99: * could be signed (as it is on SunOS 4.x).
100: */
101: #ifndef SIZE_MAX
102: # ifdef SIZE_T_MAX
103: # define SIZE_MAX SIZE_T_MAX
104: # else
105: # define SIZE_MAX INT_MAX
106: # endif /* SIZE_T_MAX */
107: #endif /* SIZE_MAX */
108:
109: /*
110: * Globals
111: */
112: bool sudoers_warnings = true;
113: bool parse_error = false;
114: int errorlineno = -1;
115: const char *errorfile = NULL;
116:
117: struct defaults_list defaults = TAILQ_HEAD_INITIALIZER(defaults);
118: struct userspec_list userspecs = TAILQ_HEAD_INITIALIZER(userspecs);
119:
120: /*
121: * Local protoypes
122: */
123: static void add_defaults(int, struct member *, struct defaults *);
124: static void add_userspec(struct member *, struct privilege *);
125: static struct defaults *new_default(char *, char *, int);
126: static struct member *new_member(char *, int);
127: static struct sudo_digest *new_digest(int, const char *);
128: #line 92 "gram.y"
129: #ifndef YYSTYPE_DEFINED
130: #define YYSTYPE_DEFINED
131: typedef union {
132: struct cmndspec *cmndspec;
133: struct defaults *defaults;
134: struct member *member;
135: struct runascontainer *runas;
136: struct privilege *privilege;
137: struct sudo_digest *digest;
138: struct sudo_command command;
139: struct cmndtag tag;
140: struct selinux_info seinfo;
141: struct solaris_privs_info privinfo;
142: char *string;
143: int tok;
144: } YYSTYPE;
145: #endif /* YYSTYPE_DEFINED */
146: #line 146 "gram.c"
147: #define COMMAND 257
148: #define ALIAS 258
149: #define DEFVAR 259
150: #define NTWKADDR 260
151: #define NETGROUP 261
152: #define USERGROUP 262
153: #define WORD 263
154: #define DIGEST 264
155: #define DEFAULTS 265
156: #define DEFAULTS_HOST 266
157: #define DEFAULTS_USER 267
158: #define DEFAULTS_RUNAS 268
159: #define DEFAULTS_CMND 269
160: #define NOPASSWD 270
161: #define PASSWD 271
162: #define NOEXEC 272
163: #define EXEC 273
164: #define SETENV 274
165: #define NOSETENV 275
166: #define LOG_INPUT 276
167: #define NOLOG_INPUT 277
168: #define LOG_OUTPUT 278
169: #define NOLOG_OUTPUT 279
170: #define ALL 280
171: #define COMMENT 281
172: #define HOSTALIAS 282
173: #define CMNDALIAS 283
174: #define USERALIAS 284
175: #define RUNASALIAS 285
176: #define ERROR 286
177: #define TYPE 287
178: #define ROLE 288
179: #define PRIVS 289
180: #define LIMITPRIVS 290
181: #define MYSELF 291
182: #define SHA224 292
183: #define SHA256 293
184: #define SHA384 294
185: #define SHA512 295
186: #define YYERRCODE 256
187: #if defined(__cplusplus) || defined(__STDC__)
188: const short sudoerslhs[] =
189: #else
190: short sudoerslhs[] =
191: #endif
192: { -1,
193: 0, 0, 30, 30, 31, 31, 31, 31, 31, 31,
194: 31, 31, 31, 31, 31, 31, 4, 4, 3, 3,
195: 3, 3, 3, 21, 21, 20, 11, 11, 9, 9,
196: 9, 9, 9, 2, 2, 1, 29, 29, 29, 29,
197: 7, 7, 6, 6, 24, 25, 23, 23, 23, 23,
198: 23, 27, 28, 26, 26, 26, 26, 26, 18, 18,
199: 19, 19, 19, 19, 19, 22, 22, 22, 22, 22,
200: 22, 22, 22, 22, 22, 22, 5, 5, 5, 33,
201: 33, 36, 10, 10, 34, 34, 37, 8, 8, 35,
202: 35, 38, 32, 32, 39, 14, 14, 12, 12, 13,
203: 13, 13, 13, 13, 17, 17, 15, 15, 16, 16,
204: 16,
205: };
206: #if defined(__cplusplus) || defined(__STDC__)
207: const short sudoerslen[] =
208: #else
209: short sudoerslen[] =
210: #endif
211: { 2,
212: 0, 1, 1, 2, 1, 2, 2, 2, 2, 2,
213: 2, 2, 3, 3, 3, 3, 1, 3, 1, 2,
214: 3, 3, 3, 1, 3, 3, 1, 2, 1, 1,
215: 1, 1, 1, 1, 3, 5, 3, 3, 3, 3,
216: 1, 2, 1, 2, 3, 3, 0, 1, 1, 2,
217: 2, 3, 3, 0, 1, 1, 2, 2, 0, 3,
218: 0, 1, 3, 2, 1, 0, 2, 2, 2, 2,
219: 2, 2, 2, 2, 2, 2, 1, 1, 1, 1,
220: 3, 3, 1, 3, 1, 3, 3, 1, 3, 1,
221: 3, 3, 1, 3, 3, 1, 3, 1, 2, 1,
222: 1, 1, 1, 1, 1, 3, 1, 2, 1, 1,
223: 1,
224: };
225: #if defined(__cplusplus) || defined(__STDC__)
226: const short sudoersdefred[] =
227: #else
228: short sudoersdefred[] =
229: #endif
230: { 0,
231: 0, 100, 102, 103, 104, 0, 0, 0, 0, 0,
232: 101, 5, 0, 0, 0, 0, 0, 0, 96, 98,
233: 0, 0, 3, 6, 0, 0, 17, 0, 29, 32,
234: 31, 33, 30, 0, 27, 0, 83, 0, 0, 79,
235: 78, 77, 0, 0, 0, 0, 0, 43, 41, 88,
236: 0, 0, 0, 0, 80, 0, 0, 85, 0, 0,
237: 93, 0, 0, 90, 99, 0, 0, 24, 0, 4,
238: 0, 0, 0, 20, 0, 28, 0, 0, 0, 0,
239: 44, 0, 0, 0, 0, 0, 0, 42, 0, 0,
240: 0, 0, 0, 0, 0, 0, 97, 0, 0, 21,
241: 22, 23, 18, 84, 37, 38, 39, 40, 89, 0,
242: 81, 0, 86, 0, 94, 0, 91, 0, 34, 0,
243: 0, 25, 0, 0, 0, 0, 0, 0, 0, 0,
244: 0, 109, 111, 110, 0, 105, 107, 0, 0, 60,
245: 35, 0, 0, 0, 0, 66, 0, 0, 50, 51,
246: 108, 0, 0, 46, 45, 0, 0, 0, 57, 58,
247: 106, 52, 53, 67, 68, 69, 70, 71, 72, 73,
248: 74, 75, 76, 36,
249: };
250: #if defined(__cplusplus) || defined(__STDC__)
251: const short sudoersdgoto[] =
252: #else
253: short sudoersdgoto[] =
254: #endif
255: { 18,
256: 119, 120, 27, 28, 48, 49, 50, 51, 35, 67,
257: 37, 19, 20, 21, 136, 137, 138, 121, 125, 68,
258: 69, 158, 129, 130, 131, 146, 147, 148, 52, 22,
259: 23, 60, 54, 57, 63, 55, 58, 64, 61,
260: };
261: #if defined(__cplusplus) || defined(__STDC__)
262: const short sudoerssindex[] =
263: #else
264: short sudoerssindex[] =
265: #endif
266: { -33,
267: -277, 0, 0, 0, 0, -13, 75, 105, 105, -15,
268: 0, 0, -246, -241, -217, -210, -226, 0, 0, 0,
269: -5, -33, 0, 0, -3, -244, 0, 5, 0, 0,
270: 0, 0, 0, -237, 0, -28, 0, -19, -19, 0,
271: 0, 0, -251, -7, -1, 4, 7, 0, 0, 0,
272: -14, -20, -2, 8, 0, 6, 11, 0, 9, 13,
273: 0, 12, 14, 0, 0, 105, -11, 0, 18, 0,
274: -203, -200, -188, 0, -13, 0, 75, 5, 5, 5,
275: 0, -187, -185, -184, -183, -15, 5, 0, 75, -246,
276: -15, -241, 105, -217, 105, -210, 0, 42, 75, 0,
277: 0, 0, 0, 0, 0, 0, 0, 0, 0, 39,
278: 0, 40, 0, 43, 0, 43, 0, 45, 0, 44,
279: -279, 0, 135, -6, 49, 42, 25, 32, -243, -195,
280: -192, 0, 0, 0, -236, 0, 0, 54, 135, 0,
281: 0, -164, -163, 41, 46, 0, -189, -180, 0, 0,
282: 0, 135, 54, 0, 0, -159, -158, 585, 0, 0,
283: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
284: 0, 0, 0, 0,};
285: #if defined(__cplusplus) || defined(__STDC__)
286: const short sudoersrindex[] =
287: #else
288: short sudoersrindex[] =
289: #endif
290: { 106,
291: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
292: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
293: 0, 110, 0, 0, 1, 0, 0, 181, 0, 0,
294: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
295: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
296: 0, 0, 0, 211, 0, 0, 241, 0, 0, 271,
297: 0, 0, 301, 0, 0, 0, 0, 0, 331, 0,
