isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove sudo_mkpwcache() and sudo_mkgrcache(). We now create the

Browse Source 
caches as needed on demand.  Also remove calls to sudo_freepwcache()
and sudo_freegrcache() that are immediately followed by execve(),
they are not needed.
This commit is contained in:
Todd C. Miller
2016-05-11 09:40:31 -06:00
parent 23d288563e
commit 05db5aa3b8
6 changed files with 66 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
plugins/sudoers/iolog.c
View File

@@ -601,11 +601,6 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation,
bindtextdomain("sudoers", LOCALEDIR); bindtextdomain("sudoers", LOCALEDIR);
if (sudo_mkpwcache() == -1 || sudo_mkgrcache() == -1) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return_int(-1);
}
/* Initialize the debug subsystem. */ /* Initialize the debug subsystem. */
for (cur = settings; (cp = *cur) != NULL; cur++) { for (cur = settings; (cp = *cur) != NULL; cur++) {
if (strncmp(cp, "debug_flags=", sizeof("debug_flags=") - 1) == 0) { if (strncmp(cp, "debug_flags=", sizeof("debug_flags=") - 1) == 0) {

98
plugins/sudoers/pwutil.c
View File

@@ -133,6 +133,14 @@ sudo_getpwuid(uid_t uid)
struct rbnode *node; struct rbnode *node;
debug_decl(sudo_getpwuid, SUDOERS_DEBUG_NSS) debug_decl(sudo_getpwuid, SUDOERS_DEBUG_NSS)
if (pwcache_byuid == NULL) {
pwcache_byuid = rbcreate(cmp_pwuid);
if (pwcache_byuid == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return_ptr(NULL);
}
}
key.k.uid = uid; key.k.uid = uid;
getauthregistry(IDtouser(uid), key.registry); getauthregistry(IDtouser(uid), key.registry);
if ((node = rbfind(pwcache_byuid, &key)) != NULL) { if ((node = rbfind(pwcache_byuid, &key)) != NULL) {
@@ -196,6 +204,14 @@ sudo_getpwnam(const char *name)
struct rbnode *node; struct rbnode *node;
debug_decl(sudo_getpwnam, SUDOERS_DEBUG_NSS) debug_decl(sudo_getpwnam, SUDOERS_DEBUG_NSS)
if (pwcache_byname == NULL) {
pwcache_byname = rbcreate(cmp_pwnam);
if (pwcache_byname == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return_ptr(NULL);
}
}
key.k.name = (char *) name; key.k.name = (char *) name;
getauthregistry((char *) name, key.registry); getauthregistry((char *) name, key.registry);
if ((node = rbfind(pwcache_byname, &key)) != NULL) { if ((node = rbfind(pwcache_byname, &key)) != NULL) {
@@ -262,6 +278,15 @@ sudo_mkpwent(const char *user, uid_t uid, gid_t gid, const char *home,
int i; int i;
debug_decl(sudo_mkpwent, SUDOERS_DEBUG_NSS) debug_decl(sudo_mkpwent, SUDOERS_DEBUG_NSS)
if (pwcache_byuid == NULL)
pwcache_byuid = rbcreate(cmp_pwuid);
if (pwcache_byname == NULL)
pwcache_byname = rbcreate(cmp_pwnam);
if (pwcache_byuid == NULL || pwcache_byname == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return_ptr(NULL);
}
/* Optional arguments. */ /* Optional arguments. */
if (home == NULL) if (home == NULL)
home = "/"; home = "/";
@@ -358,21 +383,6 @@ sudo_fakepwnam(const char *user, gid_t gid)
debug_return_ptr(sudo_mkpwent(user, uid, gid, NULL, NULL)); debug_return_ptr(sudo_mkpwent(user, uid, gid, NULL, NULL));
} }
int
sudo_mkpwcache(void)
{
debug_decl(sudo_mkpwcache, SUDOERS_DEBUG_NSS)
if (pwcache_byuid == NULL)
pwcache_byuid = rbcreate(cmp_pwuid);
if (pwcache_byname == NULL)
pwcache_byname = rbcreate(cmp_pwnam);
if (pwcache_byuid == NULL || pwcache_byname == NULL)
debug_return_int(-1);
debug_return_int(0);
}
void void
