sudo frontend: silence most -Wconversion warnings.
This commit is contained in:
Todd C. Miller
@@ -65,7 +65,7 @@ static sudo_conv_t sudo_conv;
|
||||
static sudo_printf_t sudo_log;
|
||||
static FILE *input, *output;
|
||||
static uid_t runas_uid = ROOT_UID;
|
||||
static gid_t runas_gid = -1;
|
||||
static gid_t runas_gid = (gid_t)-1;
|
||||
static int use_sudoedit = false;
|
||||
|
||||
/*
|
||||
@@ -286,7 +286,7 @@ find_editor(int nfiles, char * const files[], char **argv_out[])
|
||||
}
|
||||
if (editor_path != editor)
|
||||
free(editor);
|
||||
nargv = malloc((nargc + 1 + nfiles + 1) * sizeof(char *));
|
||||
nargv = reallocarray(NULL, (size_t)(nargc + 1 + nfiles + 1), sizeof(char *));
|
||||
if (nargv == NULL) {
|
||||
sudo_log(SUDO_CONV_ERROR_MSG, "unable to allocate memory\n");
|
||||
free(editor_path);
|
||||
|
||||
@@ -199,7 +199,7 @@ sudo_conversation_printf(int msg_type, const char *fmt, ...)
|
||||
len = vfprintf(ttyfp ? ttyfp : fp, fmt, ap);
|
||||
va_end(ap);
|
||||
if (len >= 0 && crnl != NULL) {
|
||||
len += fwrite(crnl, 1, 2, ttyfp ? ttyfp : fp);
|
||||
len += (int)fwrite(crnl, 1, 2, ttyfp ? ttyfp : fp);
|
||||
}
|
||||
break;
|
||||
default:
|
||||
|
||||
@@ -54,10 +54,10 @@ sudo_extend_file(int fd, const char *name, off_t new_size)
|
||||
__func__, name, (long long)old_size, (long long)new_size);
|
||||
|
||||
for (size = old_size; size < new_size; size += nwritten) {
|
||||
size_t len = new_size - size;
|
||||
if (len > sizeof(zeroes))
|
||||
len = sizeof(zeroes);
|
||||
nwritten = write(fd, zeroes, len);
|
||||
off_t len = new_size - size;
|
||||
if (len > ssizeof(zeroes))
|
||||
len = ssizeof(zeroes);
|
||||
nwritten = write(fd, zeroes, (size_t)len);
|
||||
if (nwritten == -1) {
|
||||
int serrno = errno;
|
||||
if (ftruncate(fd, old_size) == -1) {
|
||||
@@ -110,7 +110,7 @@ sudo_copy_file(const char *src, int src_fd, off_t src_len, const char *dst,
|
||||
while ((nread = read(src_fd, buf, sizeof(buf))) > 0) {
|
||||
ssize_t off = 0;
|
||||
do {
|
||||
nwritten = write(dst_fd, buf + off, nread - off);
|
||||
nwritten = write(dst_fd, buf + off, (size_t)(nread - off));
|
||||
if (nwritten == -1)
|
||||
goto write_error;
|
||||
off += nwritten;
|
||||
|
||||
@@ -96,7 +96,7 @@ rpl_putenv(PUTENV_CONST char *string)
|
||||
}
|
||||
|
||||
/* Look for existing entry. */
|
||||
len = (equal - string) + 1;
|
||||
len = (size_t)(equal - string) + 1;
|
||||
for (ep = environ; *ep != NULL; ep++) {
|
||||
if (strncmp(string, *ep, len) == 0) {
|
||||
*ep = (char *)string;
|
||||
|
||||
@@ -133,7 +133,7 @@ exec_setup(struct command_details *details, int intercept_fd, int errfd)
|
||||
#endif
|
||||
#ifdef HAVE_LOGIN_CAP_H
|
||||
if (details->login_class) {
|
||||
int flags;
|
||||
unsigned int flags;
|
||||
login_cap_t *lc;
|
||||
|
||||
/*
|
||||
|
||||
@@ -123,11 +123,11 @@ sudo_execve(int fd, const char *path, char *const argv[], char *envp[],
|
||||
|
||||
for (argc = 0; argv[argc] != NULL; argc++)
|
||||
continue;
|
||||
nargv = reallocarray(NULL, argc + 2, sizeof(char *));
|
||||
nargv = reallocarray(NULL, (size_t)argc + 2, sizeof(char *));
|
||||
if (nargv != NULL) {
|
||||
nargv[0] = "sh";
|
||||
nargv[1] = path;
|
||||
memcpy(nargv + 2, argv + 1, argc * sizeof(char *));
|
||||
memcpy(nargv + 2, argv + 1, (size_t)argc * sizeof(char *));
|
||||
execve(_PATH_SUDO_BSHELL, (char **)nargv, envp);
|
||||
free(nargv);
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
/*
|
||||
* SPDX-License-Identifier: ISC
|
||||
*
|
||||
* Copyright (c) 2021-2022 Todd C. Miller <Todd.Miller@sudo.ws>