298: 0, 0, 0, 0, 0, 0, 0, 361, 391, 421,
299: 0, 0, 0, 0, 0, 0, 451, 0, 0, 0,
300: 0, 0, 0, 0, 0, 0, 0, 467, 0, 0,
301: 0, 0, 0, 0, 0, 0, 0, 0, 0, 31,
302: 0, 61, 0, 91, 0, 121, 0, 70, 0, 151,
303: 495, 0, 71, 72, 0, 467, 0, 0, 615, 525,
304: 555, 0, 0, 0, 0, 0, 0, 73, 0, 0,
305: 0, 0, 0, 0, 0, 0, 645, 675, 0, 0,
306: 0, 0, 74, 0, 0, 0, 0, 0, 0, 0,
307: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
308: 0, 0, 0, 0,};
309: #if defined(__cplusplus) || defined(__STDC__)
310: const short sudoersgindex[] =
311: #else
312: short sudoersgindex[] =
313: #endif
314: { 0,
315: -10, 0, 47, 17, 80, 65, -84, 27, 92, -4,
316: 48, 62, 112, 2, -25, 10, -9, 0, 0, 33,
317: 0, 0, 0, 3, 16, 0, -17, -12, 0, 0,
318: 111, 0, 0, 0, 0, 50, 51, 52, 53,
319: };
320: #define YYTABLESIZE 970
321: #if defined(__cplusplus) || defined(__STDC__)
322: const short sudoerstable[] =
323: #else
324: short sudoerstable[] =
325: #endif
326: { 17,
327: 19, 109, 36, 24, 26, 40, 41, 127, 128, 38,
328: 39, 53, 43, 26, 74, 77, 56, 43, 26, 26,
329: 29, 132, 30, 31, 66, 32, 133, 34, 42, 86,
330: 82, 2, 77, 19, 3, 4, 5, 66, 66, 72,
331: 59, 73, 33, 134, 19, 144, 145, 62, 75, 98,
332: 82, 139, 78, 11, 79, 80, 83, 71, 89, 100,
333: 87, 84, 101, 82, 85, 90, 91, 87, 92, 93,
334: 94, 96, 95, 174, 102, 99, 105, 17, 106, 107,
335: 108, 118, 77, 86, 110, 142, 66, 126, 82, 140,
336: 95, 127, 143, 87, 114, 128, 116, 152, 154, 155,
337: 145, 156, 123, 162, 163, 1, 157, 34, 144, 2,
338: 61, 65, 62, 64, 63, 141, 88, 112, 87, 124,
339: 92, 103, 81, 95, 104, 76, 161, 97, 65, 153,
340: 160, 122, 70, 150, 159, 0, 0, 17, 0, 111,
341: 0, 0, 113, 0, 151, 149, 115, 117, 95, 0,
342: 26, 0, 0, 92, 0, 0, 0, 0, 0, 0,
343: 0, 0, 0, 0, 0, 0, 0, 135, 0, 0,
344: 0, 0, 0, 0, 0, 0, 0, 0, 92, 0,
345: 12, 0, 0, 26, 0, 0, 0, 0, 0, 0,
346: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
347: 0, 0, 0, 0, 0, 0, 0, 0, 26, 0,
348: 9, 0, 0, 12, 0, 0, 0, 0, 0, 0,
349: 0, 0, 1, 0, 2, 0, 0, 3, 4, 5,
350: 25, 6, 7, 8, 9, 10, 40, 41, 0, 25,
351: 10, 40, 41, 9, 25, 25, 11, 12, 13, 14,
352: 15, 16, 29, 0, 30, 31, 19, 32, 19, 42,
353: 0, 19, 19, 19, 42, 19, 19, 19, 19, 19,
354: 8, 0, 0, 10, 33, 0, 44, 45, 46, 47,
355: 19, 19, 19, 19, 19, 19, 82, 0, 82, 0,
356: 0, 82, 82, 82, 0, 82, 82, 82, 82, 82,
357: 11, 0, 2, 8, 0, 3, 4, 5, 0, 0,
358: 82, 82, 82, 82, 82, 82, 87, 0, 87, 0,
359: 0, 87, 87, 87, 11, 87, 87, 87, 87, 87,
360: 7, 0, 29, 11, 30, 31, 0, 32, 0, 0,
361: 87, 87, 87, 87, 87, 87, 95, 0, 95, 0,
362: 0, 95, 95, 95, 33, 95, 95, 95, 95, 95,
363: 15, 0, 2, 7, 0, 3, 4, 5, 0, 0,
364: 95, 95, 95, 95, 95, 95, 92, 0, 92, 0,
365: 0, 92, 92, 92, 11, 92, 92, 92, 92, 92,
366: 13, 0, 132, 15, 0, 0, 0, 133, 0, 0,
367: 92, 92, 92, 92, 92, 92, 26, 0, 26, 0,
368: 0, 26, 26, 26, 134, 26, 26, 26, 26, 26,
369: 14, 0, 0, 13, 0, 0, 0, 0, 0, 0,
370: 26, 26, 26, 26, 26, 26, 12, 0, 12, 0,
371: 0, 12, 12, 12, 0, 12, 12, 12, 12, 12,
372: 16, 0, 0, 14, 0, 0, 0, 0, 0, 0,
373: 12, 12, 12, 12, 12, 12, 9, 0, 9, 0,
374: 0, 9, 9, 9, 0, 9, 9, 9, 9, 9,
375: 0, 0, 0, 16, 0, 0, 0, 0, 0, 0,
376: 9, 9, 9, 9, 9, 9, 10, 0, 10, 59,
377: 0, 10, 10, 10, 0, 10, 10, 10, 10, 10,
378: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
379: 10, 10, 10, 10, 10, 10, 8, 47, 8, 0,
380: 0, 8, 8, 8, 0, 8, 8, 8, 8, 8,
381: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
382: 8, 8, 8, 8, 8, 8, 11, 48, 11, 0,
383: 0, 11, 11, 11, 0, 11, 11, 11, 11, 11,
384: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
385: 11, 11, 11, 11, 11, 11, 7, 49, 7, 0,
386: 0, 7, 7, 7, 0, 7, 7, 7, 7, 7,
387: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
388: 7, 7, 7, 7, 7, 7, 15, 43, 15, 0,
389: 0, 15, 15, 15, 0, 15, 15, 15, 15, 15,
390: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
391: 15, 15, 15, 15, 15, 15, 13, 54, 13, 0,
392: 0, 13, 13, 13, 0, 13, 13, 13, 13, 13,
393: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
394: 13, 13, 13, 13, 13, 13, 14, 55, 14, 0,
395: 0, 14, 14, 14, 0, 14, 14, 14, 14, 14,
396: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
397: 14, 14, 14, 14, 14, 14, 16, 56, 16, 0,
398: 0, 16, 16, 16, 0, 16, 16, 16, 16, 16,
399: 0, 0, 0, 59, 59, 0, 0, 0, 0, 0,
400: 16, 16, 16, 16, 16, 16, 59, 59, 59, 59,
401: 59, 59, 59, 59, 59, 59, 59, 0, 0, 0,
402: 0, 47, 47, 59, 59, 59, 59, 0, 59, 59,
403: 59, 59, 0, 0, 47, 47, 47, 47, 47, 47,
404: 47, 47, 47, 47, 47, 0, 0, 0, 0, 0,
405: 0, 48, 48, 47, 47, 0, 47, 47, 47, 47,
406: 0, 0, 0, 0, 48, 48, 48, 48, 48, 48,
407: 48, 48, 48, 48, 48, 0, 0, 0, 0, 0,
408: 0, 49, 49, 48, 48, 0, 48, 48, 48, 48,
409: 0, 0, 0, 0, 49, 49, 49, 49, 49, 49,
410: 49, 49, 49, 49, 49, 0, 0, 0, 0, 0,
411: 0, 40, 41, 49, 49, 0, 49, 49, 49, 49,
412: 0, 0, 0, 0, 164, 165, 166, 167, 168, 169,
413: 170, 171, 172, 173, 42, 0, 0, 0, 0, 0,
414: 0, 54, 54, 0, 0, 0, 44, 45, 46, 47,
415: 0, 0, 0, 0, 54, 54, 54, 54, 54, 54,
416: 54, 54, 54, 54, 54, 0, 0, 0, 0, 0,
417: 0, 55, 55, 0, 0, 0, 54, 54, 54, 54,
418: 0, 0, 0, 0, 55, 55, 55, 55, 55, 55,
419: 55, 55, 55, 55, 55, 0, 0, 0, 0, 0,
420: 0, 56, 56, 0, 0, 0, 55, 55, 55, 55,
421: 0, 0, 0, 0, 56, 56, 56, 56, 56, 56,
422: 56, 56, 56, 56, 56, 0, 0, 0, 0, 0,
423: 0, 0, 0, 0, 0, 0, 56, 56, 56, 56,
424: };
425: #if defined(__cplusplus) || defined(__STDC__)
426: const short sudoerscheck[] =
427: #else
428: short sudoerscheck[] =
429: #endif
430: { 33,
431: 0, 86, 7, 281, 33, 257, 258, 287, 288, 8,
432: 9, 258, 33, 33, 259, 44, 258, 33, 33, 33,
433: 258, 258, 260, 261, 44, 263, 263, 33, 280, 44,
434: 0, 258, 44, 33, 261, 262, 263, 44, 44, 43,
435: 258, 45, 280, 280, 44, 289, 290, 258, 44, 61,
436: 58, 58, 36, 280, 38, 39, 58, 61, 61, 263,
437: 0, 58, 263, 33, 58, 58, 61, 51, 58, 61,
438: 58, 58, 61, 158, 263, 58, 264, 33, 264, 264,
439: 264, 40, 44, 44, 89, 61, 44, 44, 58, 41,
440: 0, 287, 61, 33, 93, 288, 95, 44, 263, 263,
441: 290, 61, 58, 263, 263, 0, 61, 33, 289, 0,
442: 41, 41, 41, 41, 41, 126, 52, 91, 58, 118,
443: 0, 75, 43, 33, 77, 34, 152, 66, 17, 139,
444: 148, 99, 22, 131, 147, -1, -1, 33, -1, 90,
445: -1, -1, 92, -1, 135, 130, 94, 96, 58, -1,
446: 0, -1, -1, 33, -1, -1, -1, -1, -1, -1,
447: -1, -1, -1, -1, -1, -1, -1, 33, -1, -1,
448: -1, -1, -1, -1, -1, -1, -1, -1, 58, -1,
449: 0, -1, -1, 33, -1, -1, -1, -1, -1, -1,
450: -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
451: -1, -1, -1, -1, -1, -1, -1, -1, 58, -1,
452: 0, -1, -1, 33, -1, -1, -1, -1, -1, -1,
