embedaddon/sudo/plugins/sudoers/policy.c - diff

Return to policy.c CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sudoers

Diff for /embedaddon/sudo/plugins/sudoers/policy.c between versions 1.1.1.2 and 1.1.1.3

version 1.1.1.2, 2013/10/14 07:56:35	version 1.1.1.3, 2014/06/15 16:12:54
Line 91 sudoers_policy_deserialize_info(void v, char *runas_	Line 91 sudoers_policy_deserialize_info(void v, char *runas_
const char *debug_flags = NULL;	const char *debug_flags = NULL;
const char *remhost = NULL;	const char *remhost = NULL;
int flags = 0;	int flags = 0;
long lval;
char *ep;
debug_decl(sudoers_policy_deserialize_info, SUDO_DEBUG_PLUGIN)	debug_decl(sudoers_policy_deserialize_info, SUDO_DEBUG_PLUGIN)

#define MATCHES(s, v) (strncmp(s, v, sizeof(v) - 1) == 0)	#define MATCHES(s, v) (strncmp(s, v, sizeof(v) - 1) == 0)
Line 108 sudoers_policy_deserialize_info(void v, char *runas_	Line 106 sudoers_policy_deserialize_info(void v, char *runas_
p = *cur + sizeof("sudoers_uid=") - 1;	p = *cur + sizeof("sudoers_uid=") - 1;
sudoers_uid = (uid_t) atoid(p, NULL, NULL, &errstr);	sudoers_uid = (uid_t) atoid(p, NULL, NULL, &errstr);
if (errstr != NULL)	if (errstr != NULL)
fatalx(_("%s: %s"), *cur, _(errstr));	fatalx(U_("%s: %s"), *cur, U_(errstr));
continue;	continue;
}	}
if (MATCHES(*cur, "sudoers_gid=")) {	if (MATCHES(*cur, "sudoers_gid=")) {
p = *cur + sizeof("sudoers_gid=") - 1;	p = *cur + sizeof("sudoers_gid=") - 1;
sudoers_gid = (gid_t) atoid(p, NULL, NULL, &errstr);	sudoers_gid = (gid_t) atoid(p, NULL, NULL, &errstr);
if (errstr != NULL)	if (errstr != NULL)
fatalx(_("%s: %s"), *cur, _(errstr));	fatalx(U_("%s: %s"), *cur, U_(errstr));
continue;	continue;
}	}
if (MATCHES(*cur, "sudoers_mode=")) {	if (MATCHES(*cur, "sudoers_mode=")) {
errno = 0;
p = *cur + sizeof("sudoers_mode=") - 1;	p = *cur + sizeof("sudoers_mode=") - 1;
lval = strtol(p, &ep, 8);	sudoers_mode = atomode(p, &errstr);
if (p == '\0' \|\| ep != '\0')	if (errstr != NULL)
fatalx(_("%s: %s"), *cur, _("invalid value"));	fatalx(U_("%s: %s"), *cur, U_(errstr));
if ((errno == ERANGE && (lval == LONG_MAX \|\| lval == LONG_MIN))
\|\| (lval > 0777 \|\| lval < 0))
fatalx(_("%s: %s"), *cur, _("value out of range"));
sudoers_mode = (mode_t) lval;
continue;	continue;
}	}
if (MATCHES(*cur, "ldap_conf=")) {	if (MATCHES(*cur, "ldap_conf=")) {
Line 147 sudoers_policy_deserialize_info(void v, char *runas_	Line 140 sudoers_policy_deserialize_info(void v, char *runas_
if (MATCHES(*cur, "closefrom=")) {	if (MATCHES(*cur, "closefrom=")) {
errno = 0;	errno = 0;
p = *cur + sizeof("closefrom=") - 1;	p = *cur + sizeof("closefrom=") - 1;
lval = strtol(p, &ep, 10);	user_closefrom = strtonum(p, 4, INT_MAX, &errstr);
if (p == '\0' \|\| ep != '\0')	if (user_closefrom == 0)
fatalx(_("%s: %s"), *cur, _("invalid value"));	fatalx(U_("%s: %s"), *cur, U_(errstr));
if ((errno == ERANGE && (lval == LONG_MAX \|\| lval == LONG_MIN))
\|\| (lval > INT_MAX \|\| lval < 3))
fatalx(_("%s: %s"), *cur, _("value out of range"));
user_closefrom = (int) lval;
continue;	continue;
}	}
if (MATCHES(*cur, "debug_flags=")) {	if (MATCHES(*cur, "debug_flags=")) {
Line 253 sudoers_policy_deserialize_info(void v, char *runas_	Line 242 sudoers_policy_deserialize_info(void v, char *runas_
continue;	continue;
}	}
#endif /* HAVE_BSD_AUTH_H */	#endif /* HAVE_BSD_AUTH_H */
#if !defined(HAVE_GETPROGNAME) && !defined(HAVE___PROGNAME)
if (MATCHES(*cur, "progname=")) {	if (MATCHES(*cur, "progname=")) {
setprogname(*cur + sizeof("progname=") - 1);	initprogname(*cur + sizeof("progname=") - 1);
continue;	continue;
}	}
#endif
if (MATCHES(*cur, "network_addrs=")) {	if (MATCHES(*cur, "network_addrs=")) {
interfaces_string = *cur + sizeof("network_addrs=") - 1;	interfaces_string = *cur + sizeof("network_addrs=") - 1;
set_interfaces(interfaces_string);	set_interfaces(interfaces_string);