|
||||
* Copyright (c) 2021-2023 Todd C. Miller <Todd.Miller@sudo.ws>
|
||||
*
|
||||
* Permission to use, copy, modify, and distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
@@ -37,6 +37,7 @@
|
||||
#include <unistd.h>
|
||||
#include <errno.h>
|
||||
#include <fcntl.h>
|
||||
#include <limits.h>
|
||||
|
||||
#include "sudo.h"
|
||||
#include "sudo_exec.h"
|
||||
@@ -374,7 +375,8 @@ intercept_check_policy(const char *command, int argc, char **argv, int envc,
|
||||
char **command_info_copy = NULL;
|
||||
char **user_env_out = NULL;
|
||||
char **run_argv = NULL;
|
||||
int i, rc, saved_dir = -1;
|
||||
int rc, saved_dir = -1;
|
||||
size_t i;
|
||||
bool ret = true;
|
||||
struct stat sb;
|
||||
debug_decl(intercept_check_policy, SUDO_DEBUG_EXEC);
|
||||
@@ -470,11 +472,11 @@ intercept_check_policy(const char *command, int argc, char **argv, int envc,
|
||||
"run_command: %s", closure->command);
|
||||
for (i = 0; command_info[i] != NULL; i++) {
|
||||
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
|
||||
"command_info[%d]: %s", i, command_info[i]);
|
||||
"command_info[%zu]: %s", i, command_info[i]);
|
||||
}
|
||||
for (i = 0; run_argv[i] != NULL; i++) {
|
||||
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
|
||||
"run_argv[%d]: %s", i, run_argv[i]);
|
||||
"run_argv[%zu]: %s", i, run_argv[i]);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -492,10 +494,10 @@ intercept_check_policy(const char *command, int argc, char **argv, int envc,
|
||||
closure->run_argv[i] = NULL;
|
||||
|
||||
/* Make a copy of envp, which may not be NULL-terminated. */
|
||||
closure->run_envp = reallocarray(NULL, envc + 1, sizeof(char *));
|
||||
closure->run_envp = reallocarray(NULL, (size_t)envc + 1, sizeof(char *));
|
||||
if (closure->run_envp == NULL)
|
||||
goto oom;
|
||||
for (i = 0; i < envc; i++) {
|
||||
for (i = 0; i < (size_t)envc; i++) {
|
||||
closure->run_envp[i] = strdup(envp[i]);
|
||||
if (closure->run_envp[i] == NULL)
|
||||
goto oom;
|
||||
@@ -562,7 +564,7 @@ intercept_check_policy_req(PolicyCheckRequest *req,
|
||||
size_t n;
|
||||
debug_decl(intercept_check_policy_req, SUDO_DEBUG_EXEC);
|
||||
|
||||
if (req->command == NULL) {
|
||||
if (req->command == NULL || req->n_argv > INT_MAX || req->n_envp > INT_MAX) {
|
||||
closure->errstr = N_("invalid PolicyCheckRequest");
|
||||
goto done;
|
||||
}
|
||||
@@ -595,8 +597,8 @@ intercept_check_policy_req(PolicyCheckRequest *req,
|
||||
}
|
||||
argv[n] = NULL;
|
||||
|
||||
ret = intercept_check_policy(req->command, req->n_argv, argv, req->n_envp,
|
||||
req->envp, req->cwd, &oldcwd, closure);
|
||||
ret = intercept_check_policy(req->command, (int)req->n_argv, argv,
|
||||
(int)req->n_envp, req->envp, req->cwd, &oldcwd, closure);
|
||||
|
||||
done:
|
||||
if (oldcwd != -1) {
|
||||
@@ -635,7 +637,7 @@ intercept_verify_token(int fd, struct intercept_closure *closure)
|
||||
if (nread + closure->off == sizeof(closure->token))
|
||||
break;
|
||||
/* partial read, update offset and try again */
|
||||
closure->off += nread;
|
||||
closure->off += (uint32_t)nread;
|
||||
errno = EAGAIN;
|
||||
debug_return_int(-1);
|
||||
}
|
||||
@@ -734,7 +736,7 @@ intercept_read(int fd, struct intercept_closure *closure)
|
||||
sudo_warn("recv");
|
||||
goto done;
|
||||
default:
|
||||
closure->off += nread;
|
||||
closure->off += (uint32_t)nread;
|
||||
break;
|
||||
}
|
||||
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: received %zd bytes from client",
|
||||
@@ -820,7 +822,7 @@ fmt_intercept_response(InterceptResponse *resp,
