Remove use of setjmp/longjmp in the sudoers plugin. We no longer

call fatal() except in the malloc wrappers and due to libsudo_util there is now a single copy of fatal/fatalx.
2014-06-26 15:51:15 -06:00
parent 088edcb6f5
commit 2166a6afe1
6 changed files with 7 additions and 104 deletions
--- a/include/fatal.h
+++ b/include/fatal.h
@@ -18,7 +18,6 @@
 #define	_SUDO_FATAL_H_

 #include <stdarg.h>
-#include <setjmp.h>

 /*
 * We wrap fatal/fatalx and warning/warningx so that the same output can
@@ -113,17 +112,11 @@
 } while (0)
 #endif /* SUDO_ERROR_WRAP */

-#define fatal_setjmp()		(fatal_enable_setjmp(), sigsetjmp(fatal_jmp, 1))
-#define fatal_longjmp(val)	siglongjmp(fatal_jmp, val)
-
 extern int (*sudo_printf)(int msg_type, const char *fmt, ...);
-extern sigjmp_buf fatal_jmp;

 __dso_public int  fatal_callback_deregister(void (*func)(void));
 __dso_public int  fatal_callback_register(void (*func)(void));
 __dso_public char *warning_gettext(const char *msgid) __format_arg(1);
-__dso_public void fatal_disable_setjmp(void);
-__dso_public void fatal_enable_setjmp(void);
 __dso_public void fatal_nodebug(const char *, ...) __printf0like(1, 2) __attribute__((__noreturn__));
 __dso_public void fatalx_nodebug(const char *, ...) __printflike(1, 2) __attribute__((__noreturn__));
 __dso_public void vfatal_nodebug(const char *, va_list ap) __printf0like(1, 0) __attribute__((__noreturn__));
--- a/lib/util/fatal.c
+++ b/lib/util/fatal.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004-2005, 2010-2013 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2004-2005, 2010-2014 Todd C. Miller <Todd.Miller@courtesan.com>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
@@ -43,8 +43,6 @@ struct sudo_fatal_callback {
 };
 SLIST_HEAD(sudo_fatal_callback_list, sudo_fatal_callback);

-__dso_public sigjmp_buf fatal_jmp;
-static bool setjmp_enabled = false;
 static struct sudo_fatal_callback_list callbacks;

 static void _warning(int, const char *, va_list);
@@ -71,10 +69,7 @@ fatal_nodebug(const char *fmt, ...)
    _warning(1, fmt, ap);
    va_end(ap);
    do_cleanup();
-    if (setjmp_enabled)
-	siglongjmp(fatal_jmp, 1);
-    else
-	exit(EXIT_FAILURE);
+    exit(EXIT_FAILURE);
 }

 void
@@ -86,10 +81,7 @@ fatalx_nodebug(const char *fmt, ...)
    _warning(0, fmt, ap);
    va_end(ap);
    do_cleanup();
-    if (setjmp_enabled)
-	siglongjmp(fatal_jmp, 1);
-    else
-	exit(EXIT_FAILURE);
+    exit(EXIT_FAILURE);
 }

 void
@@ -97,10 +89,7 @@ vfatal_nodebug(const char *fmt, va_list ap)
 {
    _warning(1, fmt, ap);
    do_cleanup();
-    if (setjmp_enabled)
-	siglongjmp(fatal_jmp, 1);
-    else
-	exit(EXIT_FAILURE);
+    exit(EXIT_FAILURE);
 }

 void
@@ -108,10 +97,7 @@ vfatalx_nodebug(const char *fmt, va_list ap)
 {
    _warning(0, fmt, ap);
    do_cleanup();
-    if (setjmp_enabled)
-	siglongjmp(fatal_jmp, 1);
-    else
-	exit(EXIT_FAILURE);
+    exit(EXIT_FAILURE);
 }

 void
@@ -214,15 +200,3 @@ fatal_callback_deregister(void (*func)(void))

    return -1;
 }
-
-void
-fatal_disable_setjmp(void)
-{
-    setjmp_enabled = false;
-}
-
-void
-fatal_enable_setjmp(void)
-{
-    setjmp_enabled = true;
-}
--- a/lib/util/util.exp
+++ b/lib/util/util.exp
@@ -38,9 +38,6 @@ estrndup
 evasprintf
 fatal_callback_deregister
 fatal_callback_register
-fatal_disable_setjmp
-fatal_enable_setjmp
-fatal_jmp
 fatal_nodebug
 fatalx_nodebug
 fmt_string
--- a/plugins/sudoers/iolog.c
+++ b/plugins/sudoers/iolog.c
@@ -584,12 +584,6 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation,

    memset(&details, 0, sizeof(details));

-    if (fatal_setjmp() != 0) {
-	/* called via fatal() or fatalx() */
-	rval = -1;
-	goto done;
-    }
-
    bindtextdomain("sudoers", LOCALEDIR);

    sudo_setpwent();
@@ -663,7 +657,6 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation,
    rval = true;

 done:
-    fatal_disable_setjmp();
    efree(tofree);
    if (details.runas_pw)
 	sudo_pw_delref(details.runas_pw);
@@ -681,12 +674,6 @@ sudoers_io_close(int exit_status, int error)
    int i;
    debug_decl(sudoers_io_close, SUDO_DEBUG_PLUGIN)

