isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove use of setjmp/longjmp in the sudoers plugin. We no longer

Browse Source 
call fatal() except in the malloc wrappers and due to libsudo_util
there is now a single copy of fatal/fatalx.
This commit is contained in:
Todd C. Miller
2014-06-26 15:51:15 -06:00
parent 088edcb6f5
commit 2166a6afe1
6 changed files with 7 additions and 104 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
include/fatal.h
View File

@@ -18,7 +18,6 @@
#define _SUDO_FATAL_H_ #define _SUDO_FATAL_H_
#include <stdarg.h> #include <stdarg.h>
#include <setjmp.h>
/* /*
* We wrap fatal/fatalx and warning/warningx so that the same output can * We wrap fatal/fatalx and warning/warningx so that the same output can
@@ -113,17 +112,11 @@
} while (0) } while (0)
#endif /* SUDO_ERROR_WRAP */ #endif /* SUDO_ERROR_WRAP */
#define fatal_setjmp() (fatal_enable_setjmp(), sigsetjmp(fatal_jmp, 1))
#define fatal_longjmp(val) siglongjmp(fatal_jmp, val)
extern int (*sudo_printf)(int msg_type, const char *fmt, ...); extern int (*sudo_printf)(int msg_type, const char *fmt, ...);
extern sigjmp_buf fatal_jmp;
__dso_public int fatal_callback_deregister(void (*func)(void)); __dso_public int fatal_callback_deregister(void (*func)(void));
__dso_public int fatal_callback_register(void (*func)(void)); __dso_public int fatal_callback_register(void (*func)(void));
__dso_public char *warning_gettext(const char *msgid) __format_arg(1); __dso_public char *warning_gettext(const char *msgid) __format_arg(1);
__dso_public void fatal_disable_setjmp(void);
__dso_public void fatal_enable_setjmp(void);
__dso_public void fatal_nodebug(const char *, ...) __printf0like(1, 2) __attribute__((__noreturn__)); __dso_public void fatal_nodebug(const char *, ...) __printf0like(1, 2) __attribute__((__noreturn__));
__dso_public void fatalx_nodebug(const char *, ...) __printflike(1, 2) __attribute__((__noreturn__)); __dso_public void fatalx_nodebug(const char *, ...) __printflike(1, 2) __attribute__((__noreturn__));
__dso_public void vfatal_nodebug(const char *, va_list ap) __printf0like(1, 0) __attribute__((__noreturn__)); __dso_public void vfatal_nodebug(const char *, va_list ap) __printf0like(1, 0) __attribute__((__noreturn__));

36
lib/util/fatal.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2004-2005, 2010-2013 Todd C. Miller <Todd.Miller@courtesan.com> * Copyright (c) 2004-2005, 2010-2014 Todd C. Miller <Todd.Miller@courtesan.com>
* *
* Permission to use, copy, modify, and distribute this software for any * Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above * purpose with or without fee is hereby granted, provided that the above
@@ -43,8 +43,6 @@ struct sudo_fatal_callback {
}; };
SLIST_HEAD(sudo_fatal_callback_list, sudo_fatal_callback); SLIST_HEAD(sudo_fatal_callback_list, sudo_fatal_callback);
__dso_public sigjmp_buf fatal_jmp;
static bool setjmp_enabled = false;
static struct sudo_fatal_callback_list callbacks; static struct sudo_fatal_callback_list callbacks;
static void _warning(int, const char *, va_list); static void _warning(int, const char *, va_list);
@@ -71,10 +69,7 @@ fatal_nodebug(const char *fmt, ...)
_warning(1, fmt, ap); _warning(1, fmt, ap);
va_end(ap); va_end(ap);
do_cleanup(); do_cleanup();
if (setjmp_enabled) exit(EXIT_FAILURE);
siglongjmp(fatal_jmp, 1);
else
exit(EXIT_FAILURE);
} }
void void
@@ -86,10 +81,7 @@ fatalx_nodebug(const char *fmt, ...)
_warning(0, fmt, ap); _warning(0, fmt, ap);
va_end(ap); va_end(ap);
do_cleanup(); do_cleanup();
if (setjmp_enabled) exit(EXIT_FAILURE);
siglongjmp(fatal_jmp, 1);
else
exit(EXIT_FAILURE);
} }
void void
@@ -97,10 +89,7 @@ vfatal_nodebug(const char *fmt, va_list ap)
{ {
_warning(1, fmt, ap); _warning(1, fmt, ap);
do_cleanup(); do_cleanup();
if (setjmp_enabled) exit(EXIT_FAILURE);
siglongjmp(fatal_jmp, 1);
else
exit(EXIT_FAILURE);
} }
void void
@@ -108,10 +97,7 @@ vfatalx_nodebug(const char *fmt, va_list ap)
{ {
_warning(0, fmt, ap); _warning(0, fmt, ap);
do_cleanup(); do_cleanup();
if (setjmp_enabled) exit(EXIT_FAILURE);
siglongjmp(fatal_jmp, 1);
else
exit(EXIT_FAILURE);
} }
void void
@@ -214,15 +200,3 @@ fatal_callback_deregister(void (*func)(void))
return -1; return -1;
} }
void
fatal_disable_setjmp(void)
{
setjmp_enabled = false;
}
void
fatal_enable_setjmp(void)
{
setjmp_enabled = true;
}