|
||||
bool ret = false;
|
||||
debug_decl(fmt_intercept_response, SUDO_DEBUG_EXEC);
|
||||
|
||||
closure->len = intercept_response__get_packed_size(resp);
|
||||
closure->len = (uint32_t)intercept_response__get_packed_size(resp);
|
||||
if (closure->len > MESSAGE_SIZE_MAX) {
|
||||
sudo_warnx(U_("server message too large: %zu"), (size_t)closure->len);
|
||||
goto done;
|
||||
@@ -968,7 +970,7 @@ intercept_write(int fd, struct intercept_closure *closure)
|
||||
sudo_warn("send");
|
||||
goto done;
|
||||
}
|
||||
closure->off += nwritten;
|
||||
closure->off += (uint32_t)nwritten;
|
||||
|
||||
if (closure->off != closure->len) {
|
||||
/* Partial write. */
|
||||
|
||||
@@ -145,7 +145,7 @@ send_status(int fd, struct command_status *cstat)
|
||||
}
|
||||
cstat->type = CMD_INVALID; /* prevent re-sending */
|
||||
}
|
||||
debug_return_int(n);
|
||||
debug_return_ssize_t(n);
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
@@ -64,8 +64,8 @@ handle_sigwinch(struct exec_closure *ec, int fd)
|
||||
log_winchange(ec, wsize.ws_row, wsize.ws_col);
|
||||
|
||||
/* Update rows/cols. */
|
||||
ec->rows = wsize.ws_row;
|
||||
ec->cols = wsize.ws_col;
|
||||
ec->rows = (short)wsize.ws_row;
|
||||
ec->cols = (short)wsize.ws_col;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -218,8 +218,8 @@ fill_exec_closure(struct exec_closure *ec, struct command_status *cstat,
|
||||
ec->ppgrp = getpgrp();
|
||||
ec->cstat = cstat;
|
||||
ec->details = details;
|
||||
ec->rows = user_details->ts_rows;
|
||||
ec->cols = user_details->ts_cols;
|
||||
ec->rows = (short)user_details->ts_rows;
|
||||
ec->cols = (short)user_details->ts_cols;
|
||||
|
||||
/* Setup event base and events. */
|
||||
ec->evbase = evbase;
|
||||
@@ -373,11 +373,11 @@ read_callback(int fd, int what, void *v)
|
||||
default:
|
||||
sudo_debug_printf(SUDO_DEBUG_INFO,
|
||||
"read %zd bytes from fd %d", n, fd);
|
||||
if (!iob->action(iob->buf + iob->len, n, iob)) {
|
||||
if (!iob->action(iob->buf + iob->len, (unsigned int)n, iob)) {
|
||||
terminate_command(iob->ec->cmnd_pid, false);
|
||||
iob->ec->cmnd_pid = -1;
|
||||
}
|
||||
iob->len += n;
|
||||
iob->len += (unsigned int)n;
|
||||
/* Disable reader if buffer is full. */
|
||||
if (iob->len == sizeof(iob->buf))
|
||||
sudo_ev_del(evbase, iob->revent);
|
||||
@@ -410,7 +410,7 @@ write_callback(int fd, int what, void *v)
|
||||
case EBADF:
|
||||
/* other end of pipe closed */
|
||||
sudo_debug_printf(SUDO_DEBUG_INFO,
|
||||
"unable to write %d bytes to fd %d",
|
||||
"unable to write %u bytes to fd %d",
|
||||
iob->len - iob->off, fd);
|
||||
/* Close reader if there is one. */
|
||||
if (iob->revent != NULL) {
|
||||
@@ -436,7 +436,7 @@ write_callback(int fd, int what, void *v)
|
||||
} else {
|
||||
sudo_debug_printf(SUDO_DEBUG_INFO,
|
||||
"wrote %zd bytes to fd %d", n, fd);
|
||||
iob->off += n;
|
||||
iob->off += (unsigned int)n;
|
||||
/* Disable writer and reset the buffer if fully consumed. */
|
||||
if (iob->off == iob->len) {
|
||||
iob->off = iob->len = 0;
|
||||
|
||||
@@ -77,7 +77,8 @@ fmtstr(sudo_alloc_fn_t alloc_fn, sudo_free_fn_t free_fn, const char *ofmt, ...)
|
||||
continue;
|
||||
case 'd': {
|
||||
char numbuf[(((sizeof(int) * 8) + 2) / 3) + 2];
|
||||
len = snprintf(numbuf, sizeof(numbuf), "%d", va_arg(ap, int));
|
||||
len = (size_t)snprintf(numbuf, sizeof(numbuf), "%d",
|
||||
va_arg(ap, int));
|
||||
if (len >= sizeof(numbuf)) {
|
||||
goto oflow;
|
||||
}
|
||||
@@ -117,7 +118,7 @@ fmtstr(sudo_alloc_fn_t alloc_fn, sudo_free_fn_t free_fn, const char *ofmt, ...)