453: -1, -1, 256, -1, 258, -1, -1, 261, 262, 263,
454: 259, 265, 266, 267, 268, 269, 257, 258, -1, 259,
455: 0, 257, 258, 33, 259, 259, 280, 281, 282, 283,
456: 284, 285, 258, -1, 260, 261, 256, 263, 258, 280,
457: -1, 261, 262, 263, 280, 265, 266, 267, 268, 269,
458: 0, -1, -1, 33, 280, -1, 292, 293, 294, 295,
459: 280, 281, 282, 283, 284, 285, 256, -1, 258, -1,
460: -1, 261, 262, 263, -1, 265, 266, 267, 268, 269,
461: 0, -1, 258, 33, -1, 261, 262, 263, -1, -1,
462: 280, 281, 282, 283, 284, 285, 256, -1, 258, -1,
463: -1, 261, 262, 263, 280, 265, 266, 267, 268, 269,
464: 0, -1, 258, 33, 260, 261, -1, 263, -1, -1,
465: 280, 281, 282, 283, 284, 285, 256, -1, 258, -1,
466: -1, 261, 262, 263, 280, 265, 266, 267, 268, 269,
467: 0, -1, 258, 33, -1, 261, 262, 263, -1, -1,
468: 280, 281, 282, 283, 284, 285, 256, -1, 258, -1,
469: -1, 261, 262, 263, 280, 265, 266, 267, 268, 269,
470: 0, -1, 258, 33, -1, -1, -1, 263, -1, -1,
471: 280, 281, 282, 283, 284, 285, 256, -1, 258, -1,
472: -1, 261, 262, 263, 280, 265, 266, 267, 268, 269,
473: 0, -1, -1, 33, -1, -1, -1, -1, -1, -1,
474: 280, 281, 282, 283, 284, 285, 256, -1, 258, -1,
475: -1, 261, 262, 263, -1, 265, 266, 267, 268, 269,
476: 0, -1, -1, 33, -1, -1, -1, -1, -1, -1,
477: 280, 281, 282, 283, 284, 285, 256, -1, 258, -1,
478: -1, 261, 262, 263, -1, 265, 266, 267, 268, 269,
479: -1, -1, -1, 33, -1, -1, -1, -1, -1, -1,
480: 280, 281, 282, 283, 284, 285, 256, -1, 258, 33,
481: -1, 261, 262, 263, -1, 265, 266, 267, 268, 269,
482: -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
483: 280, 281, 282, 283, 284, 285, 256, 33, 258, -1,
484: -1, 261, 262, 263, -1, 265, 266, 267, 268, 269,
485: -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
486: 280, 281, 282, 283, 284, 285, 256, 33, 258, -1,
487: -1, 261, 262, 263, -1, 265, 266, 267, 268, 269,
488: -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
489: 280, 281, 282, 283, 284, 285, 256, 33, 258, -1,
490: -1, 261, 262, 263, -1, 265, 266, 267, 268, 269,
491: -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
492: 280, 281, 282, 283, 284, 285, 256, 33, 258, -1,
493: -1, 261, 262, 263, -1, 265, 266, 267, 268, 269,
494: -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
495: 280, 281, 282, 283, 284, 285, 256, 33, 258, -1,
496: -1, 261, 262, 263, -1, 265, 266, 267, 268, 269,
497: -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
498: 280, 281, 282, 283, 284, 285, 256, 33, 258, -1,
499: -1, 261, 262, 263, -1, 265, 266, 267, 268, 269,
500: -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
501: 280, 281, 282, 283, 284, 285, 256, 33, 258, -1,
502: -1, 261, 262, 263, -1, 265, 266, 267, 268, 269,
503: -1, -1, -1, 257, 258, -1, -1, -1, -1, -1,
504: 280, 281, 282, 283, 284, 285, 270, 271, 272, 273,
505: 274, 275, 276, 277, 278, 279, 280, -1, -1, -1,
506: -1, 257, 258, 287, 288, 289, 290, -1, 292, 293,
507: 294, 295, -1, -1, 270, 271, 272, 273, 274, 275,
508: 276, 277, 278, 279, 280, -1, -1, -1, -1, -1,
509: -1, 257, 258, 289, 290, -1, 292, 293, 294, 295,
510: -1, -1, -1, -1, 270, 271, 272, 273, 274, 275,
511: 276, 277, 278, 279, 280, -1, -1, -1, -1, -1,
512: -1, 257, 258, 289, 290, -1, 292, 293, 294, 295,
513: -1, -1, -1, -1, 270, 271, 272, 273, 274, 275,
514: 276, 277, 278, 279, 280, -1, -1, -1, -1, -1,
515: -1, 257, 258, 289, 290, -1, 292, 293, 294, 295,
516: -1, -1, -1, -1, 270, 271, 272, 273, 274, 275,
517: 276, 277, 278, 279, 280, -1, -1, -1, -1, -1,
518: -1, 257, 258, -1, -1, -1, 292, 293, 294, 295,
519: -1, -1, -1, -1, 270, 271, 272, 273, 274, 275,
520: 276, 277, 278, 279, 280, -1, -1, -1, -1, -1,
521: -1, 257, 258, -1, -1, -1, 292, 293, 294, 295,
522: -1, -1, -1, -1, 270, 271, 272, 273, 274, 275,
523: 276, 277, 278, 279, 280, -1, -1, -1, -1, -1,
524: -1, 257, 258, -1, -1, -1, 292, 293, 294, 295,
525: -1, -1, -1, -1, 270, 271, 272, 273, 274, 275,
526: 276, 277, 278, 279, 280, -1, -1, -1, -1, -1,
527: -1, -1, -1, -1, -1, -1, 292, 293, 294, 295,
528: };
529: #define YYFINAL 18
530: #ifndef YYDEBUG
531: #define YYDEBUG 0
532: #endif
533: #define YYMAXTOKEN 295
534: #if YYDEBUG
535: #if defined(__cplusplus) || defined(__STDC__)
536: const char * const sudoersname[] =
537: #else
538: char *sudoersname[] =
539: #endif
540: {
541: "end-of-file",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
542: "'!'",0,0,0,0,0,0,"'('","')'",0,"'+'","','","'-'",0,0,0,0,0,0,0,0,0,0,0,0,"':'",
543: 0,0,"'='",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
544: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
545: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
546: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
547: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
548: "COMMAND","ALIAS","DEFVAR","NTWKADDR","NETGROUP","USERGROUP","WORD","DIGEST",
549: "DEFAULTS","DEFAULTS_HOST","DEFAULTS_USER","DEFAULTS_RUNAS","DEFAULTS_CMND",
550: "NOPASSWD","PASSWD","NOEXEC","EXEC","SETENV","NOSETENV","LOG_INPUT",
551: "NOLOG_INPUT","LOG_OUTPUT","NOLOG_OUTPUT","ALL","COMMENT","HOSTALIAS",
552: "CMNDALIAS","USERALIAS","RUNASALIAS","ERROR","TYPE","ROLE","PRIVS","LIMITPRIVS",
553: "MYSELF","SHA224","SHA256","SHA384","SHA512",
554: };
555: #if defined(__cplusplus) || defined(__STDC__)
556: const char * const sudoersrule[] =
557: #else
558: char *sudoersrule[] =
559: #endif
560: {"$accept : file",
561: "file :",
562: "file : line",
563: "line : entry",
564: "line : line entry",
565: "entry : COMMENT",
566: "entry : error COMMENT",
567: "entry : userlist privileges",
568: "entry : USERALIAS useraliases",
569: "entry : HOSTALIAS hostaliases",
570: "entry : CMNDALIAS cmndaliases",
571: "entry : RUNASALIAS runasaliases",
572: "entry : DEFAULTS defaults_list",
573: "entry : DEFAULTS_USER userlist defaults_list",
574: "entry : DEFAULTS_RUNAS userlist defaults_list",
575: "entry : DEFAULTS_HOST hostlist defaults_list",
576: "entry : DEFAULTS_CMND cmndlist defaults_list",
577: "defaults_list : defaults_entry",
578: "defaults_list : defaults_list ',' defaults_entry",
579: "defaults_entry : DEFVAR",
580: "defaults_entry : '!' DEFVAR",
581: "defaults_entry : DEFVAR '=' WORD",
582: "defaults_entry : DEFVAR '+' WORD",
583: "defaults_entry : DEFVAR '-' WORD",
584: "privileges : privilege",
585: "privileges : privileges ':' privilege",
586: "privilege : hostlist '=' cmndspeclist",
587: "ophost : host",