3
lib/util/util.exp
View File

@@ -38,9 +38,6 @@ estrndup
evasprintf evasprintf
fatal_callback_deregister fatal_callback_deregister
fatal_callback_register fatal_callback_register
fatal_disable_setjmp
fatal_enable_setjmp
fatal_jmp
fatal_nodebug fatal_nodebug
fatalx_nodebug fatalx_nodebug
fmt_string fmt_string

25
plugins/sudoers/iolog.c
View File

@@ -584,12 +584,6 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation,
memset(&details, 0, sizeof(details)); memset(&details, 0, sizeof(details));
if (fatal_setjmp() != 0) {
/* called via fatal() or fatalx() */
rval = -1;
goto done;
}
bindtextdomain("sudoers", LOCALEDIR); bindtextdomain("sudoers", LOCALEDIR);
sudo_setpwent(); sudo_setpwent();
@@ -663,7 +657,6 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation,
rval = true; rval = true;
done: done:
fatal_disable_setjmp();
efree(tofree); efree(tofree);
if (details.runas_pw) if (details.runas_pw)
sudo_pw_delref(details.runas_pw); sudo_pw_delref(details.runas_pw);
@@ -681,12 +674,6 @@ sudoers_io_close(int exit_status, int error)
int i; int i;
debug_decl(sudoers_io_close, SUDO_DEBUG_PLUGIN) debug_decl(sudoers_io_close, SUDO_DEBUG_PLUGIN)
if (fatal_setjmp() != 0) {
/* called via fatal() or fatalx() */
fatal_disable_setjmp();
debug_return;
}
for (i = 0; i < IOFD_MAX; i++) { for (i = 0; i < IOFD_MAX; i++) {
if (io_log_files[i].fd.v == NULL) if (io_log_files[i].fd.v == NULL)
continue; continue;
@@ -705,12 +692,6 @@ sudoers_io_version(int verbose)
{ {
debug_decl(sudoers_io_version, SUDO_DEBUG_PLUGIN) debug_decl(sudoers_io_version, SUDO_DEBUG_PLUGIN)
if (fatal_setjmp() != 0) {
/* called via fatal() or fatalx() */
fatal_disable_setjmp();
debug_return_bool(-1);
}
sudo_printf(SUDO_CONV_INFO_MSG, "Sudoers I/O plugin version %s\n", sudo_printf(SUDO_CONV_INFO_MSG, "Sudoers I/O plugin version %s\n",
PACKAGE_VERSION); PACKAGE_VERSION);
@@ -728,12 +709,6 @@ sudoers_io_log(const char *buf, unsigned int len, int idx)
gettimeofday(&now, NULL); gettimeofday(&now, NULL);
if (fatal_setjmp() != 0) {
/* called via fatal() or fatalx() */
fatal_disable_setjmp();
debug_return_bool(-1);
}
#ifdef HAVE_ZLIB_H #ifdef HAVE_ZLIB_H
if (iolog_compress) if (iolog_compress)
ignore_result(gzwrite(io_log_files[idx].fd.g, (const voidp)buf, len)); ignore_result(gzwrite(io_log_files[idx].fd.g, (const voidp)buf, len));

