check_pattern: check bounds as a repetition operator too.

Add regess to verify check_pattern() via sudo_regex_compile().

MANIFEST

@@ -286,6 +286,7 @@ lib/util/regress/multiarch/multiarch_test.c
 lib/util/regress/open_parent_dir/open_parent_dir_test.c
 lib/util/regress/parse_gids/parse_gids_test.c
 lib/util/regress/progname/progname_test.c
+lib/util/regress/regex/regex_test.c
 lib/util/regress/strsig/strsig_test.c
 lib/util/regress/strsplit/strsplit_test.c
 lib/util/regress/strtofoo/strtobool_test.c

lib/util/Makefile.in

@@ -112,9 +112,10 @@ PVS_LOG_OPTS = -a 'GA:1,2' -e -t errorfile -d $(PVS_IGNORE)
 
 # Regression tests
 TEST_PROGS = conf_test getgids getgrouplist_test hltq_test json_test \
-             multiarch_test open_parent_dir_test parse_gids_test parseln_test \
+	     multiarch_test open_parent_dir_test parse_gids_test \
-	     progname_test strsplit_test strtobool_test strtoid_test \
+	     parseln_test progname_test regex_test strsplit_test \
-	     strtomode_test strtonum_test uuid_test @COMPAT_TEST_PROGS@
+	     strtobool_test strtoid_test strtomode_test strtonum_test \
+	     uuid_test @COMPAT_TEST_PROGS@
 
 TEST_LIBS = @LIBS@
 TEST_LDFLAGS = @LDFLAGS@
@@ -179,6 +180,8 @@ MULTIARCH_TEST_OBJS = multiarch_test.lo multiarch.lo
 
 OPEN_PARENT_DIR_TEST_OBJS = open_parent_dir_test.lo mkdir_parents.lo
 
+REGEX_TEST_OBJS = regex_test.lo regex.lo
+
 STRTOBOOL_TEST_OBJS = strtobool_test.lo strtobool.lo
 
 STRTOMODE_TEST_OBJS = strtomode_test.lo strtomode.lo
@@ -317,6 +320,9 @@ getgrouplist_test: $(GETGROUPLIST_TEST_OBJS) libsudo_util.la
 strsplit_test: $(STRSPLIT_TEST_OBJS) libsudo_util.la
 	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(STRSPLIT_TEST_OBJS) libsudo_util.la $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(HARDENING_LDFLAGS) $(TEST_LDFLAGS) $(TEST_LIBS)
 
+regex_test: $(REGEX_TEST_OBJS) libsudo_util.la
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(REGEX_TEST_OBJS) libsudo_util.la $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(HARDENING_LDFLAGS) $(TEST_LDFLAGS) $(TEST_LIBS)
+
 strsig_test: $(STRSIG_TEST_OBJS) libsudo_util.la
 	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(STRSIG_TEST_OBJS) libsudo_util.la $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(HARDENING_LDFLAGS) $(TEST_LDFLAGS) $(TEST_LIBS)
 
@@ -437,12 +443,6 @@ check: $(TEST_PROGS) check-fuzzer
 	    if test -f closefrom_test; then \
 		./closefrom_test || rval=`expr $$rval + $$?`; \
 	    fi; \
-	    if test -f parse_gids_test; then \
-		./parse_gids_test || rval=`expr $$rval + $$?`; \
-	    fi; \
-	    if test -f strsplit_test; then \
-		./strsplit_test || rval=`expr $$rval + $$?`; \
-	    fi; \
 	    if test -f fnm_test; then \
 		./fnm_test $(srcdir)/regress/fnmatch/fnm_test.in || rval=`expr $$rval + $$?`; \
 	    fi; \
@@ -467,6 +467,9 @@ check: $(TEST_PROGS) check-fuzzer
 	    ./getgrouplist_test || rval=`expr $$rval + $$?`; \
 	    ./multiarch_test || rval=`expr $$rval + $$?`; \
 	    ./open_parent_dir_test || rval=`expr $$rval + $$?`; \
+	    ./parse_gids_test || rval=`expr $$rval + $$?`; \
+	    ./regex_test || rval=`expr $$rval + $$?`; \
+	    ./strsplit_test || rval=`expr $$rval + $$?`; \
 	    ./strtobool_test || rval=`expr $$rval + $$?`; \
 	    ./strtoid_test || rval=`expr $$rval + $$?`; \
 	    ./strtomode_test || rval=`expr $$rval + $$?`; \
@@ -984,13 +987,13 @@ json.plog: json.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/json.c --i-file $< --output-file $@
 json_test.lo: $(srcdir)/regress/json/json_test.c $(incdir)/compat/stdbool.h \
               $(incdir)/sudo_compat.h $(incdir)/sudo_fatal.h \
-              $(incdir)/sudo_plugin.h $(incdir)/sudo_util.h \
+              $(incdir)/sudo_json.h $(incdir)/sudo_plugin.h \
-              $(top_builddir)/config.h
+              $(incdir)/sudo_util.h $(top_builddir)/config.h
 	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(HARDENING_CFLAGS) $(srcdir)/regress/json/json_test.c
 json_test.i: $(srcdir)/regress/json/json_test.c $(incdir)/compat/stdbool.h \
               $(incdir)/sudo_compat.h $(incdir)/sudo_fatal.h \
-              $(incdir)/sudo_plugin.h $(incdir)/sudo_util.h \
+              $(incdir)/sudo_json.h $(incdir)/sudo_plugin.h \
-              $(top_builddir)/config.h
+              $(incdir)/sudo_util.h $(top_builddir)/config.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 json_test.plog: json_test.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/json/json_test.c --i-file $< --output-file $@
@@ -1288,6 +1291,18 @@ regex.i: $(srcdir)/regex.c $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 regex.plog: regex.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regex.c --i-file $< --output-file $@
+regex_test.lo: $(srcdir)/regress/regex/regex_test.c $(incdir)/compat/stdbool.h \
+               $(incdir)/sudo_compat.h $(incdir)/sudo_fatal.h \
+               $(incdir)/sudo_plugin.h $(incdir)/sudo_util.h \
+               $(top_builddir)/config.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(HARDENING_CFLAGS) $(srcdir)/regress/regex/regex_test.c
+regex_test.i: $(srcdir)/regress/regex/regex_test.c $(incdir)/compat/stdbool.h \
+               $(incdir)/sudo_compat.h $(incdir)/sudo_fatal.h \
+               $(incdir)/sudo_plugin.h $(incdir)/sudo_util.h \
+               $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+regex_test.plog: regex_test.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/regex/regex_test.c --i-file $< --output-file $@
 roundup.lo: $(srcdir)/roundup.c $(incdir)/compat/stdbool.h \
             $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
             $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \

lib/util/regex.c

@@ -26,6 +26,7 @@
 #include <stddef.h>
 #include <stdlib.h>
 #include <string.h>
+#include <ctype.h>
 #include <regex.h>
 
 #include "sudo_compat.h"
@@ -60,11 +61,32 @@ check_pattern(const char *pattern)
 	case '?':
 	case '*':
 	case '+':
-	    if (prev == '?' || prev == '*' || prev == '+') {
+	    if (prev == '?' || prev == '*' || prev == '+' || prev == '{' ) {
 		/* Invalid repetition operator. */
 		debug_return_int(REG_BADRPT);
 	    }
 	    break;
+	case '{':
+	    /* Match bound: {[0-9]([0-9,]*)} */
+	    if (isdigit((unsigned char)*cp)) {
+		do {
+		    cp++;
+		    /* Allow digits to be escaped. */
+		    if (cp[0] == '\\' && isdigit((unsigned char)cp[1]))
+			cp++;
+		} while (isdigit((unsigned char)*cp) || *cp == ',');
+		if (*cp == '}') {
+		    if (prev == '?' || prev == '*' || prev == '+' || prev == '{' ) {
+			/* Invalid repetition operator. */
+			debug_return_int(REG_BADRPT);
+		    }
+		    /* Skip past '}', prev will be set to '{' below */
+		    cp++;
+		    break;
+		}
+	    }
+	    prev = '\0';
+	    continue;
 	}
 	prev = ch;
     }

lib/util/regress/regex/regex_test.c

@@ -0,0 +1,111 @@
+/*
+ * SPDX-License-Identifier: ISC
+ *
+ * Copyright (c) 2022 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <regex.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif
+
+#define SUDO_ERROR_WRAP 0
+
+#include "sudo_compat.h"
+#include "sudo_fatal.h"
+#include "sudo_util.h"
+
+sudo_dso_public int main(int argc, char *argv[]);
+
+struct regex_test {
+    const char *pattern;
+    bool result;
+};
+
+static struct regex_test test_data[] = {
+    { "ab++", false },
+    { "ab\\++", true },
+    { "ab+\\+", true },
+    { "ab**", false },
+    { "ab\\**", true },
+    { "ab*\\*", true },
+    { "ab??", false },
+    { "ab\\??", true },
+    { "ab?\\?", true },
+    { "ab{1}{1}", false },
+    { "ab{1}\\{1}", true },
+    { "ab+*", false },
+    { "ab\\+*", true },
+    { "ab+\\*", true },
+    { "ab*+", false },
+    { "ab\\*+", true },
+    { "ab*\\+", true },
+    { "ab?*", false },
+    { "ab\\?*", true },
+    { "ab?\\*", true },
+    { "ab{1}*", false },
+    { "ab\\{1}*", true },
+    { "ab{1}\\*", true },
+    { NULL }
+};
+
+int
+main(int argc, char *argv[])
+{
+    struct regex_test *td;
+    const char *errstr;
+    int errors = 0, ntests = 0;
+    bool result;
+    int ch;
+
+    initprogname(argc > 0 ? argv[0] : "regex_test");
+
+    while ((ch = getopt(argc, argv, "v")) != -1) {
+	switch (ch) {
+	case 'v':
+	    /* ignore */
+	    break;
+	default:
+	    fprintf(stderr, "usage: %s [-v]\n", getprogname());
+	    return EXIT_FAILURE;
+	}
+    }
+    argc -= optind;
+    argv += optind;
+
+    for (td = test_data; td->pattern != NULL; td++) {
+	ntests++;
+	result = sudo_regex_compile(NULL, td->pattern, &errstr);
+	if (result != td->result) {
+	    sudo_warnx("%s: expected %d, got %d", td->pattern, (int)td->result,
+		(int)result);
+	    errors++;
+	}
+    }
+
+    if (ntests != 0) {
+	printf("%s: %d tests run, %d errors, %d%% success rate\n",
+	    getprogname(), ntests, errors, (ntests - errors) * 100 / ntests);
+    }
+    return errors;
+}