From 03e610dab52fa6985e42ca10d9b82cbc949e212a Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Tue, 23 Feb 2021 12:38:02 -0700
Subject: [PATCH] Strings in dictionary files need to be quoted.

---
 lib/iolog/regress/fuzz/fuzz_iolog_json.dict   |  32 +-
 lib/util/regress/fuzz/fuzz_sudo_conf.dict     |  28 +-
 plugins/sudoers/regress/fuzz/fuzz_policy.dict |  88 ++---
 .../sudoers/regress/fuzz/fuzz_sudoers.dict    | 356 +++++++++---------
 .../regress/fuzz/fuzz_sudoers_ldif.dict       |  24 +-
 5 files changed, 264 insertions(+), 264 deletions(-)

diff --git a/lib/iolog/regress/fuzz/fuzz_iolog_json.dict b/lib/iolog/regress/fuzz/fuzz_iolog_json.dict
index 68dc9996a..e7d7b8863 100644
--- a/lib/iolog/regress/fuzz/fuzz_iolog_json.dict
+++ b/lib/iolog/regress/fuzz/fuzz_iolog_json.dict
@@ -1,17 +1,17 @@
 # I/O log JSON keywords
-\"columns\"
-\"command\"
-\"lines\"
-\"runargv\"
-\"runenv\"
-\"rungid\"
-\"rungroup\"
-\"runuid\"
-\"runuser\"
-\"runchroot\"
-\"runcwd\"
-\"submitcwd\"
-\"submithost\"
-\"submituser\"
-\"timestamp\"
-\"ttyname\"
+"\"columns\""
+"\"command\""
+"\"lines\""
+"\"runargv\""
+"\"runenv\""
+"\"rungid\""
+"\"rungroup\""
+"\"runuid\""
+"\"runuser\""
+"\"runchroot\""
+"\"runcwd\""
+"\"submitcwd\""
+"\"submithost\""
+"\"submituser\""
+"\"timestamp\""
+"\"ttyname\"""
diff --git a/lib/util/regress/fuzz/fuzz_sudo_conf.dict b/lib/util/regress/fuzz/fuzz_sudo_conf.dict
index 08e71c387..fbe5cb3f0 100644
--- a/lib/util/regress/fuzz/fuzz_sudo_conf.dict
+++ b/lib/util/regress/fuzz/fuzz_sudo_conf.dict
@@ -1,19 +1,19 @@
 # sudo.conf keywords
-Debug
-Path
-Plugin
-Set
+"Debug"
+"Path"
+"Plugin"
+"Set"
 
 # Paths
-askpass
-sesh
-noexec
-plugin_dir
-devsearch
+"askpass"
+"sesh"
+"noexec"
+"plugin_dir"
+"devsearch"
 
 # Variables
-developer_mode
-disable_coredump
-group_source
-max_groups
-probe_interfaces
+"developer_mode"
+"disable_coredump"
+"group_source"
+"max_groups"
+"probe_interfaces"
diff --git a/plugins/sudoers/regress/fuzz/fuzz_policy.dict b/plugins/sudoers/regress/fuzz/fuzz_policy.dict
index 6b1ca75e7..48678c853 100644
--- a/plugins/sudoers/regress/fuzz/fuzz_policy.dict
+++ b/plugins/sudoers/regress/fuzz/fuzz_policy.dict
@@ -1,51 +1,51 @@
 # Policy plugin keywords (all are keyword = value)
 
 # sudoers plugin options from sudo.conf
-error_recovery
-sudoers_file
-sudoers_uid
-sudoers_gid
-sudoers_mode
-ldap_conf
-ldap_secret
+"error_recovery"
+"sudoers_file"
+"sudoers_uid"
+"sudoers_gid"
+"sudoers_mode"
+"ldap_conf"
+"ldap_secret"
 
 # command line settings from front-end
-closefrom
-cmnd_chroot
-cmnd_cwd
-runas_user
-runas_group
-prompt
-set_home
-preserve_environment
-run_shell
-login_shell
-implied_shell
-preserve_groups
-ignore_ticket
-noninteractive
-sudoedit
-login_class
-runas_privs
-runas_limitprivs
-selinux_role
-selinux_type
-bsdauth_type
-network_addrs
-max_groups
-remote_host
-timeout
-plugin_dir
+"closefrom"
+"cmnd_chroot"
+"cmnd_cwd"
+"runas_user"
+"runas_group"
+"prompt"
+"set_home"
+"preserve_environment"
+"run_shell"
+"login_shell"
+"implied_shell"
+"preserve_groups"
+"ignore_ticket"
+"noninteractive"
+"sudoedit"
+"login_class"
+"runas_privs"
+"runas_limitprivs"
+"selinux_role"
+"selinux_type"
+"bsdauth_type"
+"network_addrs"
+"max_groups"
+"remote_host"
+"timeout"
+"plugin_dir"
 