Line 267 sudoers_policy_deserialize_info(void v, char *runas_	Line 254 sudoers_policy_deserialize_info(void v, char *runas_
if (MATCHES(*cur, "max_groups=")) {	if (MATCHES(*cur, "max_groups=")) {
errno = 0;	errno = 0;
p = *cur + sizeof("max_groups=") - 1;	p = *cur + sizeof("max_groups=") - 1;
lval = strtol(p, &ep, 10);	sudo_user.max_groups = strtonum(p, 1, INT_MAX, &errstr);
if (p == '\0' \|\| ep != '\0')	if (sudo_user.max_groups == 0)
fatalx(_("%s: %s"), *cur, _("invalid value"));	fatalx(U_("%s: %s"), *cur, U_(errstr));
if ((errno == ERANGE && (lval == LONG_MAX \|\| lval == LONG_MIN))
\|\| (lval > INT_MAX \|\| lval <= 0))
fatalx(_("%s: %s"), *cur, _("value out of range"));
sudo_user.max_groups = (int) lval;
continue;	continue;
}	}
if (MATCHES(*cur, "remote_host=")) {	if (MATCHES(*cur, "remote_host=")) {
Line 291 sudoers_policy_deserialize_info(void v, char *runas_	Line 274 sudoers_policy_deserialize_info(void v, char *runas_
p = *cur + sizeof("uid=") - 1;	p = *cur + sizeof("uid=") - 1;
user_uid = (uid_t) atoid(p, NULL, NULL, &errstr);	user_uid = (uid_t) atoid(p, NULL, NULL, &errstr);
if (errstr != NULL)	if (errstr != NULL)
fatalx(_("%s: %s"), *cur, _(errstr));	fatalx(U_("%s: %s"), *cur, U_(errstr));
continue;	continue;
}	}
if (MATCHES(*cur, "gid=")) {	if (MATCHES(*cur, "gid=")) {
p = *cur + sizeof("gid=") - 1;	p = *cur + sizeof("gid=") - 1;
user_gid = (gid_t) atoid(p, NULL, NULL, &errstr);	user_gid = (gid_t) atoid(p, NULL, NULL, &errstr);
if (errstr != NULL)	if (errstr != NULL)
fatalx(_("%s: %s"), *cur, _(errstr));	fatalx(U_("%s: %s"), *cur, U_(errstr));
continue;	continue;
}	}
if (MATCHES(*cur, "groups=")) {	if (MATCHES(*cur, "groups=")) {
Line 324 sudoers_policy_deserialize_info(void v, char *runas_	Line 307 sudoers_policy_deserialize_info(void v, char *runas_
if (MATCHES(*cur, "lines=")) {	if (MATCHES(*cur, "lines=")) {
errno = 0;	errno = 0;
p = *cur + sizeof("lines=") - 1;	p = *cur + sizeof("lines=") - 1;
lval = strtol(p, &ep, 10);	sudo_user.lines = strtonum(p, 1, INT_MAX, &errstr);
if (p == '\0' \|\| ep != '\0')	if (sudo_user.lines == 0)
fatalx(_("%s: %s"), *cur, _("invalid value"));	fatalx(U_("%s: %s"), *cur, U_(errstr));
if ((errno == ERANGE && (lval == LONG_MAX \|\| lval == LONG_MIN))
\|\| (lval > INT_MAX \|\| lval <= 0))
fatalx(_("%s: %s"), *cur, _("value out of range"));
sudo_user.lines = (int) lval;
continue;	continue;
}	}
if (MATCHES(*cur, "cols=")) {	if (MATCHES(*cur, "cols=")) {
errno = 0;	errno = 0;
p = *cur + sizeof("cols=") - 1;	p = *cur + sizeof("cols=") - 1;
lval = strtol(p, &ep, 10);	sudo_user.cols = strtonum(p, 1, INT_MAX, &errstr);
if (p == '\0' \|\| ep != '\0')	if (sudo_user.lines == 0)
fatalx(_("%s: %s"), *cur, _("invalid value"));	fatalx(U_("%s: %s"), *cur, U_(errstr));
if ((errno == ERANGE && (lval == LONG_MAX \|\| lval == LONG_MIN))
\|\| (lval > INT_MAX \|\| lval <= 0))
fatalx(_("%s: %s"), *cur, _("value out of range"));
sudo_user.cols = (int) lval;
continue;	continue;
}	}
if (MATCHES(*cur, "sid=")) {	if (MATCHES(*cur, "sid=")) {
p = *cur + sizeof("sid=") - 1;	p = *cur + sizeof("sid=") - 1;
sudo_user.sid = (pid_t) atoid(p, NULL, NULL, &errstr);	sudo_user.sid = (pid_t) atoid(p, NULL, NULL, &errstr);
if (errstr != NULL)	if (errstr != NULL)
fatalx(_("%s: %s"), *cur, _(errstr));	fatalx(U_("%s: %s"), *cur, U_(errstr));
continue;	continue;
}	}
}	}
Line 357 sudoers_policy_deserialize_info(void v, char *runas_	Line 332 sudoers_policy_deserialize_info(void v, char *runas_
if ((p = strchr(user_runhost, '.')))	if ((p = strchr(user_runhost, '.')))
user_srunhost = estrndup(user_runhost, (size_t)(p - user_runhost));	user_srunhost = estrndup(user_runhost, (size_t)(p - user_runhost));
if (user_cwd == NULL)	if (user_cwd == NULL)
user_cwd = "unknown";	user_cwd = estrdup("unknown");
if (user_tty == NULL)	if (user_tty == NULL)
user_tty = "unknown"; /* user_ttypath remains NULL */	user_tty = estrdup("unknown"); /* user_ttypath remains NULL */