32
plugins/sudoers/policy.c
View File

@@ -541,13 +541,6 @@ sudoers_policy_open(unsigned int version, sudo_conv_t conversation,
if (sudo_version < SUDO_API_MKVERSION(1, 2)) if (sudo_version < SUDO_API_MKVERSION(1, 2))
args = NULL; args = NULL;
if (fatal_setjmp() != 0) {
/* called via fatal() or fatalx() */
(void) rewind_perms();
fatal_disable_setjmp();
debug_return_bool(-1);
}
/* Call the sudoers init function. */ /* Call the sudoers init function. */
info.settings = settings; info.settings = settings;
info.user_info = user_info; info.user_info = user_info;
@@ -560,12 +553,6 @@ sudoers_policy_close(int exit_status, int error_code)
{ {
debug_decl(sudoers_policy_close, SUDO_DEBUG_PLUGIN) debug_decl(sudoers_policy_close, SUDO_DEBUG_PLUGIN)
if (fatal_setjmp() != 0) {
/* called via fatal() or fatalx() */
fatal_disable_setjmp();
debug_return;
}
/* We do not currently log the exit status. */ /* We do not currently log the exit status. */
if (error_code) { if (error_code) {
errno = error_code; errno = error_code;
@@ -613,12 +600,6 @@ sudoers_policy_init_session(struct passwd *pwd, char **user_env[])
if (sudo_version < SUDO_API_MKVERSION(1, 2)) if (sudo_version < SUDO_API_MKVERSION(1, 2))
user_env = NULL; user_env = NULL;
if (fatal_setjmp() != 0) {
/* called via fatal() or fatalx() */
fatal_disable_setjmp();
debug_return_bool(-1);
}
debug_return_bool(sudo_auth_begin_session(pwd, user_env)); debug_return_bool(sudo_auth_begin_session(pwd, user_env));
} }
@@ -664,11 +645,8 @@ sudoers_policy_invalidate(int remove)
debug_decl(sudoers_policy_invalidate, SUDO_DEBUG_PLUGIN) debug_decl(sudoers_policy_invalidate, SUDO_DEBUG_PLUGIN)
user_cmnd = "kill"; user_cmnd = "kill";
if (fatal_setjmp() == 0) { remove_timestamp(remove);
remove_timestamp(remove); sudoers_cleanup();
sudoers_cleanup();
}
fatal_disable_setjmp();
debug_return; debug_return;
} }
@@ -708,12 +686,6 @@ sudoers_policy_version(int verbose)
{ {
debug_decl(sudoers_policy_version, SUDO_DEBUG_PLUGIN) debug_decl(sudoers_policy_version, SUDO_DEBUG_PLUGIN)
if (fatal_setjmp() != 0) {
/* error recovery via fatal() or fatalx() */
fatal_disable_setjmp();
debug_return_bool(-1);
}
sudo_printf(SUDO_CONV_INFO_MSG, _("Sudoers policy plugin version %s\n"), sudo_printf(SUDO_CONV_INFO_MSG, _("Sudoers policy plugin version %s\n"),
PACKAGE_VERSION); PACKAGE_VERSION);
sudo_printf(SUDO_CONV_INFO_MSG, _("Sudoers file grammar version %d\n"), sudo_printf(SUDO_CONV_INFO_MSG, _("Sudoers file grammar version %d\n"),

8
plugins/sudoers/sudoers.c
View File

@@ -228,13 +228,6 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
volatile int rval = true; volatile int rval = true;
debug_decl(sudoers_policy_main, SUDO_DEBUG_PLUGIN) debug_decl(sudoers_policy_main, SUDO_DEBUG_PLUGIN)
/* XXX - would like to move this to policy.c but need the cleanup. */
if (fatal_setjmp() != 0) {
/* error recovery via fatal() or fatalx() */
rval = -1;
goto done;
}
/* Is root even allowed to run sudo? */ /* Is root even allowed to run sudo? */
if (user_uid == 0 && !def_root_sudo) { if (user_uid == 0 && !def_root_sudo) {
/* Not an audit event. */ /* Not an audit event. */
@@ -548,7 +541,6 @@ bad:
rval = false; rval = false;
done: done:
fatal_disable_setjmp();
if (!rewind_perms()) if (!rewind_perms())
rval = -1; rval = -1;