|
||||
if (size < 2) {
|
||||
goto oflow;
|
||||
}
|
||||
*cur++ = va_arg(ap, int);
|
||||
*cur++ = (char )va_arg(ap, int);
|
||||
size--;
|
||||
fmt += 2;
|
||||
continue;
|
||||
@@ -132,7 +133,7 @@ fmtstr(sudo_alloc_fn_t alloc_fn, sudo_free_fn_t free_fn, const char *ofmt, ...)
|
||||
fmt += 2;
|
||||
continue;
|
||||
case 'd':
|
||||
len = snprintf(cur, size, "%d", va_arg(ap, int));
|
||||
len = (size_t)snprintf(cur, size, "%d", va_arg(ap, int));
|
||||
if (len >= size) {
|
||||
goto oflow;
|
||||
}
|
||||
@@ -267,7 +268,7 @@ sudo_preload_dso_alloc(char *const envp[], const char *dso_file,
|
||||
if (intercept_ptr != NULL)
|
||||
continue;
|
||||
|
||||
fd = sudo_strtonum(cp, 0, INT_MAX, &errstr);
|
||||
fd = (int)sudo_strtonum(cp, 0, INT_MAX, &errstr);
|
||||
if (fd == intercept_fd && errstr == NULL)
|
||||
fd_present = true;
|
||||
|
||||
|
||||
@@ -351,7 +351,7 @@ ptrace_setregs(int pid, struct sudo_ptrace_regs *regs)
|
||||
* Read the string at addr and store in buf using process_vm_readv(2).
|
||||
* Returns the number of bytes stored, including the NUL.
|
||||
*/
|
||||
static size_t
|
||||
static ssize_t
|
||||
ptrace_readv_string(pid_t pid, unsigned long addr, char *buf, size_t bufsize)
|
||||
{
|
||||
const char *cp, *buf0 = buf;
|
||||
@@ -395,11 +395,11 @@ ptrace_readv_string(pid_t pid, unsigned long addr, char *buf, size_t bufsize)
|
||||
debug_return_ssize_t(-1);
|
||||
default:
|
||||
/* Check for NUL terminator in page. */
|
||||
cp = memchr(buf, '\0', nread);
|
||||
cp = memchr(buf, '\0', (size_t)nread);
|
||||
if (cp != NULL)
|
||||
debug_return_size_t((cp - buf0) + 1); /* includes NUL */
|
||||
debug_return_ssize_t((cp - buf0) + 1); /* includes NUL */
|
||||
buf += nread;
|
||||
bufsize -= nread;
|
||||
bufsize -= (size_t)nread;
|
||||
addr += sizeof(unsigned long);
|
||||
break;
|
||||
}
|
||||
@@ -412,7 +412,7 @@ ptrace_readv_string(pid_t pid, unsigned long addr, char *buf, size_t bufsize)
|
||||
* Read the string at addr and store in buf using ptrace(2).
|
||||
* Returns the number of bytes stored, including the NUL.
|
||||
*/
|
||||
static size_t
|
||||
static ssize_t
|
||||
ptrace_read_string(pid_t pid, unsigned long addr, char *buf, size_t bufsize)
|
||||
{
|
||||
const char *cp, *buf0 = buf;
|
||||
@@ -421,9 +421,9 @@ ptrace_read_string(pid_t pid, unsigned long addr, char *buf, size_t bufsize)
|
||||
debug_decl(ptrace_read_string, SUDO_DEBUG_EXEC);
|
||||
|
||||
#ifdef HAVE_PROCESS_VM_READV
|
||||
i = ptrace_readv_string(pid, addr, buf, bufsize);
|
||||
if (i != (size_t)-1 || errno != ENOSYS)
|
||||
debug_return_size_t(i);
|
||||
ssize_t nread = ptrace_readv_string(pid, addr, buf, bufsize);
|
||||
if (nread != -1 || errno != ENOSYS)
|
||||
debug_return_ssize_t(nread);
|
||||
#endif /* HAVE_PROCESS_VM_READV */
|
||||
|
||||
/*
|
||||
@@ -450,7 +450,7 @@ ptrace_read_string(pid_t pid, unsigned long addr, char *buf, size_t bufsize)
|
||||
}
|
||||
*buf = cp[i];
|
||||
if (*buf++ == '\0')
|
||||
debug_return_size_t(buf - buf0);
|
||||
debug_return_ssize_t(buf - buf0);
|
||||
bufsize--;
|
||||
}
|
||||
addr += sizeof(unsigned long);
|
||||
@@ -493,7 +493,7 @@ growbuf(char **bufp, size_t *bufsizep, char **curp, size_t *remp)
|
||||
* However, NULL is still stored as NULL.
|
||||
* Returns (size_t)-1 on failure.