if (groups != NULL && groups[0] != '\0') {	if (groups != NULL && groups[0] != '\0') {
/* parse_gid_list() will call fatalx() on error. */	/* parse_gid_list() will call fatalx() on error. */
Line 463 sudoers_policy_exec_setup(char argv[], char envp[],	Line 438 sudoers_policy_exec_setup(char argv[], char envp[],
egid = runas_gr ? (unsigned int)runas_gr->gr_gid :	egid = runas_gr ? (unsigned int)runas_gr->gr_gid :
(unsigned int)runas_pw->pw_gid;	(unsigned int)runas_pw->pw_gid;
len = snprintf(cp, glsize - (cp - gid_list), "%u", egid);	len = snprintf(cp, glsize - (cp - gid_list), "%u", egid);
if (len < 0 \|\| len >= glsize - (cp - gid_list))	if (len < 0 \|\| (size_t)len >= glsize - (cp - gid_list))
fatalx(_("internal error, %s overflow"), "runas_groups");	fatalx(U_("internal error, %s overflow"), "runas_groups");
cp += len;	cp += len;
for (i = 0; i < grlist->ngids; i++) {	for (i = 0; i < grlist->ngids; i++) {
if (grlist->gids[i] != egid) {	if (grlist->gids[i] != egid) {
len = snprintf(cp, glsize - (cp - gid_list), ",%u",	len = snprintf(cp, glsize - (cp - gid_list), ",%u",
(unsigned int) grlist->gids[i]);	(unsigned int) grlist->gids[i]);
if (len < 0 \|\| len >= glsize - (cp - gid_list))	if (len < 0 \|\| (size_t)len >= glsize - (cp - gid_list))
fatalx(_("internal error, %s overflow"), "runas_groups");	fatalx(U_("internal error, %s overflow"), "runas_groups");
cp += len;	cp += len;
}	}
}	}
Line 561 sudoers_policy_close(int exit_status, int error_code)	Line 536 sudoers_policy_close(int exit_status, int error_code)
/* We do not currently log the exit status. */	/* We do not currently log the exit status. */
if (error_code) {	if (error_code) {
errno = error_code;	errno = error_code;
warning(_("unable to execute %s"), safe_cmnd);	warning(U_("unable to execute %s"), safe_cmnd);
}	}

/* Close the session we opened in sudoers_policy_init_session(). */	/* Close the session we opened in sudoers_policy_init_session(). */
Line 679 sudoers_policy_list(int argc, char * const argv[], int	Line 654 sudoers_policy_list(int argc, char * const argv[], int
if (list_user) {	if (list_user) {
list_pw = sudo_getpwnam(list_user);	list_pw = sudo_getpwnam(list_user);
if (list_pw == NULL) {	if (list_pw == NULL) {
warningx(_("unknown user: %s"), list_user);	warningx(U_("unknown user: %s"), list_user);
debug_return_bool(-1);	debug_return_bool(-1);
}	}
}	}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.1.1.2
changed lines
	Added in v.1.1.1.3