sudo_freepwcache(void) sudo_freepwcache(void)
{ {
@@ -441,6 +451,14 @@ sudo_getgrgid(gid_t gid)
struct rbnode *node; struct rbnode *node;
debug_decl(sudo_getgrgid, SUDOERS_DEBUG_NSS) debug_decl(sudo_getgrgid, SUDOERS_DEBUG_NSS)
if (grcache_bygid == NULL) {
grcache_bygid = rbcreate(cmp_grgid);
if (grcache_bygid == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return_ptr(NULL);
}
}
key.k.gid = gid; key.k.gid = gid;
getauthregistry(NULL, key.registry); getauthregistry(NULL, key.registry);
if ((node = rbfind(grcache_bygid, &key)) != NULL) { if ((node = rbfind(grcache_bygid, &key)) != NULL) {
@@ -498,6 +516,14 @@ sudo_getgrnam(const char *name)
struct rbnode *node; struct rbnode *node;
debug_decl(sudo_getgrnam, SUDOERS_DEBUG_NSS) debug_decl(sudo_getgrnam, SUDOERS_DEBUG_NSS)
if (grcache_byname == NULL) {
grcache_byname = rbcreate(cmp_grnam);
if (grcache_byname == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return_ptr(NULL);
}
}
key.k.name = (char *) name; key.k.name = (char *) name;
getauthregistry(NULL, key.registry); getauthregistry(NULL, key.registry);
if ((node = rbfind(grcache_byname, &key)) != NULL) { if ((node = rbfind(grcache_byname, &key)) != NULL) {
@@ -557,6 +583,15 @@ sudo_fakegrnam(const char *group)
int i; int i;
debug_decl(sudo_fakegrnam, SUDOERS_DEBUG_NSS) debug_decl(sudo_fakegrnam, SUDOERS_DEBUG_NSS)
if (grcache_bygid == NULL)
grcache_bygid = rbcreate(cmp_grgid);
if (grcache_byname == NULL)
grcache_byname = rbcreate(cmp_grnam);
if (grcache_bygid == NULL || grcache_byname == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return_ptr(NULL);
}
name_len = strlen(group); name_len = strlen(group);
len = sizeof(*gritem) + name_len + 1; len = sizeof(*gritem) + name_len + 1;
@@ -645,23 +680,6 @@ sudo_grlist_delref(struct group_list *grlist)
debug_return; debug_return;
} }
int
sudo_mkgrcache(void)
{
debug_decl(sudo_mkgrcache, SUDOERS_DEBUG_NSS)
if (grcache_bygid == NULL)
grcache_bygid = rbcreate(cmp_grgid);
if (grcache_byname == NULL)
grcache_byname = rbcreate(cmp_grnam);
if (grlist_cache == NULL)
grlist_cache = rbcreate(cmp_grnam);
if (grcache_bygid == NULL || grcache_byname == NULL || grlist_cache == NULL)
debug_return_int(-1);
debug_return_int(0);
}
void void
sudo_freegrcache(void) sudo_freegrcache(void)
{ {
@@ -690,6 +708,14 @@ sudo_get_grlist(const struct passwd *pw)
struct rbnode *node; struct rbnode *node;
debug_decl(sudo_get_grlist, SUDOERS_DEBUG_NSS) debug_decl(sudo_get_grlist, SUDOERS_DEBUG_NSS)
if (grlist_cache == NULL) {
grlist_cache = rbcreate(cmp_grnam);
if (grlist_cache == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return_ptr(NULL);
}
}
key.k.name = pw->pw_name; key.k.name = pw->pw_name;
getauthregistry(pw->pw_name, key.registry); getauthregistry(pw->pw_name, key.registry);
if ((node = rbfind(grlist_cache, &key)) != NULL) { if ((node = rbfind(grlist_cache, &key)) != NULL) {
@@ -739,6 +765,14 @@ sudo_set_grlist(struct passwd *pw, char * const *groups, char * const *gids)
struct rbnode *node; struct rbnode *node;
debug_decl(sudo_set_grlist, SUDOERS_DEBUG_NSS) debug_decl(sudo_set_grlist, SUDOERS_DEBUG_NSS)
if (grlist_cache == NULL) {
grlist_cache = rbcreate(cmp_grnam);
if (grlist_cache == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return_int(-1);
}
}
/* /*
* Cache group db entry if it doesn't already exist * Cache group db entry if it doesn't already exist
*/ */