|
||||
*/
|
||||
static size_t
|
||||
static ssize_t
|
||||
strtab_to_vec(char *strtab, size_t strtab_len, int *countp, char ***vecp,
|
||||
char **bufp, size_t *bufsizep, size_t remainder)
|
||||
{
|
||||
@@ -509,7 +509,7 @@ strtab_to_vec(char *strtab, size_t strtab_len, int *countp, char ***vecp,
|
||||
strend = strtab + strtab_len;
|
||||
}
|
||||
vec = (char **)LONGALIGN(strend);
|
||||
remainder -= (char *)vec - strend;
|
||||
remainder -= (size_t)((char *)vec - strend);
|
||||
|
||||
/* Fill in vector with the strings we read. */
|
||||
for (vp = vec; strtab < strend; ) {
|
||||
@@ -523,7 +523,7 @@ strtab_to_vec(char *strtab, size_t strtab_len, int *countp, char ***vecp,
|
||||
/* Store offset into buf (not a pointer) in case of realloc(). */
|
||||
*vp++ = (char *)(strtab - *bufp);
|
||||
remainder -= sizeof(char *);
|
||||
strtab = memchr(strtab, '\0', strend - strtab);
|
||||
strtab = memchr(strtab, '\0', (size_t)(strend - strtab));
|
||||
if (strtab == NULL)
|
||||
break;
|
||||
strtab++;
|
||||
@@ -534,7 +534,7 @@ strtab_to_vec(char *strtab, size_t strtab_len, int *countp, char ***vecp,
|
||||
*countp = count;
|
||||
*vecp = (char **)((char *)vec - *bufp);
|
||||
|
||||
debug_return_size_t((char *)vp - strend);
|
||||
debug_return_ssize_t((char *)vp - strend);
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -546,17 +546,17 @@ strtab_to_vec(char *strtab, size_t strtab_len, int *countp, char ***vecp,
|
||||
* offsets into pointers based on the buffer before using.
|
||||
* Returns the number of bytes in buf consumed (including NULs).
|
||||
*/
|
||||
static size_t
|
||||
static ssize_t
|
||||
ptrace_read_vec(pid_t pid, struct sudo_ptrace_regs *regs, unsigned long addr,
|
||||
int *countp, char ***vecp, char **bufp, size_t *bufsizep, size_t off)
|
||||
{
|
||||
# ifdef SECCOMP_AUDIT_ARCH_COMPAT
|
||||
unsigned long next_word = -1;
|
||||
unsigned long next_word = (unsigned long)-1;
|
||||
# endif
|
||||
size_t remainder = *bufsizep - off;
|
||||
size_t strtab_len, remainder = *bufsizep - off;
|
||||
char *strtab = *bufp + off;
|
||||
unsigned long word;
|
||||
size_t len, strtab_len;
|
||||
ssize_t len;
|
||||
debug_decl(ptrace_read_vec, SUDO_DEBUG_EXEC);
|
||||
|
||||
/* Treat a NULL vector as empty, thanks Linux. */
|
||||
@@ -571,7 +571,7 @@ ptrace_read_vec(pid_t pid, struct sudo_ptrace_regs *regs, unsigned long addr,
|
||||
*vecp = (char **)((char *)vp - *bufp);
|
||||
*countp = 0;
|
||||
*vp++ = NULL;
|
||||
debug_return_size_t((char *)vp - strtab);
|
||||
debug_return_ssize_t((char *)vp - strtab);
|
||||
}
|
||||
|
||||
/* Fill in string table. */
|
||||
@@ -608,7 +608,7 @@ ptrace_read_vec(pid_t pid, struct sudo_ptrace_regs *regs, unsigned long addr,
|
||||
default:
|
||||
for (;;) {
|
||||
len = ptrace_read_string(pid, word, strtab, remainder);
|
||||
if (len != (size_t)-1)
|
||||
if (len != -1)
|
||||
break;
|
||||
if (errno != ENOSPC)
|
||||
debug_return_ssize_t(-1);
|
||||
@@ -616,21 +616,21 @@ ptrace_read_vec(pid_t pid, struct sudo_ptrace_regs *regs, unsigned long addr,
|
||||
debug_return_ssize_t(-1);
|
||||
}
|
||||
strtab += len;
|
||||
remainder -= len;
|
||||
remainder -= (size_t)len;
|
||||
addr += regs->wordsize;
|
||||
continue;
|
||||
}
|
||||
} while (word != 0);
|
||||
|
||||
/* Store strings in a vector after the string table. */
|
||||
strtab_len = strtab - (*bufp + off);
|
||||
strtab_len = (size_t)(strtab - (*bufp + off));
|
||||
strtab = *bufp + off;
|
||||
len = strtab_to_vec(strtab, strtab_len, countp, vecp, bufp, bufsizep,
|
||||
remainder);
|
||||
if (len == (size_t)-1)
|
||||
if (len == -1)
|
||||
debug_return_ssize_t(-1);
|
||||
|
||||
debug_return_size_t(strtab_len + len);
|
||||
debug_return_ssize_t((ssize_t)strtab_len + len);
|
||||
}
|
||||
|
||||
#ifdef HAVE_PROCESS_VM_READV
|
||||
@@ -639,7 +639,7 @@ ptrace_read_vec(pid_t pid, struct sudo_ptrace_regs *regs, unsigned long addr,
|
||||
* process_vm_writev(2).