-    if (fatal_setjmp() != 0) {
-	/* called via fatal() or fatalx() */
-	fatal_disable_setjmp();
-	debug_return;
-    }
-
    for (i = 0; i < IOFD_MAX; i++) {
 	if (io_log_files[i].fd.v == NULL)
 	    continue;
@@ -705,12 +692,6 @@ sudoers_io_version(int verbose)
 {
    debug_decl(sudoers_io_version, SUDO_DEBUG_PLUGIN)

-    if (fatal_setjmp() != 0) {
-	/* called via fatal() or fatalx() */
-	fatal_disable_setjmp();
-	debug_return_bool(-1);
-    }
-
    sudo_printf(SUDO_CONV_INFO_MSG, "Sudoers I/O plugin version %s\n",
 	PACKAGE_VERSION);

@@ -728,12 +709,6 @@ sudoers_io_log(const char *buf, unsigned int len, int idx)

    gettimeofday(&now, NULL);

-    if (fatal_setjmp() != 0) {
-	/* called via fatal() or fatalx() */
-	fatal_disable_setjmp();
-	debug_return_bool(-1);
-    }
-
 #ifdef HAVE_ZLIB_H
    if (iolog_compress)
 	ignore_result(gzwrite(io_log_files[idx].fd.g, (const voidp)buf, len));
--- a/plugins/sudoers/policy.c
+++ b/plugins/sudoers/policy.c
@@ -541,13 +541,6 @@ sudoers_policy_open(unsigned int version, sudo_conv_t conversation,
    if (sudo_version < SUDO_API_MKVERSION(1, 2))
 	args = NULL;

-    if (fatal_setjmp() != 0) {
-	/* called via fatal() or fatalx() */
-	(void) rewind_perms();
-	fatal_disable_setjmp();
-	debug_return_bool(-1);
-    }
-
    /* Call the sudoers init function. */
    info.settings = settings;
    info.user_info = user_info;
@@ -560,12 +553,6 @@ sudoers_policy_close(int exit_status, int error_code)
 {
    debug_decl(sudoers_policy_close, SUDO_DEBUG_PLUGIN)

-    if (fatal_setjmp() != 0) {
-	/* called via fatal() or fatalx() */
-	fatal_disable_setjmp();
-	debug_return;
-    }
-
    /* We do not currently log the exit status. */
    if (error_code) {
 	errno = error_code;
@@ -613,12 +600,6 @@ sudoers_policy_init_session(struct passwd *pwd, char **user_env[])
    if (sudo_version < SUDO_API_MKVERSION(1, 2))
 	user_env = NULL;

-    if (fatal_setjmp() != 0) {
-	/* called via fatal() or fatalx() */
-	fatal_disable_setjmp();
-	debug_return_bool(-1);
-    }
-
    debug_return_bool(sudo_auth_begin_session(pwd, user_env));
 }

@@ -664,11 +645,8 @@ sudoers_policy_invalidate(int remove)
    debug_decl(sudoers_policy_invalidate, SUDO_DEBUG_PLUGIN)

    user_cmnd = "kill";
-    if (fatal_setjmp() == 0) {
-	remove_timestamp(remove);
-	sudoers_cleanup();
-    }
-    fatal_disable_setjmp();
+    remove_timestamp(remove);
+    sudoers_cleanup();

    debug_return;
 }
@@ -708,12 +686,6 @@ sudoers_policy_version(int verbose)
 {
    debug_decl(sudoers_policy_version, SUDO_DEBUG_PLUGIN)

-    if (fatal_setjmp() != 0) {
-	/* error recovery via fatal() or fatalx() */
-	fatal_disable_setjmp();
-	debug_return_bool(-1);
-    }
-
    sudo_printf(SUDO_CONV_INFO_MSG, _("Sudoers policy plugin version %s\n"),
 	PACKAGE_VERSION);
    sudo_printf(SUDO_CONV_INFO_MSG, _("Sudoers file grammar version %d\n"),
--- a/plugins/sudoers/sudoers.c
+++ b/plugins/sudoers/sudoers.c
@@ -228,13 +228,6 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
    volatile int rval = true;
    debug_decl(sudoers_policy_main, SUDO_DEBUG_PLUGIN)

-    /* XXX - would like to move this to policy.c but need the cleanup. */
-    if (fatal_setjmp() != 0) {
-	/* error recovery via fatal() or fatalx() */
-	rval = -1;
-	goto done;
-    }
-
    /* Is root even allowed to run sudo? */
    if (user_uid == 0 && !def_root_sudo) {
 	/* Not an audit event. */
@@ -548,7 +541,6 @@ bad:
    rval = false;

 done:
-    fatal_disable_setjmp();
    if (!rewind_perms())
 	rval = -1;