588: "ophost : '!' host",
589: "host : ALIAS",
590: "host : ALL",
591: "host : NETGROUP",
592: "host : NTWKADDR",
593: "host : WORD",
594: "cmndspeclist : cmndspec",
595: "cmndspeclist : cmndspeclist ',' cmndspec",
596: "cmndspec : runasspec selinux solarisprivs cmndtag digcmnd",
597: "digest : SHA224 ':' DIGEST",
598: "digest : SHA256 ':' DIGEST",
599: "digest : SHA384 ':' DIGEST",
600: "digest : SHA512 ':' DIGEST",
601: "digcmnd : opcmnd",
602: "digcmnd : digest opcmnd",
603: "opcmnd : cmnd",
604: "opcmnd : '!' cmnd",
605: "rolespec : ROLE '=' WORD",
606: "typespec : TYPE '=' WORD",
607: "selinux :",
608: "selinux : rolespec",
609: "selinux : typespec",
610: "selinux : rolespec typespec",
611: "selinux : typespec rolespec",
612: "privsspec : PRIVS '=' WORD",
613: "limitprivsspec : LIMITPRIVS '=' WORD",
614: "solarisprivs :",
615: "solarisprivs : privsspec",
616: "solarisprivs : limitprivsspec",
617: "solarisprivs : privsspec limitprivsspec",
618: "solarisprivs : limitprivsspec privsspec",
619: "runasspec :",
620: "runasspec : '(' runaslist ')'",
621: "runaslist :",
622: "runaslist : userlist",
623: "runaslist : userlist ':' grouplist",
624: "runaslist : ':' grouplist",
625: "runaslist : ':'",
626: "cmndtag :",
627: "cmndtag : cmndtag NOPASSWD",
628: "cmndtag : cmndtag PASSWD",
629: "cmndtag : cmndtag NOEXEC",
630: "cmndtag : cmndtag EXEC",
631: "cmndtag : cmndtag SETENV",
632: "cmndtag : cmndtag NOSETENV",
633: "cmndtag : cmndtag LOG_INPUT",
634: "cmndtag : cmndtag NOLOG_INPUT",
635: "cmndtag : cmndtag LOG_OUTPUT",
636: "cmndtag : cmndtag NOLOG_OUTPUT",
637: "cmnd : ALL",
638: "cmnd : ALIAS",
639: "cmnd : COMMAND",
640: "hostaliases : hostalias",
641: "hostaliases : hostaliases ':' hostalias",
642: "hostalias : ALIAS '=' hostlist",
643: "hostlist : ophost",
644: "hostlist : hostlist ',' ophost",
645: "cmndaliases : cmndalias",
646: "cmndaliases : cmndaliases ':' cmndalias",
647: "cmndalias : ALIAS '=' cmndlist",
648: "cmndlist : digcmnd",
649: "cmndlist : cmndlist ',' digcmnd",
650: "runasaliases : runasalias",
651: "runasaliases : runasaliases ':' runasalias",
652: "runasalias : ALIAS '=' userlist",
653: "useraliases : useralias",
654: "useraliases : useraliases ':' useralias",
655: "useralias : ALIAS '=' userlist",
656: "userlist : opuser",
657: "userlist : userlist ',' opuser",
658: "opuser : user",
659: "opuser : '!' user",
660: "user : ALIAS",
661: "user : ALL",
662: "user : NETGROUP",
663: "user : USERGROUP",
664: "user : WORD",
665: "grouplist : opgroup",
666: "grouplist : grouplist ',' opgroup",
667: "opgroup : group",
668: "opgroup : '!' group",
669: "group : ALIAS",
670: "group : ALL",
671: "group : WORD",
672: };
673: #endif
674: #ifdef YYSTACKSIZE
675: #undef YYMAXDEPTH
676: #define YYMAXDEPTH YYSTACKSIZE
677: #else
678: #ifdef YYMAXDEPTH
679: #define YYSTACKSIZE YYMAXDEPTH
680: #else
681: #define YYSTACKSIZE 10000
682: #define YYMAXDEPTH 10000
683: #endif
684: #endif
685: #define YYINITSTACKSIZE 200
686: /* LINTUSED */
687: int yydebug;
688: int yynerrs;
689: int yyerrflag;
690: int yychar;
691: short *yyssp;
692: YYSTYPE *yyvsp;
693: YYSTYPE yyval;
694: YYSTYPE yylval;
695: short *yyss;
696: short *yysslim;
697: YYSTYPE *yyvs;
698: unsigned int yystacksize;
699: #line 685 "gram.y"
700: void
701: sudoerserror(const char *s)
702: {
703: debug_decl(sudoerserror, SUDO_DEBUG_PARSER)
704:
705: /* If we last saw a newline the error is on the preceding line. */
706: if (last_token == COMMENT)
707: sudolineno--;
708:
709: /* Save the line the first error occurred on. */
710: if (errorlineno == -1) {
711: errorlineno = sudolineno;
712: errorfile = estrdup(sudoers);
713: }
714: if (sudoers_warnings && s != NULL) {
715: LEXTRACE("<*> ");
716: #ifndef TRACELEXER
717: if (trace_print == NULL || trace_print == sudoers_trace_print) {
718: const char fmt[] = ">>> %s: %s near line %d <<<\n";
719: int oldlocale;
720:
721: /* Warnings are displayed in the user's locale. */
722: sudoers_setlocale(SUDOERS_LOCALE_USER, &oldlocale);
723: sudo_printf(SUDO_CONV_ERROR_MSG, _(fmt), sudoers, _(s), sudolineno);
724: sudoers_setlocale(oldlocale, NULL);
725: }
726: #endif
727: }
728: parse_error = true;
729: debug_return;
730: }
731:
732: static struct defaults *
733: new_default(char *var, char *val, int op)
734: {
735: struct defaults *d;
736: debug_decl(new_default, SUDO_DEBUG_PARSER)
737:
738: d = ecalloc(1, sizeof(struct defaults));
739: d->var = var;
740: d->val = val;
741: /* d->type = 0; */
742: d->op = op;
743: /* d->binding = NULL */
744: HLTQ_INIT(d, entries);
745:
746: debug_return_ptr(d);
747: }
748:
749: static struct member *
750: new_member(char *name, int type)
751: {
752: struct member *m;
753: debug_decl(new_member, SUDO_DEBUG_PARSER)
754:
755: m = ecalloc(1, sizeof(struct member));
756: m->name = name;
757: m->type = type;
758: HLTQ_INIT(m, entries);
759:
760: debug_return_ptr(m);
761: }
762:
763: struct sudo_digest *
764: new_digest(int digest_type, const char *digest_str)
765: {
766: struct sudo_digest *dig;
767: debug_decl(new_digest, SUDO_DEBUG_PARSER)
768:
769: dig = emalloc(sizeof(*dig));
770: dig->digest_type = digest_type;
771: dig->digest_str = estrdup(digest_str);
772:
773: debug_return_ptr(dig);
774: }
775:
776: /*
777: * Add a list of defaults structures to the defaults list.
778: * The binding, if non-NULL, specifies a list of hosts, users, or
779: * runas users the entries apply to (specified by the type).
780: */
781: static void
782: add_defaults(int type, struct member *bmem, struct defaults *defs)
783: {
784: struct defaults *d;
785: struct member_list *binding;
786: debug_decl(add_defaults, SUDO_DEBUG_PARSER)
787:
788: if (defs != NULL) {
789: /*
790: * We use a single binding for each entry in defs.
791: */
792: binding = emalloc(sizeof(*binding));
793: if (bmem != NULL)
794: HLTQ_TO_TAILQ(binding, bmem, entries);
795: else
796: TAILQ_INIT(binding);
797:
798: /*
799: * Set type and binding (who it applies to) for new entries.
800: * Then add to the global defaults list.
801: */
802: HLTQ_FOREACH(d, defs, entries) {
803: d->type = type;
804: d->binding = binding;
805: }
806: TAILQ_CONCAT_HLTQ(&defaults, defs, entries);
807: }
808:
809: debug_return;
810: }
811:
812: /*
813: * Allocate a new struct userspec, populate it, and insert it at the
814: * end of the userspecs list.