|
||||
* Returns the number of bytes written, including trailing NUL.
|
||||
*/
|
||||
static size_t
|
||||
static ssize_t
|
||||
ptrace_writev_string(pid_t pid, unsigned long addr, const char *str0)
|
||||
{
|
||||
const char *str = str0;
|
||||
@@ -678,10 +678,10 @@ ptrace_writev_string(pid_t pid, unsigned long addr, const char *str0)
|
||||
debug_return_ssize_t(-1);
|
||||
default:
|
||||
str += nwritten;
|
||||
len -= nwritten;
|
||||
addr += nwritten;
|
||||
len -= (size_t)nwritten;
|
||||
addr += (size_t)nwritten;
|
||||
if (len == 0)
|
||||
debug_return_size_t(str - str0); /* includes NUL */
|
||||
debug_return_ssize_t(str - str0); /* includes NUL */
|
||||
break;
|
||||
}
|
||||
}
|
||||
@@ -693,7 +693,7 @@ ptrace_writev_string(pid_t pid, unsigned long addr, const char *str0)
|
||||
* Write the NUL-terminated string str to addr in the tracee using ptrace(2).
|
||||
* Returns the number of bytes written, including trailing NUL.
|
||||
*/
|
||||
static size_t
|
||||
static ssize_t
|
||||
ptrace_write_string(pid_t pid, unsigned long addr, const char *str)
|
||||
{
|
||||
const char *str0 = str;
|
||||
@@ -705,9 +705,9 @@ ptrace_write_string(pid_t pid, unsigned long addr, const char *str)
|
||||
debug_decl(ptrace_write_string, SUDO_DEBUG_EXEC);
|
||||
|
||||
#ifdef HAVE_PROCESS_VM_READV
|
||||
i = ptrace_writev_string(pid, addr, str);
|
||||
if (i != (size_t)-1 || errno != ENOSYS)
|
||||
debug_return_size_t(i);
|
||||
ssize_t nwritten = ptrace_writev_string(pid, addr, str);
|
||||
if (nwritten != -1 || errno != ENOSYS)
|
||||
debug_return_ssize_t(nwritten);
|
||||
#endif /* HAVE_PROCESS_VM_READV */
|
||||
|
||||
/*
|
||||
@@ -731,7 +731,7 @@ ptrace_write_string(pid_t pid, unsigned long addr, const char *str)
|
||||
}
|
||||
if ((u.word & 0xff) == 0) {
|
||||
/* If the last byte we wrote is a NUL we are done. */
|
||||
debug_return_size_t(str - str0 + 1);
|
||||
debug_return_ssize_t(str - str0 + 1);
|
||||
}
|
||||
addr += sizeof(unsigned long);
|
||||
}
|
||||
@@ -744,7 +744,7 @@ ptrace_write_string(pid_t pid, unsigned long addr, const char *str)
|
||||
* Returns the number of bytes used in strtab (including NULs).
|
||||
* process_vm_writev() version.
|
||||
*/
|
||||
static size_t
|
||||
static ssize_t
|
||||
ptrace_writev_vec(pid_t pid, struct sudo_ptrace_regs *regs, char **vec,
|
||||
unsigned long addr, unsigned long strtab)
|
||||
{
|
||||
@@ -817,7 +817,7 @@ ptrace_writev_vec(pid_t pid, struct sudo_ptrace_regs *regs, char **vec,
|
||||
goto done;
|
||||
|
||||
/* Copy the strings to the (remote) string table. */
|
||||
expected = strtab - strtab0;
|
||||
expected = (ssize_t)(strtab - strtab0);
|
||||
for (;;) {
|
||||
nwritten = process_vm_writev(pid, local + off, len - off,
|
||||
remote + off, len - off, 0);
|
||||
@@ -844,7 +844,7 @@ ptrace_writev_vec(pid_t pid, struct sudo_ptrace_regs *regs, char **vec,
|
||||
|
||||
/* Adjust offset for partial write (doesn't cross iov boundary). */
|
||||
while (off < len) {
|
||||
nwritten -= local[off].iov_len;
|
||||
nwritten -= (ssize_t)local[off].iov_len;
|
||||
off++;
|
||||
if (nwritten <= 0)
|
||||
break;
|
||||
@@ -863,7 +863,7 @@ done:
|
||||
free(remote);
|
||||
free(addrbuf);
|
||||
if (total_written == expected)
|
||||
debug_return_size_t(total_written);
|
||||
debug_return_ssize_t(total_written);
|
||||
debug_return_ssize_t(-1);
|
||||
}
|
||||
#endif /* HAVE_PROCESS_VM_READV */
|
||||
@@ -873,18 +873,18 @@ done:
|
||||
* sufficient space. Strings are written to strtab.
|
||||
* Returns the number of bytes used in strtab (including NULs).
