diff --git a/MANIFEST b/MANIFEST index bd636a606..33fdd318e 100644 --- a/MANIFEST +++ b/MANIFEST @@ -286,6 +286,7 @@ lib/util/regress/multiarch/multiarch_test.c lib/util/regress/open_parent_dir/open_parent_dir_test.c lib/util/regress/parse_gids/parse_gids_test.c lib/util/regress/progname/progname_test.c +lib/util/regress/regex/regex_test.c lib/util/regress/strsig/strsig_test.c lib/util/regress/strsplit/strsplit_test.c lib/util/regress/strtofoo/strtobool_test.c diff --git a/lib/util/Makefile.in b/lib/util/Makefile.in index 7b2c3be45..484fdec47 100644 --- a/lib/util/Makefile.in +++ b/lib/util/Makefile.in @@ -112,9 +112,10 @@ PVS_LOG_OPTS = -a 'GA:1,2' -e -t errorfile -d $(PVS_IGNORE) # Regression tests TEST_PROGS = conf_test getgids getgrouplist_test hltq_test json_test \ - multiarch_test open_parent_dir_test parse_gids_test parseln_test \ - progname_test strsplit_test strtobool_test strtoid_test \ - strtomode_test strtonum_test uuid_test @COMPAT_TEST_PROGS@ + multiarch_test open_parent_dir_test parse_gids_test \ + parseln_test progname_test regex_test strsplit_test \ + strtobool_test strtoid_test strtomode_test strtonum_test \ + uuid_test @COMPAT_TEST_PROGS@ TEST_LIBS = @LIBS@ TEST_LDFLAGS = @LDFLAGS@ @@ -179,6 +180,8 @@ MULTIARCH_TEST_OBJS = multiarch_test.lo multiarch.lo OPEN_PARENT_DIR_TEST_OBJS = open_parent_dir_test.lo mkdir_parents.lo +REGEX_TEST_OBJS = regex_test.lo regex.lo + STRTOBOOL_TEST_OBJS = strtobool_test.lo strtobool.lo STRTOMODE_TEST_OBJS = strtomode_test.lo strtomode.lo @@ -317,6 +320,9 @@ getgrouplist_test: $(GETGROUPLIST_TEST_OBJS) libsudo_util.la strsplit_test: $(STRSPLIT_TEST_OBJS) libsudo_util.la $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(STRSPLIT_TEST_OBJS) libsudo_util.la $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(HARDENING_LDFLAGS) $(TEST_LDFLAGS) $(TEST_LIBS) +regex_test: $(REGEX_TEST_OBJS) libsudo_util.la + $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(REGEX_TEST_OBJS) libsudo_util.la $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(HARDENING_LDFLAGS) $(TEST_LDFLAGS) $(TEST_LIBS) + strsig_test: $(STRSIG_TEST_OBJS) libsudo_util.la $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(STRSIG_TEST_OBJS) libsudo_util.la $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(HARDENING_LDFLAGS) $(TEST_LDFLAGS) $(TEST_LIBS) @@ -437,12 +443,6 @@ check: $(TEST_PROGS) check-fuzzer if test -f closefrom_test; then \ ./closefrom_test || rval=`expr $$rval + $$?`; \ fi; \ - if test -f parse_gids_test; then \ - ./parse_gids_test || rval=`expr $$rval + $$?`; \ - fi; \ - if test -f strsplit_test; then \ - ./strsplit_test || rval=`expr $$rval + $$?`; \ - fi; \ if test -f fnm_test; then \ ./fnm_test $(srcdir)/regress/fnmatch/fnm_test.in || rval=`expr $$rval + $$?`; \ fi; \ @@ -467,6 +467,9 @@ check: $(TEST_PROGS) check-fuzzer ./getgrouplist_test || rval=`expr $$rval + $$?`; \ ./multiarch_test || rval=`expr $$rval + $$?`; \ ./open_parent_dir_test || rval=`expr $$rval + $$?`; \ + ./parse_gids_test || rval=`expr $$rval + $$?`; \ + ./regex_test || rval=`expr $$rval + $$?`; \ + ./strsplit_test || rval=`expr $$rval + $$?`; \ ./strtobool_test || rval=`expr $$rval + $$?`; \ ./strtoid_test || rval=`expr $$rval + $$?`; \ ./strtomode_test || rval=`expr $$rval + $$?`; \ @@ -984,13 +987,13 @@ json.plog: json.i rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/json.c --i-file $< --output-file $@ json_test.lo: $(srcdir)/regress/json/json_test.c $(incdir)/compat/stdbool.h \ $(incdir)/sudo_compat.h $(incdir)/sudo_fatal.h \ - $(incdir)/sudo_plugin.h $(incdir)/sudo_util.h \ - $(top_builddir)/config.h + $(incdir)/sudo_json.h $(incdir)/sudo_plugin.h \ + $(incdir)/sudo_util.h $(top_builddir)/config.h $(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(HARDENING_CFLAGS) $(srcdir)/regress/json/json_test.c json_test.i: $(srcdir)/regress/json/json_test.c $(incdir)/compat/stdbool.h \ $(incdir)/sudo_compat.h $(incdir)/sudo_fatal.h \ - $(incdir)/sudo_plugin.h $(incdir)/sudo_util.h \ - $(top_builddir)/config.h + $(incdir)/sudo_json.h $(incdir)/sudo_plugin.h \ + $(incdir)/sudo_util.h $(top_builddir)/config.h $(CC) -E -o $@ $(CPPFLAGS) $< json_test.plog: json_test.i rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/json/json_test.c --i-file $< --output-file $@ @@ -1288,6 +1291,18 @@ regex.i: $(srcdir)/regex.c $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \ $(CC) -E -o $@ $(CPPFLAGS) $< regex.plog: regex.i rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regex.c --i-file $< --output-file $@ +regex_test.lo: $(srcdir)/regress/regex/regex_test.c $(incdir)/compat/stdbool.h \ + $(incdir)/sudo_compat.h $(incdir)/sudo_fatal.h \ + $(incdir)/sudo_plugin.h $(incdir)/sudo_util.h \ + $(top_builddir)/config.h + $(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(HARDENING_CFLAGS) $(srcdir)/regress/regex/regex_test.c +regex_test.i: $(srcdir)/regress/regex/regex_test.c $(incdir)/compat/stdbool.h \ + $(incdir)/sudo_compat.h $(incdir)/sudo_fatal.h \ + $(incdir)/sudo_plugin.h $(incdir)/sudo_util.h \ + $(top_builddir)/config.h + $(CC) -E -o $@ $(CPPFLAGS) $< +regex_test.plog: regex_test.i + rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/regex/regex_test.c --i-file $< --output-file $@ roundup.lo: $(srcdir)/roundup.c $(incdir)/compat/stdbool.h \ $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \ $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \ diff --git a/lib/util/regex.c b/lib/util/regex.c index 83b673a0f..a4677104a 100644 --- a/lib/util/regex.c +++ b/lib/util/regex.c @@ -26,6 +26,7 @@ #include #include #include +#include #include #include "sudo_compat.h" @@ -60,11 +61,32 @@ check_pattern(const char *pattern) case '?': case '*': case '+': - if (prev == '?' || prev == '*' || prev == '+') { + if (prev == '?' || prev == '*' || prev == '+' || prev == '{' ) { /* Invalid repetition operator. */ debug_return_int(REG_BADRPT); } break; + case '{': + /* Match bound: {[0-9]([0-9,]*)} */ + if (isdigit((unsigned char)*cp)) { + do { + cp++; + /* Allow digits to be escaped. */ + if (cp[0] == '\\' && isdigit((unsigned char)cp[1])) + cp++; + } while (isdigit((unsigned char)*cp) || *cp == ','); + if (*cp == '}') { + if (prev == '?' || prev == '*' || prev == '+' || prev == '{' ) { + /* Invalid repetition operator. */ + debug_return_int(REG_BADRPT); + } + /* Skip past '}', prev will be set to '{' below */ + cp++; + break; + } + } + prev = '\0'; + continue; } prev = ch; } diff --git a/lib/util/regress/regex/regex_test.c b/lib/util/regress/regex/regex_test.c new file mode 100644 index 000000000..63a32e7dc --- /dev/null +++ b/lib/util/regress/regex/regex_test.c @@ -0,0 +1,111 @@ +/* + * SPDX-License-Identifier: ISC + * + * Copyright (c) 2022 Todd C. Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include + +#include +#include +#include +#include +#include +#ifdef HAVE_STDBOOL_H +# include +#else +# include "compat/stdbool.h" +#endif + +#define SUDO_ERROR_WRAP 0 + +#include "sudo_compat.h" +#include "sudo_fatal.h" +#include "sudo_util.h" + +sudo_dso_public int main(int argc, char *argv[]); + +struct regex_test { + const char *pattern; + bool result; +}; + +static struct regex_test test_data[] = { + { "ab++", false }, + { "ab\\++", true }, + { "ab+\\+", true }, + { "ab**", false }, + { "ab\\**", true }, + { "ab*\\*", true }, + { "ab??", false }, + { "ab\\??", true }, + { "ab?\\?", true }, + { "ab{1}{1}", false }, + { "ab{1}\\{1}", true }, + { "ab+*", false }, + { "ab\\+*", true }, + { "ab+\\*", true }, + { "ab*+", false }, + { "ab\\*+", true }, + { "ab*\\+", true }, + { "ab?*", false }, + { "ab\\?*", true }, + { "ab?\\*", true }, + { "ab{1}*", false }, + { "ab\\{1}*", true }, + { "ab{1}\\*", true }, + { NULL } +}; + +int +main(int argc, char *argv[]) +{ + struct regex_test *td; + const char *errstr; + int errors = 0, ntests = 0; + bool result; + int ch; + + initprogname(argc > 0 ? argv[0] : "regex_test"); + + while ((ch = getopt(argc, argv, "v")) != -1) { + switch (ch) { + case 'v': + /* ignore */ + break; + default: + fprintf(stderr, "usage: %s [-v]\n", getprogname()); + return EXIT_FAILURE; + } + } + argc -= optind; + argv += optind; + + for (td = test_data; td->pattern != NULL; td++) { + ntests++; + result = sudo_regex_compile(NULL, td->pattern, &errstr); + if (result != td->result) { + sudo_warnx("%s: expected %d, got %d", td->pattern, (int)td->result, + (int)result); + errors++; + } + } + + if (ntests != 0) { + printf("%s: %d tests run, %d errors, %d%% success rate\n", + getprogname(), ntests, errors, (ntests - errors) * 100 / ntests); + } + return errors; +}