 # user information from front-end
-user
-uid
-gid
-groups
-cwd
-tty
-host
-lines
-cols
-sid
-umask
+"user"
+"uid"
+"gid"
+"groups"
+"cwd"
+"tty"
+"host"
+"lines"
+"cols"
+"sid"
+"umask"
diff --git a/plugins/sudoers/regress/fuzz/fuzz_sudoers.dict b/plugins/sudoers/regress/fuzz/fuzz_sudoers.dict
index 85fc3afe0..e443ea974 100644
--- a/plugins/sudoers/regress/fuzz/fuzz_sudoers.dict
+++ b/plugins/sudoers/regress/fuzz/fuzz_sudoers.dict
@@ -1,195 +1,195 @@
 # Sudoers policy keywords (all are keyword = value)
 
 # Aliases
-Cmnd_Alias
-Cmd_Alias
-Host_Alias
-Runas_Alias
-User_Alias
+"Cmnd_Alias"
+"Cmd_Alias"
+"Host_Alias"
+"Runas_Alias"
+"User_Alias"
 
 # Special keywords
-ALL
-(ALL:ALL)
-sudoedit
+"ALL"
+"(ALL:ALL)"
+"sudoedit"
 
 # Date_Spec
-20170214083000Z
-2017021408Z
-20160315220000-0500
-20151201235900
+"20170214083000Z"
+"2017021408Z"
+"20160315220000-0500"
+"20151201235900"
 
 # Timeout_Spec
-7d8h30m10s
-14d
-8h30m
-600s
-3600
+"7d8h30m10s"
+"14d"
+"8h30m"
+"600s"
+"3600"
 
 # Command digests
-sha224:
-sha256:
-sha384:
-sha512:
+"sha224:"
+"sha256:"
+"sha384:"
+"sha512:"
 
 # Command tags
-NOPASSWD
-PASSWD
-NOEXEC
-EXEC
-SETENV
-NOSETENV
-LOG_INPUT
-NOLOG_INPUT
-LOG_OUTPUT
-NOLOG_OUTPUT
-FOLLOWLNK
-NOFOLLOWLNK
-MAIL
-NOMAIL
+"NOPASSWD"
+"PASSWD"
+"NOEXEC"
+"EXEC"
+"SETENV"
+"NOSETENV"
+"LOG_INPUT"
+"NOLOG_INPUT"
+"LOG_OUTPUT"
+"NOLOG_OUTPUT"
+"FOLLOWLNK"
+"NOFOLLOWLNK"
+"MAIL"
+"NOMAIL"
 
 # Command options
-CHROOT
-CWD
-CMND_TIMEOUT
-NOTBEFORE
-NOTAFTER
-ROLE
-TYPE
-PRIVS
-LIMITPRIVS
+"CHROOT"
+"CWD"
+"CMND_TIMEOUT"
+"NOTBEFORE"
+"NOTAFTER"
+"ROLE"
+"TYPE"
+"PRIVS"
+"LIMITPRIVS"
 