|
||||
*/
|
||||
static size_t
|
||||
static ssize_t
|
||||
ptrace_write_vec(pid_t pid, struct sudo_ptrace_regs *regs, char **vec,
|
||||
unsigned long addr, unsigned long strtab)
|
||||
{
|
||||
const unsigned long strtab0 = strtab;
|
||||
size_t i, len;
|
||||
size_t i;
|
||||
debug_decl(ptrace_write_vec, SUDO_DEBUG_EXEC);
|
||||
|
||||
#ifdef HAVE_PROCESS_VM_READV
|
||||
i = ptrace_writev_vec(pid, regs, vec, addr, strtab);
|
||||
if (i != (size_t)-1 || errno != ENOSYS)
|
||||
debug_return_size_t(i);
|
||||
ssize_t nwritten = ptrace_writev_vec(pid, regs, vec, addr, strtab);
|
||||
if (nwritten != -1 || errno != ENOSYS)
|
||||
debug_return_ssize_t(nwritten);
|
||||
#endif /* HAVE_PROCESS_VM_READV */
|
||||
|
||||
/* Copy string vector into tracee one word at a time. */
|
||||
@@ -892,10 +892,10 @@ ptrace_write_vec(pid_t pid, struct sudo_ptrace_regs *regs, char **vec,
|
||||
unsigned long word = strtab;
|
||||
|
||||
/* First write the actual string to tracee's string table. */
|
||||
len = ptrace_write_string(pid, strtab, vec[i]);
|
||||
if (len == (size_t)-1)
|
||||
debug_return_int(-1);
|
||||
strtab += len;
|
||||
nwritten = ptrace_write_string(pid, strtab, vec[i]);
|
||||
if (nwritten == -1)
|
||||
debug_return_ssize_t(-1);
|
||||
strtab += (size_t)nwritten;
|
||||
|
||||
# ifdef SECCOMP_AUDIT_ARCH_COMPAT
|
||||
if (regs->compat) {
|
||||
@@ -922,7 +922,7 @@ ptrace_write_vec(pid_t pid, struct sudo_ptrace_regs *regs, char **vec,
|
||||
if (ptrace(PTRACE_POKEDATA, pid, addr, word) == -1) {
|
||||
sudo_warn("%s: ptrace(PTRACE_POKEDATA, %d, 0x%lx, 0x%lx)",
|
||||
__func__, (int)pid, addr, word);
|
||||
debug_return_int(-1);
|
||||
debug_return_ssize_t(-1);
|
||||
}
|
||||
addr += sizeof(unsigned long);
|
||||
}
|
||||
@@ -932,11 +932,11 @@ ptrace_write_vec(pid_t pid, struct sudo_ptrace_regs *regs, char **vec,
|
||||
if (ptrace(PTRACE_POKEDATA, pid, addr, NULL) == -1) {
|
||||
sudo_warn("%s: ptrace(PTRACE_POKEDATA, %d, 0x%lx, NULL)",
|
||||
__func__, (int)pid, addr);
|
||||
debug_return_int(-1);
|
||||
debug_return_ssize_t(-1);
|
||||
}
|
||||
}
|
||||
|
||||
debug_return_size_t(strtab - strtab0);
|
||||
debug_return_ssize_t((ssize_t)(strtab - strtab0));
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -947,14 +947,14 @@ ptrace_write_vec(pid_t pid, struct sudo_ptrace_regs *regs, char **vec,
|
||||
static bool
|
||||
proc_read_link(pid_t pid, const char *name, char *buf, size_t bufsize)
|
||||
{
|
||||
size_t len;
|
||||
ssize_t len;
|
||||
char path[PATH_MAX];
|
||||
debug_decl(proc_read_link, SUDO_DEBUG_EXEC);
|
||||
|
||||
len = snprintf(path, sizeof(path), "/proc/%d/%s", (int)pid, name);
|
||||
if (len < sizeof(path)) {
|
||||
if (len > 0 && len < ssizeof(path)) {
|
||||
len = readlink(path, buf, bufsize - 1);
|
||||
if (len != (size_t)-1) {
|
||||
if (len != -1) {
|
||||
/* readlink(2) does not add the NUL for us. */
|
||||
buf[len] = '\0';
|
||||
debug_return_bool(true);
|
||||
@@ -973,8 +973,9 @@ get_execve_info(pid_t pid, struct sudo_ptrace_regs *regs, char **pathname_out,
|
||||
{
|
||||
char *argbuf, **argv, **envp, *pathname = NULL;
|
||||
unsigned long argv_addr, envp_addr, path_addr;
|
||||
size_t bufsize, len, off = 0;
|
||||
size_t bufsize, off = 0;
|
||||
int i, argc, envc = 0;
|
||||
ssize_t nread;
|
||||
debug_decl(get_execve_info, SUDO_DEBUG_EXEC);
|
||||
|
||||
bufsize = PATH_MAX + arg_max;
|
||||
@@ -994,27 +995,27 @@ get_execve_info(pid_t pid, struct sudo_ptrace_regs *regs, char **pathname_out,