5
plugins/sudoers/sudoers.c
View File

@@ -155,11 +155,6 @@ sudoers_policy_init(void *info, char * const envp[])
bindtextdomain("sudoers", LOCALEDIR); bindtextdomain("sudoers", LOCALEDIR);
if (sudo_mkpwcache() == -1 || sudo_mkgrcache() == -1) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return_int(-1);
}
/* Register fatal/fatalx callback. */ /* Register fatal/fatalx callback. */
sudo_fatal_callback_register(sudoers_cleanup); sudo_fatal_callback_register(sudoers_cleanup);

2
plugins/sudoers/sudoers.h
View File

@@ -304,8 +304,6 @@ void sudo_freegrcache(void);
void sudo_freepwcache(void); void sudo_freepwcache(void);
void sudo_grlist_addref(struct group_list *); void sudo_grlist_addref(struct group_list *);
void sudo_grlist_delref(struct group_list *); void sudo_grlist_delref(struct group_list *);
int sudo_mkgrcache(void);
int sudo_mkpwcache(void);
void sudo_pw_addref(struct passwd *); void sudo_pw_addref(struct passwd *);
void sudo_pw_delref(struct passwd *); void sudo_pw_delref(struct passwd *);
int sudo_set_grlist(struct passwd *pw, char * const *groups, char * const *gids); int sudo_set_grlist(struct passwd *pw, char * const *groups, char * const *gids);

2
plugins/sudoers/testsudoers.c
View File

@@ -184,8 +184,6 @@ main(int argc, char *argv[])
setgrfile(grfile); setgrfile(grfile);
if (pwfile) if (pwfile)
setpwfile(pwfile); setpwfile(pwfile);
if (sudo_mkpwcache() == -1 || sudo_mkgrcache() == -1)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (argc < 2) { if (argc < 2) {
if (!dflag) if (!dflag)

7
plugins/sudoers/visudo.c
View File

@@ -209,9 +209,6 @@ main(int argc, char *argv[])
if (argc - optind != 0) if (argc - optind != 0)
usage(1); usage(1);
if (sudo_mkpwcache() == -1 || sudo_mkgrcache() == -1)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
/* Mock up a fake sudo_user struct. */ /* Mock up a fake sudo_user struct. */
user_cmnd = user_base = ""; user_cmnd = user_base = "";
if ((sudo_user.pw = sudo_getpwuid(getuid())) == NULL) if ((sudo_user.pw = sudo_getpwuid(getuid())) == NULL)
@@ -842,8 +839,6 @@ run_command(char *path, char **argv)
sudo_fatal(U_("unable to execute %s"), path); sudo_fatal(U_("unable to execute %s"), path);
break; /* NOTREACHED */ break; /* NOTREACHED */
case 0: case 0:
sudo_freepwcache();
sudo_freegrcache();
closefrom(STDERR_FILENO + 1); closefrom(STDERR_FILENO + 1);
execv(path, argv); execv(path, argv);
sudo_warn(U_("unable to run %s"), path); sudo_warn(U_("unable to run %s"), path);
@@ -1304,8 +1299,6 @@ visudo_cleanup(void)
if (sp->tpath != NULL) if (sp->tpath != NULL)
(void) unlink(sp->tpath); (void) unlink(sp->tpath);
} }
sudo_freepwcache();
sudo_freegrcache();
} }
/* /*