Reference count cached passwd and group structs. The cache holds

one reference itself and another is added by sudo_getgr{gid,nam} and sudo_getpw{uid,nam}. The final ref on the runas and user passwd and group structs are persistent for now.
2010-08-04 09:58:50 -04:00
parent 7b011cf152
commit 0186018d3d
6 changed files with 201 additions and 108 deletions
--- a/plugins/sudoers/match.c
+++ b/plugins/sudoers/match.c
@@ -771,25 +771,41 @@ group_matches(char *sudoers_group, struct group *gr)
 int
 usergr_matches(char *group, char *user, struct passwd *pw)
 {
+    int matched = FALSE;
+    struct passwd *pw0 = NULL;
+
    /* make sure we have a valid usergroup, sudo style */
    if (*group++ != '%')
-	return(FALSE);
+	goto done;

-    if (*group == ':' && def_group_plugin)
-	return(group_plugin_query(user, group + 1, pw));
+    if (*group == ':' && def_group_plugin) {
+	matched = group_plugin_query(user, group + 1, pw);
+	goto done;
+    }

    /* look up user's primary gid in the passwd file */
-    if (pw == NULL && (pw = sudo_getpwnam(user)) == NULL)
-	return(FALSE);
+    if (pw == NULL) {
+	if ((pw0 = sudo_getpwnam(user)) == NULL)
+	    goto done;
+	pw = pw0;
+    }

-    if (user_in_group(pw, group))
-	return(TRUE);
+    if (user_in_group(pw, group)) {
+	matched = TRUE;
+	goto done;
+    }

    /* not a Unix group, could be an external group */
-    if (def_group_plugin && group_plugin_query(user, group, pw))
-    	return(TRUE);
+    if (def_group_plugin && group_plugin_query(user, group, pw)) {
+	matched = TRUE;
+	goto done;
+    }

-    return(FALSE);
+done:
+    if (pw0 != NULL)
+	pw_delref(pw0);
+
+    return(matched);
 }

 /*