 # Defaults settings
-Defaults
-syslog
-syslog_goodpri
-syslog_badpri
-long_otp_prompt
-ignore_dot
-mail_always
-mail_badpass
-mail_no_user
-mail_no_host
-mail_no_perms
-mail_all_cmnds
-tty_tickets
-lecture
-lecture_file
-authenticate
-root_sudo
-log_host
-log_year
-shell_noargs
-set_home
-always_set_home
-path_info
-fqdn
-insults
-requiretty
-env_editor
-rootpw
-runaspw
-targetpw
-use_loginclass
-set_logname
-stay_setuid
-preserve_groups
-loglinelen
-timestamp_timeout
-passwd_timeout
-passwd_tries
-umask
-logfile
-mailerpath
-mailerflags
-mailto
-mailfrom
-mailsub
-badpass_message
-lecture_status_dir
-timestampdir
-timestampowner
-exempt_group
-passprompt
-passprompt_override
-runas_default
-secure_path
-editor
-listpw
-verifypw
-noexec
-ignore_local_sudoers
-closefrom
-closefrom_override
-setenv
-env_reset
-env_check
-env_delete
-env_keep
-role
-type
-env_file
-restricted_env_file
-sudoers_locale
-visiblepw
-pwfeedback
-fast_glob
-umask_override
-log_input
-log_output
-compress_io
-use_pty
-group_plugin
-iolog_dir
-iolog_file
-set_utmp
-utmp_runas
-privs
-limitprivs
-exec_background
-pam_service
-pam_login_service
-pam_setcred
-pam_session
-pam_acct_mgmt
-maxseq
-use_netgroups
-sudoedit_checkdir
-sudoedit_follow
-always_query_group_plugin
-netgroup_tuple
-ignore_audit_errors
-ignore_iolog_errors
-ignore_logfile_errors
-match_group_by_gid
-syslog_maxlen
-iolog_user
-iolog_group
-iolog_mode
-fdexec
-ignore_unknown_defaults
-command_timeout
-user_command_timeouts
-iolog_flush
-syslog_pid
-timestamp_type
-authfail_message
-case_insensitive_user
-case_insensitive_group
-log_allowed
-log_denied
-log_servers
-log_server_timeout
-log_server_keepalive
-log_server_cabundle
-log_server_peer_cert
-log_server_peer_key
-log_server_verify
-runas_allow_unknown_id
-runas_check_shell
-pam_ruser
-pam_rhost
-runcwd
-runchroot
-log_format
-selinux
-admin_flag
+"Defaults"
+"syslog"
+"syslog_goodpri"
+"syslog_badpri"
+"long_otp_prompt"
+"ignore_dot"
+"mail_always"
+"mail_badpass"
+"mail_no_user"
+"mail_no_host"
+"mail_no_perms"
+"mail_all_cmnds"
+"tty_tickets"
+"lecture"
+"lecture_file"
+"authenticate"
+"root_sudo"
+"log_host"
+"log_year"
+"shell_noargs"
+"set_home"
+"always_set_home"
+"path_info"
+"fqdn"
+"insults"
+"requiretty"
+"env_editor"
+"rootpw"
+"runaspw"
+"targetpw"
+"use_loginclass"
+"set_logname"
+"stay_setuid"
+"preserve_groups"
+"loglinelen"
+"timestamp_timeout"
+"passwd_timeout"
+"passwd_tries"
+"umask"
+"logfile"
+"mailerpath"
+"mailerflags"
+"mailto"
+"mailfrom"
+"mailsub"
+"badpass_message"
+"lecture_status_dir"
+"timestampdir"
+"timestampowner"
+"exempt_group"
+"passprompt"
+"passprompt_override"
+"runas_default"
+"secure_path"
+"editor"
+"listpw"
+"verifypw"
+"noexec"
+"ignore_local_sudoers"
+"closefrom"
+"closefrom_override"
+"setenv"
+"env_reset"
+"env_check"
+"env_delete"
+"env_keep"
+"role"
+"type"
+"env_file"
+"restricted_env_file"
+"sudoers_locale"
+"visiblepw"
+"pwfeedback"
+"fast_glob"
+"umask_override"
+"log_input"
+"log_output"
+"compress_io"
+"use_pty"
+"group_plugin"
+"iolog_dir"
+"iolog_file"
+"set_utmp"
+"utmp_runas"
+"privs"
+"limitprivs"
+"exec_background"
+"pam_service"
+"pam_login_service"
+"pam_setcred"
+"pam_session"
+"pam_acct_mgmt"
+"maxseq"
+"use_netgroups"
+"sudoedit_checkdir"
+"sudoedit_follow"
+"always_query_group_plugin"
+"netgroup_tuple"
+"ignore_audit_errors"
+"ignore_iolog_errors"
+"ignore_logfile_errors"
+"match_group_by_gid"
+"syslog_maxlen"
+"iolog_user"
+"iolog_group"
+"iolog_mode"
+"fdexec"
+"ignore_unknown_defaults"
+"command_timeout"
+"user_command_timeouts"
+"iolog_flush"
+"syslog_pid"
+"timestamp_type"
+"authfail_message"
+"case_insensitive_user"
+"case_insensitive_group"
+"log_allowed"
+"log_denied"
+"log_servers"
+"log_server_timeout"
+"log_server_keepalive"
+"log_server_cabundle"
+"log_server_peer_cert"
+"log_server_peer_key"
+"log_server_verify"
+"runas_allow_unknown_id"
+"runas_check_shell"
+"pam_ruser"
+"pam_rhost"
+"runcwd"
+"runchroot"
+"log_format"
+"selinux"
+"admin_flag"
diff --git a/plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.dict b/plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.dict
index 81bfecfc5..7c4d2d071 100644
--- a/plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.dict
+++ b/plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.dict
@@ -1,14 +1,14 @@
 # Sudoers LDIF attributes
 
-description
-objectClass
-organizationalRole
-sudoCommand
-sudoHost
-sudoOption
-sudoOption
-sudoOrder
-sudoRunAs
-sudoRunAsGroup
-sudoRunAsUser
-sudoUser
+"description"
+"objectClass"
+"organizationalRole"
+"sudoCommand"
+"sudoHost"
+"sudoOption"
+"sudoOption"
+"sudoOrder"
+"sudoRunAs"
+"sudoRunAsGroup"
+"sudoRunAsUser"
+"sudoUser"