815: */
816: static void
817: add_userspec(struct member *members, struct privilege *privs)
818: {
819: struct userspec *u;
820: debug_decl(add_userspec, SUDO_DEBUG_PARSER)
821:
822: u = ecalloc(1, sizeof(*u));
823: HLTQ_TO_TAILQ(&u->users, members, entries);
824: HLTQ_TO_TAILQ(&u->privileges, privs, entries);
825: TAILQ_INSERT_TAIL(&userspecs, u, entries);
826:
827: debug_return;
828: }
829:
830: /*
831: * Free up space used by data structures from a previous parser run and sets
832: * the current sudoers file to path.
833: */
834: void
835: init_parser(const char *path, bool quiet)
836: {
837: struct member_list *binding;
838: struct defaults *d, *d_next;
839: struct userspec *us, *us_next;
840: debug_decl(init_parser, SUDO_DEBUG_PARSER)
841:
842: TAILQ_FOREACH_SAFE(us, &userspecs, entries, us_next) {
843: struct member *m, *m_next;
844: struct privilege *priv, *priv_next;
845:
846: TAILQ_FOREACH_SAFE(m, &us->users, entries, m_next) {
847: efree(m->name);
848: efree(m);
849: }
850: TAILQ_FOREACH_SAFE(priv, &us->privileges, entries, priv_next) {
851: struct member_list *runasuserlist = NULL, *runasgrouplist = NULL;
852: struct cmndspec *cs, *cs_next;
853: #ifdef HAVE_SELINUX
854: char *role = NULL, *type = NULL;
855: #endif /* HAVE_SELINUX */
856: #ifdef HAVE_PRIV_SET
857: char *privs = NULL, *limitprivs = NULL;
858: #endif /* HAVE_PRIV_SET */
859:
860: TAILQ_FOREACH_SAFE(m, &priv->hostlist, entries, m_next) {
861: efree(m->name);
862: efree(m);
863: }
864: TAILQ_FOREACH_SAFE(cs, &priv->cmndlist, entries, cs_next) {
865: #ifdef HAVE_SELINUX
866: /* Only free the first instance of a role/type. */
867: if (cs->role != role) {
868: role = cs->role;
869: efree(cs->role);
870: }
871: if (cs->type != type) {
872: type = cs->type;
873: efree(cs->type);
874: }
875: #endif /* HAVE_SELINUX */
876: #ifdef HAVE_PRIV_SET
877: /* Only free the first instance of privs/limitprivs. */
878: if (cs->privs != privs) {
879: privs = cs->privs;
880: efree(cs->privs);
881: }
882: if (cs->limitprivs != limitprivs) {
883: limitprivs = cs->limitprivs;
884: efree(cs->limitprivs);
885: }
886: #endif /* HAVE_PRIV_SET */
887: /* Only free the first instance of runas user/group lists. */
888: if (cs->runasuserlist && cs->runasuserlist != runasuserlist) {
889: runasuserlist = cs->runasuserlist;
890: TAILQ_FOREACH_SAFE(m, runasuserlist, entries, m_next) {
891: efree(m->name);
892: efree(m);
893: }
894: efree(runasuserlist);
895: }
896: if (cs->runasgrouplist && cs->runasgrouplist != runasgrouplist) {
897: runasgrouplist = cs->runasgrouplist;
898: TAILQ_FOREACH_SAFE(m, runasgrouplist, entries, m_next) {
899: efree(m->name);
900: efree(m);
901: }
902: efree(runasgrouplist);
903: }
904: if (cs->cmnd->type == COMMAND) {
905: struct sudo_command *c =
906: (struct sudo_command *) cs->cmnd->name;
907: efree(c->cmnd);
908: efree(c->args);
909: }
910: efree(cs->cmnd->name);
911: efree(cs->cmnd);
912: efree(cs);
913: }
914: efree(priv);
915: }
916: efree(us);
917: }
918: TAILQ_INIT(&userspecs);
919:
920: binding = NULL;
921: TAILQ_FOREACH_SAFE(d, &defaults, entries, d_next) {
922: if (d->binding != binding) {
923: struct member *m, *m_next;
924:
925: binding = d->binding;
926: TAILQ_FOREACH_SAFE(m, d->binding, entries, m_next) {
927: if (m->type == COMMAND) {
928: struct sudo_command *c =
929: (struct sudo_command *) m->name;
930: efree(c->cmnd);
931: efree(c->args);
932: }
933: efree(m->name);
934: efree(m);
935: }
936: efree(d->binding);
937: }
938: efree(d->var);
939: efree(d->val);
940: efree(d);
941: }
942: TAILQ_INIT(&defaults);
943:
944: init_aliases();
945:
946: init_lexer();
947:
948: efree(sudoers);
949: sudoers = path ? estrdup(path) : NULL;
950:
951: parse_error = false;
952: errorlineno = -1;
953: errorfile = sudoers;
954: sudoers_warnings = !quiet;
955:
956: debug_return;
957: }
958: #line 906 "gram.c"
959: /* allocate initial stack or double stack size, up to YYMAXDEPTH */
960: #if defined(__cplusplus) || defined(__STDC__)
961: static int yygrowstack(void)
962: #else
963: static int yygrowstack()
964: #endif
965: {
966: unsigned int newsize;
967: long sslen;
968: short *newss;
969: YYSTYPE *newvs;
970:
971: if ((newsize = yystacksize) == 0)
972: newsize = YYINITSTACKSIZE;
973: else if (newsize >= YYMAXDEPTH)
974: return -1;
975: else if ((newsize *= 2) > YYMAXDEPTH)
976: newsize = YYMAXDEPTH;
977: #ifdef SIZE_MAX
978: #define YY_SIZE_MAX SIZE_MAX
979: #else
980: #ifdef __STDC__
981: #define YY_SIZE_MAX 0xffffffffU
982: #else
983: #define YY_SIZE_MAX (unsigned int)0xffffffff
984: #endif
985: #endif
986: if (YY_SIZE_MAX / newsize < sizeof *newss)
987: goto bail;
988: sslen = yyssp - yyss;
989: newss = yyss ? (short *)realloc(yyss, newsize * sizeof *newss) :
990: (short *)malloc(newsize * sizeof *newss); /* overflow check above */
991: if (newss == NULL)
992: goto bail;
993: yyss = newss;
994: yyssp = newss + sslen;
995: newvs = yyvs ? (YYSTYPE *)realloc(yyvs, newsize * sizeof *newvs) :
996: (YYSTYPE *)malloc(newsize * sizeof *newvs); /* overflow check above */
997: if (newvs == NULL)
998: goto bail;
999: yyvs = newvs;
1000: yyvsp = newvs + sslen;
1001: yystacksize = newsize;
1002: yysslim = yyss + newsize - 1;
1003: return 0;
1004: bail:
1005: if (yyss)
1006: free(yyss);
1007: if (yyvs)
1008: free(yyvs);
1009: yyss = yyssp = NULL;
1010: yyvs = yyvsp = NULL;
1011: yystacksize = 0;
1012: return -1;
1013: }
1014:
1015: #define YYABORT goto yyabort
1016: #define YYREJECT goto yyabort
1017: #define YYACCEPT goto yyaccept
1018: #define YYERROR goto yyerrlab
1019: int
1020: #if defined(__cplusplus) || defined(__STDC__)
1021: yyparse(void)
1022: #else
1023: yyparse()
1024: #endif
1025: {
1026: int yym, yyn, yystate;
1027: #if YYDEBUG
1028: #if defined(__cplusplus) || defined(__STDC__)
1029: const char *yys;
1030: #else /* !(defined(__cplusplus) || defined(__STDC__)) */
1031: char *yys;
1032: #endif /* !(defined(__cplusplus) || defined(__STDC__)) */
1033:
1034: if ((yys = getenv("YYDEBUG")))
1035: {
1036: yyn = *yys;
1037: if (yyn >= '0' && yyn <= '9')
1038: yydebug = yyn - '0';
1039: }
1040: #endif /* YYDEBUG */
1041:
1042: yynerrs = 0;
1043: yyerrflag = 0;
1044: yychar = (-1);
1045:
1046: if (yyss == NULL && yygrowstack()) goto yyoverflow;
1047: yyssp = yyss;
1048: yyvsp = yyvs;
1049: *yyssp = yystate = 0;
1050:
1051: yyloop:
1052: if ((yyn = yydefred[yystate]) != 0) goto yyreduce;
1053: if (yychar < 0)
1054: {
1055: if ((yychar = yylex()) < 0) yychar = 0;
1056: #if YYDEBUG
1057: if (yydebug)
1058: {
1059: yys = 0;
1060: if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
1061: if (!yys) yys = "illegal-symbol";
1062: printf("%sdebug: state %d, reading %d (%s)\n",
1063: YYPREFIX, yystate, yychar, yys);
1064: }
1065: #endif
1066: }
1067: if ((yyn = yysindex[yystate]) && (yyn += yychar) >= 0 &&
1068: yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
1069: {
1070: #if YYDEBUG
1071: if (yydebug)
1072: printf("%sdebug: state %d, shifting to state %d\n",
1073: YYPREFIX, yystate, yytable[yyn]);
1074: #endif
1075: if (yyssp >= yysslim && yygrowstack())
1076: {
1077: goto yyoverflow;
1078: }
1079: *++yyssp = yystate = yytable[yyn];
1080: *++yyvsp = yylval;
1081: yychar = (-1);
1082: if (yyerrflag > 0) --yyerrflag;
1083: goto yyloop;
1084: }
1085: if ((yyn = yyrindex[yystate]) && (yyn += yychar) >= 0 &&
1086: yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
1087: {
1088: yyn = yytable[yyn];
1089: goto yyreduce;
1090: }
1091: if (yyerrflag) goto yyinrecovery;
1092: #if defined(lint) || defined(__GNUC__)
1093: goto yynewerror;
1094: #endif
1095: yynewerror:
1096: yyerror("syntax error");
1097: #if defined(lint) || defined(__GNUC__)
1098: goto yyerrlab;
1099: #endif
1100: yyerrlab:
1101: ++yynerrs;
1102: yyinrecovery:
1103: if (yyerrflag < 3)
1104: {
1105: yyerrflag = 3;
1106: for (;;)
1107: {
1108: if ((yyn = yysindex[*yyssp]) && (yyn += YYERRCODE) >= 0 &&
1109: yyn <= YYTABLESIZE && yycheck[yyn] == YYERRCODE)
1110: {
1111: #if YYDEBUG
1112: if (yydebug)
1113: printf("%sdebug: state %d, error recovery shifting\
1114: to state %d\n", YYPREFIX, *yyssp, yytable[yyn]);
1115: #endif
1116: if (yyssp >= yysslim && yygrowstack())
1117: {
1118: goto yyoverflow;
1119: }
1120: *++yyssp = yystate = yytable[yyn];
1121: *++yyvsp = yylval;
1122: goto yyloop;
1123: }
1124: else
1125: {
1126: #if YYDEBUG
1127: if (yydebug)
1128: printf("%sdebug: error recovery discarding state %d\n",
1129: YYPREFIX, *yyssp);
1130: #endif
1131: if (yyssp <= yyss) goto yyabort;
1132: --yyssp;
1133: --yyvsp;
1134: }
1135: }
1136: }
1137: else
1138: {
1139: if (yychar == 0) goto yyabort;
1140: #if YYDEBUG
1141: if (yydebug)
1142: {
1143: yys = 0;
1144: if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
1145: if (!yys) yys = "illegal-symbol";
1146: printf("%sdebug: state %d, error recovery discards token %d (%s)\n",
1147: YYPREFIX, yystate, yychar, yys);
1148: }
1149: #endif
1150: yychar = (-1);
1151: goto yyloop;
1152: }
1153: yyreduce:
1154: #if YYDEBUG
1155: if (yydebug)
1156: printf("%sdebug: state %d, reducing by rule %d (%s)\n",
1157: YYPREFIX, yystate, yyn, yyrule[yyn]);
1158: #endif
1159: yym = yylen[yyn];
1160: if (yym)
1161: yyval = yyvsp[1-yym];
1162: else
1163: memset(&yyval, 0, sizeof yyval);
1164: switch (yyn)
1165: {
1166: case 1:
1167: #line 182 "gram.y"
1168: { ; }
1169: break;
1170: case 5:
1171: #line 190 "gram.y"
1172: {
1173: ;
1174: }
1175: break;
1176: case 6:
1177: #line 193 "gram.y"
1178: {
1179: yyerrok;
1180: }
1181: break;
1182: case 7:
1183: #line 196 "gram.y"
1184: {
1185: add_userspec(yyvsp[-1].member, yyvsp[0].privilege);
1186: }
1187: break;
1188: case 8:
1189: #line 199 "gram.y"
1190: {
1191: ;
1192: }
1193: break;
1194: case 9:
1195: #line 202 "gram.y"
1196: {
1197: ;
1198: }
1199: break;
1200: case 10:
1201: #line 205 "gram.y"
1202: {
1203: ;
1204: }
1205: break;
1206: case 11:
1207: #line 208 "gram.y"
1208: {
1209: ;
1210: }
1211: break;
1212: case 12:
1213: #line 211 "gram.y"
1214: {
1215: add_defaults(DEFAULTS, NULL, yyvsp[0].defaults);
1216: }
1217: break;
1218: case 13:
1219: #line 214 "gram.y"
1220: {
1221: add_defaults(DEFAULTS_USER, yyvsp[-1].member, yyvsp[0].defaults);
1222: }
1223: break;
1224: case 14:
1225: #line 217 "gram.y"
1226: {
1227: add_defaults(DEFAULTS_RUNAS, yyvsp[-1].member, yyvsp[0].defaults);
1228: }
1229: break;
1230: case 15:
1231: #line 220 "gram.y"
1232: {
1233: add_defaults(DEFAULTS_HOST, yyvsp[-1].member, yyvsp[0].defaults);
1234: }
1235: break;
1236: case 16:
1237: #line 223 "gram.y"
1238: {
1239: add_defaults(DEFAULTS_CMND, yyvsp[-1].member, yyvsp[0].defaults);
1240: }
1241: break;
1242: case 18:
1243: #line 229 "gram.y"
1244: {
1245: HLTQ_CONCAT(yyvsp[-2].defaults, yyvsp[0].defaults, entries);
1246: yyval.defaults = yyvsp[-2].defaults;
1247: }
1248: break;
1249: case 19:
1250: #line 235 "gram.y"
1251: {
1252: yyval.defaults = new_default(yyvsp[0].string, NULL, true);
1253: }
1254: break;
1255: case 20:
1256: #line 238 "gram.y"
1257: {
1258: yyval.defaults = new_default(yyvsp[0].string, NULL, false);
1259: }
1260: break;
1261: case 21:
1262: #line 241 "gram.y"
1263: {
1264: yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, true);
1265: }
1266: break;
1267: case 22:
1268: #line 244 "gram.y"
1269: {
1270: yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '+');
1271: }
1272: break;
1273: case 23:
1274: #line 247 "gram.y"
1275: {
1276: yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '-');
1277: }
1278: break;
1279: case 25:
1280: #line 253 "gram.y"
1281: {
1282: HLTQ_CONCAT(yyvsp[-2].privilege, yyvsp[0].privilege, entries);
1283: yyval.privilege = yyvsp[-2].privilege;
1284: }
1285: break;
1286: case 26:
1287: #line 259 "gram.y"
1288: {
1289: struct privilege *p = ecalloc(1, sizeof(*p));
1290: HLTQ_TO_TAILQ(&p->hostlist, yyvsp[-2].member, entries);
1291: HLTQ_TO_TAILQ(&p->cmndlist, yyvsp[0].cmndspec, entries);
1292: HLTQ_INIT(p, entries);
1293: yyval.privilege = p;
1294: }
1295: break;
1296: case 27:
1297: #line 268 "gram.y"
1298: {
1299: yyval.member = yyvsp[0].member;
1300: yyval.member->negated = false;
1301: }
1302: break;
1303: case 28:
1304: #line 272 "gram.y"
1305: {
1306: yyval.member = yyvsp[0].member;
1307: yyval.member->negated = true;
1308: }
1309: break;
1310: case 29:
1311: #line 278 "gram.y"
1312: {
1313: yyval.member = new_member(yyvsp[0].string, ALIAS);
1314: }
1315: break;
1316: case 30:
1317: #line 281 "gram.y"
1318: {
1319: yyval.member = new_member(NULL, ALL);
1320: }
1321: break;
1322: case 31:
1323: #line 284 "gram.y"
1324: {
1325: yyval.member = new_member(yyvsp[0].string, NETGROUP);
1326: }
1327: break;
1328: case 32:
1329: #line 287 "gram.y"
1330: {
1331: yyval.member = new_member(yyvsp[0].string, NTWKADDR);
1332: }
1333: break;
1334: case 33:
1335: #line 290 "gram.y"
1336: {
1337: yyval.member = new_member(yyvsp[0].string, WORD);
1338: }
1339: break;
1340: case 35:
1341: #line 296 "gram.y"
1342: {
1343: struct cmndspec *prev;
1344: prev = HLTQ_LAST(yyvsp[-2].cmndspec, cmndspec, entries);
1345: HLTQ_CONCAT(yyvsp[-2].cmndspec, yyvsp[0].cmndspec, entries);
1346: #ifdef HAVE_SELINUX
1347: /* propagate role and type */
1348: if (yyvsp[0].cmndspec->role == NULL)
1349: yyvsp[0].cmndspec->role = prev->role;
1350: if (yyvsp[0].cmndspec->type == NULL)
1351: yyvsp[0].cmndspec->type = prev->type;
1352: #endif /* HAVE_SELINUX */
1353: #ifdef HAVE_PRIV_SET
1354: /* propagate privs & limitprivs */
1355: if (yyvsp[0].cmndspec->privs == NULL)
1356: yyvsp[0].cmndspec->privs = prev->privs;
1357: if (yyvsp[0].cmndspec->limitprivs == NULL)
1358: yyvsp[0].cmndspec->limitprivs = prev->limitprivs;
1359: #endif /* HAVE_PRIV_SET */
1360: /* propagate tags and runas list */
1361: if (yyvsp[0].cmndspec->tags.nopasswd == UNSPEC)
1362: yyvsp[0].cmndspec->tags.nopasswd = prev->tags.nopasswd;
1363: if (yyvsp[0].cmndspec->tags.noexec == UNSPEC)
1364: yyvsp[0].cmndspec->tags.noexec = prev->tags.noexec;
1365: if (yyvsp[0].cmndspec->tags.setenv == UNSPEC &&
1366: prev->tags.setenv != IMPLIED)
1367: yyvsp[0].cmndspec->tags.setenv = prev->tags.setenv;
1368: if (yyvsp[0].cmndspec->tags.log_input == UNSPEC)
1369: yyvsp[0].cmndspec->tags.log_input = prev->tags.log_input;
1370: if (yyvsp[0].cmndspec->tags.log_output == UNSPEC)
1371: yyvsp[0].cmndspec->tags.log_output = prev->tags.log_output;
1372: if ((yyvsp[0].cmndspec->runasuserlist == NULL &&
1373: yyvsp[0].cmndspec->runasgrouplist == NULL) &&
1374: (prev->runasuserlist != NULL ||
1375: prev->runasgrouplist != NULL)) {
1376: yyvsp[0].cmndspec->runasuserlist = prev->runasuserlist;
1377: yyvsp[0].cmndspec->runasgrouplist = prev->runasgrouplist;
1378: }
1379: yyval.cmndspec = yyvsp[-2].cmndspec;
1380: }
1381: break;
1382: case 36:
1383: #line 337 "gram.y"
1384: {
1385: struct cmndspec *cs = ecalloc(1, sizeof(*cs));
1386: if (yyvsp[-4].runas != NULL) {
1387: if (yyvsp[-4].runas->runasusers != NULL) {
1388: cs->runasuserlist =
1389: emalloc(sizeof(*cs->runasuserlist));
1390: HLTQ_TO_TAILQ(cs->runasuserlist,
1391: yyvsp[-4].runas->runasusers, entries);
1392: }
1393: if (yyvsp[-4].runas->runasgroups != NULL) {
1394: cs->runasgrouplist =
1395: emalloc(sizeof(*cs->runasgrouplist));
1396: HLTQ_TO_TAILQ(cs->runasgrouplist,
1397: yyvsp[-4].runas->runasgroups, entries);
1398: }
1399: efree(yyvsp[-4].runas);
1400: }
1401: #ifdef HAVE_SELINUX
1402: cs->role = yyvsp[-3].seinfo.role;
1403: cs->type = yyvsp[-3].seinfo.type;
1404: #endif
1405: #ifdef HAVE_PRIV_SET
1406: cs->privs = yyvsp[-2].privinfo.privs;
1407: cs->limitprivs = yyvsp[-2].privinfo.limitprivs;
1408: #endif
1409: cs->tags = yyvsp[-1].tag;
1410: cs->cmnd = yyvsp[0].member;
1411: HLTQ_INIT(cs, entries);
1412: /* sudo "ALL" implies the SETENV tag */
1413: if (cs->cmnd->type == ALL && !cs->cmnd->negated &&
1414: cs->tags.setenv == UNSPEC)
1415: cs->tags.setenv = IMPLIED;
1416: yyval.cmndspec = cs;
1417: }
1418: break;
1419: case 37:
1420: #line 373 "gram.y"
1421: {
1422: yyval.digest = new_digest(SUDO_DIGEST_SHA224, yyvsp[0].string);
1423: }
1424: break;
1425: case 38:
1426: #line 376 "gram.y"
1427: {
1428: yyval.digest = new_digest(SUDO_DIGEST_SHA256, yyvsp[0].string);
1429: }
1430: break;
1431: case 39:
1432: #line 379 "gram.y"
1433: {
1434: yyval.digest = new_digest(SUDO_DIGEST_SHA384, yyvsp[0].string);
1435: }
1436: break;
1437: case 40:
1438: #line 382 "gram.y"
1439: {
1440: yyval.digest = new_digest(SUDO_DIGEST_SHA512, yyvsp[0].string);
1441: }
1442: break;
1443: case 41:
1444: #line 387 "gram.y"
1445: {
1446: yyval.member = yyvsp[0].member;
1447: }
1448: break;
1449: case 42:
1450: #line 390 "gram.y"
1451: {
1452: /* XXX - yuck */
1453: struct sudo_command *c = (struct sudo_command *)(yyvsp[0].member->name);
1454: c->digest = yyvsp[-1].digest;
1455: yyval.member = yyvsp[0].member;
1456: }
1457: break;
1458: case 43:
1459: #line 398 "gram.y"
1460: {
1461: yyval.member = yyvsp[0].member;
1462: yyval.member->negated = false;
1463: }
1464: break;
1465: case 44:
1466: #line 402 "gram.y"
1467: {
1468: yyval.member = yyvsp[0].member;
1469: yyval.member->negated = true;
1470: }
1471: break;
1472: case 45:
1473: #line 408 "gram.y"
1474: {
1475: yyval.string = yyvsp[0].string;
1476: }
1477: break;
1478: case 46:
1479: #line 413 "gram.y"
1480: {
1481: yyval.string = yyvsp[0].string;
1482: }
1483: break;
1484: case 47:
1485: #line 418 "gram.y"
1486: {
1487: yyval.seinfo.role = NULL;
1488: yyval.seinfo.type = NULL;
1489: }
1490: break;
1491: case 48:
1492: #line 422 "gram.y"
1493: {
1494: yyval.seinfo.role = yyvsp[0].string;
1495: yyval.seinfo.type = NULL;
1496: }
1497: break;
1498: case 49:
1499: #line 426 "gram.y"
1500: {
1501: yyval.seinfo.type = yyvsp[0].string;
1502: yyval.seinfo.role = NULL;
1503: }
1504: break;
1505: case 50:
1506: #line 430 "gram.y"
1507: {
1508: yyval.seinfo.role = yyvsp[-1].string;
1509: yyval.seinfo.type = yyvsp[0].string;
1510: }
1511: break;
1512: case 51:
1513: #line 434 "gram.y"
1514: {
1515: yyval.seinfo.type = yyvsp[-1].string;
1516: yyval.seinfo.role = yyvsp[0].string;
1517: }
1518: break;
1519: case 52:
1520: #line 440 "gram.y"
1521: {
1522: yyval.string = yyvsp[0].string;
1523: }
1524: break;
1525: case 53:
1526: #line 444 "gram.y"
1527: {
1528: yyval.string = yyvsp[0].string;
1529: }
1530: break;
1531: case 54:
1532: #line 449 "gram.y"
1533: {
1534: yyval.privinfo.privs = NULL;
1535: yyval.privinfo.limitprivs = NULL;
1536: }
1537: break;
1538: case 55:
1539: #line 453 "gram.y"
1540: {
1541: yyval.privinfo.privs = yyvsp[0].string;
1542: yyval.privinfo.limitprivs = NULL;
1543: }
1544: break;
1545: case 56:
1546: #line 457 "gram.y"
1547: {
1548: yyval.privinfo.privs = NULL;
1549: yyval.privinfo.limitprivs = yyvsp[0].string;
1550: }
1551: break;
1552: case 57:
1553: #line 461 "gram.y"
1554: {
1555: yyval.privinfo.privs = yyvsp[-1].string;
1556: yyval.privinfo.limitprivs = yyvsp[0].string;
1557: }
1558: break;
1559: case 58:
1560: #line 465 "gram.y"
1561: {
1562: yyval.privinfo.limitprivs = yyvsp[-1].string;
1563: yyval.privinfo.privs = yyvsp[0].string;
1564: }
1565: break;
1566: case 59:
1567: #line 471 "gram.y"
1568: {
1569: yyval.runas = NULL;
1570: }
1571: break;
1572: case 60:
1573: #line 474 "gram.y"
1574: {
1575: yyval.runas = yyvsp[-1].runas;
1576: }
1577: break;
1578: case 61:
1579: #line 479 "gram.y"
1580: {
1581: yyval.runas = ecalloc(1, sizeof(struct runascontainer));
1582: yyval.runas->runasusers = new_member(NULL, MYSELF);
1583: /* $$->runasgroups = NULL; */
1584: }
1585: break;
1586: case 62:
1587: #line 484 "gram.y"
1588: {
1589: yyval.runas = ecalloc(1, sizeof(struct runascontainer));
1590: yyval.runas->runasusers = yyvsp[0].member;
1591: /* $$->runasgroups = NULL; */
1592: }
1593: break;
1594: case 63:
1595: #line 489 "gram.y"
1596: {
1597: yyval.runas = ecalloc(1, sizeof(struct runascontainer));
1598: yyval.runas->runasusers = yyvsp[-2].member;
1599: yyval.runas->runasgroups = yyvsp[0].member;
1600: }
1601: break;
1602: case 64:
1603: #line 494 "gram.y"
1604: {
1605: yyval.runas = ecalloc(1, sizeof(struct runascontainer));
1606: /* $$->runasusers = NULL; */
1607: yyval.runas->runasgroups = yyvsp[0].member;
1608: }
1609: break;
1610: case 65:
1611: #line 499 "gram.y"
1612: {
1613: yyval.runas = ecalloc(1, sizeof(struct runascontainer));
1614: yyval.runas->runasusers = new_member(NULL, MYSELF);
1615: /* $$->runasgroups = NULL; */
1616: }
1617: break;
1618: case 66:
1619: #line 506 "gram.y"
1620: {
1621: yyval.tag.nopasswd = yyval.tag.noexec = yyval.tag.setenv =
1622: yyval.tag.log_input = yyval.tag.log_output = UNSPEC;
1623: }
1624: break;
1625: case 67:
1626: #line 510 "gram.y"
1627: {
1628: yyval.tag.nopasswd = true;
1629: }
1630: break;
1631: case 68:
1632: #line 513 "gram.y"
1633: {
1634: yyval.tag.nopasswd = false;
1635: }
1636: break;
1637: case 69:
1638: #line 516 "gram.y"
1639: {
1640: yyval.tag.noexec = true;
1641: }
1642: break;
1643: case 70:
1644: #line 519 "gram.y"
1645: {
1646: yyval.tag.noexec = false;
1647: }
1648: break;
1649: case 71:
1650: #line 522 "gram.y"
1651: {
1652: yyval.tag.setenv = true;
1653: }
1654: break;
1655: case 72:
1656: #line 525 "gram.y"
1657: {
1658: yyval.tag.setenv = false;
1659: }
1660: break;
1661: case 73:
1662: #line 528 "gram.y"
1663: {
1664: yyval.tag.log_input = true;
1665: }
1666: break;
1667: case 74:
1668: #line 531 "gram.y"
1669: {
1670: yyval.tag.log_input = false;
1671: }
1672: break;
1673: case 75:
1674: #line 534 "gram.y"
1675: {
1676: yyval.tag.log_output = true;
1677: }
1678: break;
1679: case 76:
1680: #line 537 "gram.y"
1681: {
1682: yyval.tag.log_output = false;
1683: }
1684: break;
1685: case 77:
1686: #line 542 "gram.y"
1687: {
1688: yyval.member = new_member(NULL, ALL);
1689: }
1690: break;
1691: case 78:
1692: #line 545 "gram.y"
1693: {
1694: yyval.member = new_member(yyvsp[0].string, ALIAS);
1695: }
1696: break;
1697: case 79:
1698: #line 548 "gram.y"
1699: {
1700: struct sudo_command *c = ecalloc(1, sizeof(*c));
1701: c->cmnd = yyvsp[0].command.cmnd;
1702: c->args = yyvsp[0].command.args;
1703: yyval.member = new_member((char *)c, COMMAND);
1704: }
1705: break;
1706: case 82:
1707: #line 560 "gram.y"
1708: {
1709: char *s;
1710: if ((s = alias_add(yyvsp[-2].string, HOSTALIAS, yyvsp[0].member)) != NULL) {
1711: sudoerserror(s);
1712: YYERROR;
1713: }
1714: }
1715: break;
1716: case 84:
1717: #line 570 "gram.y"
1718: {
1719: HLTQ_CONCAT(yyvsp[-2].member, yyvsp[0].member, entries);
1720: yyval.member = yyvsp[-2].member;
1721: }
1722: break;
1723: case 87:
1724: #line 580 "gram.y"
1725: {
1726: char *s;
1727: if ((s = alias_add(yyvsp[-2].string, CMNDALIAS, yyvsp[0].member)) != NULL) {
1728: sudoerserror(s);
1729: YYERROR;
1730: }
1731: }
1732: break;
1733: case 89:
1734: #line 590 "gram.y"
1735: {
1736: HLTQ_CONCAT(yyvsp[-2].member, yyvsp[0].member, entries);
1737: yyval.member = yyvsp[-2].member;
1738: }
1739: break;
1740: case 92:
1741: #line 600 "gram.y"
1742: {
1743: char *s;
1744: if ((s = alias_add(yyvsp[-2].string, RUNASALIAS, yyvsp[0].member)) != NULL) {
1745: sudoerserror(s);
1746: YYERROR;
1747: }
1748: }
1749: break;
1750: case 95:
1751: #line 613 "gram.y"
1752: {
1753: char *s;
1754: if ((s = alias_add(yyvsp[-2].string, USERALIAS, yyvsp[0].member)) != NULL) {
1755: sudoerserror(s);
1756: YYERROR;
1757: }
1758: }
1759: break;
1760: case 97:
1761: #line 623 "gram.y"
1762: {
1763: HLTQ_CONCAT(yyvsp[-2].member, yyvsp[0].member, entries);
1764: yyval.member = yyvsp[-2].member;
1765: }
1766: break;
1767: case 98:
1768: #line 629 "gram.y"
1769: {
1770: yyval.member = yyvsp[0].member;
1771: yyval.member->negated = false;
1772: }
1773: break;
1774: case 99:
1775: #line 633 "gram.y"
1776: {
1777: yyval.member = yyvsp[0].member;
1778: yyval.member->negated = true;
1779: }
1780: break;
1781: case 100:
1782: #line 639 "gram.y"
1783: {
1784: yyval.member = new_member(yyvsp[0].string, ALIAS);
1785: }
1786: break;
1787: case 101:
1788: #line 642 "gram.y"
1789: {
1790: yyval.member = new_member(NULL, ALL);
1791: }
1792: break;
1793: case 102:
1794: #line 645 "gram.y"
1795: {
1796: yyval.member = new_member(yyvsp[0].string, NETGROUP);
1797: }
1798: break;
1799: case 103:
1800: #line 648 "gram.y"
1801: {
1802: yyval.member = new_member(yyvsp[0].string, USERGROUP);
1803: }
1804: break;
1805: case 104:
1806: #line 651 "gram.y"
1807: {
1808: yyval.member = new_member(yyvsp[0].string, WORD);
1809: }
1810: break;
1811: case 106:
1812: #line 657 "gram.y"
1813: {
1814: HLTQ_CONCAT(yyvsp[-2].member, yyvsp[0].member, entries);
1815: yyval.member = yyvsp[-2].member;
1816: }
1817: break;
1818: case 107:
1819: #line 663 "gram.y"
1820: {
1821: yyval.member = yyvsp[0].member;
1822: yyval.member->negated = false;
1823: }
1824: break;
1825: case 108:
1826: #line 667 "gram.y"
1827: {
1828: yyval.member = yyvsp[0].member;
1829: yyval.member->negated = true;
1830: }
1831: break;
1832: case 109:
1833: #line 673 "gram.y"
1834: {
1835: yyval.member = new_member(yyvsp[0].string, ALIAS);
1836: }
1837: break;
1838: case 110:
1839: #line 676 "gram.y"
1840: {
1841: yyval.member = new_member(NULL, ALL);
1842: }
1843: break;
1844: case 111:
1845: #line 679 "gram.y"
1846: {
1847: yyval.member = new_member(yyvsp[0].string, WORD);
1848: }
1849: break;
1850: #line 1798 "gram.c"
1851: }
1852: yyssp -= yym;
1853: yystate = *yyssp;
1854: yyvsp -= yym;
1855: yym = yylhs[yyn];
1856: if (yystate == 0 && yym == 0)
1857: {
1858: #if YYDEBUG
1859: if (yydebug)
1860: printf("%sdebug: after reduction, shifting from state 0 to\
1861: state %d\n", YYPREFIX, YYFINAL);
1862: #endif
1863: yystate = YYFINAL;
1864: *++yyssp = YYFINAL;
1865: *++yyvsp = yyval;
1866: if (yychar < 0)
1867: {
1868: if ((yychar = yylex()) < 0) yychar = 0;
1869: #if YYDEBUG
1870: if (yydebug)
1871: {
1872: yys = 0;
1873: if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
1874: if (!yys) yys = "illegal-symbol";
1875: printf("%sdebug: state %d, reading %d (%s)\n",
1876: YYPREFIX, YYFINAL, yychar, yys);
1877: }
1878: #endif
1879: }
1880: if (yychar == 0) goto yyaccept;
1881: goto yyloop;
1882: }
1883: if ((yyn = yygindex[yym]) && (yyn += yystate) >= 0 &&
1884: yyn <= YYTABLESIZE && yycheck[yyn] == yystate)
1885: yystate = yytable[yyn];
1886: else
1887: yystate = yydgoto[yym];
1888: #if YYDEBUG
1889: if (yydebug)
1890: printf("%sdebug: after reduction, shifting from state %d \
1891: to state %d\n", YYPREFIX, *yyssp, yystate);
1892: #endif
1893: if (yyssp >= yysslim && yygrowstack())
1894: {
1895: goto yyoverflow;
1896: }
1897: *++yyssp = yystate;
1898: *++yyvsp = yyval;
1899: goto yyloop;
1900: yyoverflow:
1901: yyerror("yacc stack overflow");
1902: yyabort:
1903: if (yyss)
1904: free(yyss);
1905: if (yyvs)
1906: free(yyvs);
1907: yyss = yyssp = NULL;
1908: yyvs = yyvsp = NULL;
1909: yystacksize = 0;
1910: return (1);
1911: yyaccept:
1912: if (yyss)
1913: free(yyss);
1914: if (yyvs)
1915: free(yyvs);
1916: yyss = yyssp = NULL;
1917: yyvs = yyvsp = NULL;
1918: yystacksize = 0;
1919: return (0);
1920: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to gram.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sudoers