|
||||
|
||||
/* Read the pathname, if not NULL. */
|
||||
if (path_addr != 0) {
|
||||
len = ptrace_read_string(pid, path_addr, argbuf, bufsize);
|
||||
if (len == (size_t)-1) {
|
||||
nread = ptrace_read_string(pid, path_addr, argbuf, bufsize);
|
||||
if (nread == -1) {
|
||||
sudo_debug_printf(
|
||||
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
|
||||
"unable to read execve pathname for process %d", (int)pid);
|
||||
goto bad;
|
||||
}
|
||||
/* Defer setting pathname until after all reallocations are done. */
|
||||
off = len;
|
||||
off = (size_t)nread;
|
||||
}
|
||||
|
||||
/* Read argv */
|
||||
len = ptrace_read_vec(pid, regs, argv_addr, &argc, &argv, &argbuf,
|
||||
nread = ptrace_read_vec(pid, regs, argv_addr, &argc, &argv, &argbuf,
|
||||
&bufsize, off);
|
||||
if (len == (size_t)-1) {
|
||||
if (nread == -1) {
|
||||
sudo_debug_printf(
|
||||
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
|
||||
"unable to read execve argv for process %d", (int)pid);
|
||||
goto bad;
|
||||
}
|
||||
off += len;
|
||||
off += (size_t)nread;
|
||||
|
||||
if (argc == 0) {
|
||||
/* Reserve an extra slot so we can store argv[0]. */
|
||||
@@ -1026,9 +1027,9 @@ get_execve_info(pid_t pid, struct sudo_ptrace_regs *regs, char **pathname_out,
|
||||
}
|
||||
|
||||
/* Read envp */
|
||||
len = ptrace_read_vec(pid, regs, envp_addr, &envc, &envp, &argbuf,
|
||||
nread = ptrace_read_vec(pid, regs, envp_addr, &envc, &envp, &argbuf,
|
||||
&bufsize, off);
|
||||
if (len == (size_t)-1) {
|
||||
if (nread == -1) {
|
||||
sudo_debug_printf(
|
||||
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
|
||||
"unable to read execve envp for process %d", (int)pid);
|
||||
@@ -1228,11 +1229,11 @@ exec_ptrace_seize(pid_t child)
|
||||
debug_decl(exec_ptrace_seize, SUDO_DEBUG_EXEC);
|
||||
|
||||
#ifdef HAVE_PROCESS_VM_READV
|
||||
page_size = sysconf(_SC_PAGESIZE);
|
||||
page_size = (size_t)sysconf(_SC_PAGESIZE);
|
||||
if (page_size == (size_t)-1)
|
||||
page_size = 4096;
|
||||
#endif
|
||||
arg_max = sysconf(_SC_ARG_MAX);
|
||||
arg_max = (size_t)sysconf(_SC_ARG_MAX);
|
||||
if (arg_max == (size_t)-1)
|
||||
arg_max = 128 * 1024;
|
||||
|
||||
@@ -1420,19 +1421,18 @@ done:
|
||||
debug_return_int((int)(argv - orig_argv));
|
||||
}
|
||||
|
||||
static size_t
|
||||
static ssize_t
|
||||
proc_read_vec(pid_t pid, const char *name, int *countp, char ***vecp,
|
||||
char **bufp, size_t *bufsizep, size_t off)
|
||||
{
|
||||
size_t remainder = *bufsizep - off;
|
||||
size_t len, strtab_len;
|
||||
size_t strtab_len, remainder = *bufsizep - off;
|
||||
char path[PATH_MAX], *strtab = *bufp + off;
|
||||
ssize_t len, nread;
|
||||
int fd;
|
||||
ssize_t nread;
|
||||
debug_decl(proc_read_vec, SUDO_DEBUG_EXEC);
|
||||
|
||||
len = snprintf(path, sizeof(path), "/proc/%d/%s", (int)pid, name);
|
||||
if (len >= sizeof(path))
|
||||
if (len >= ssizeof(path))
|
||||
debug_return_ssize_t(-1);
|
||||
|
||||
fd = open(path, O_RDONLY);
|
||||
@@ -1449,7 +1449,7 @@ proc_read_vec(pid_t pid, const char *name, int *countp, char ***vecp,
|
||||
debug_return_ssize_t(-1);
|
||||
}
|
||||
strtab += nread;
|
||||
remainder -= nread;
|
||||
remainder -= (size_t)nread;
|
||||
if (remainder < sizeof(char *)) {
|
||||
while (!growbuf(bufp, bufsizep, &strtab, &remainder)) {
|
||||
close(fd);
|
||||
@@ -1466,14 +1466,14 @@ proc_read_vec(pid_t pid, const char *name, int *countp, char ***vecp,
|
||||
}
|
||||
|
||||
/* Store strings in a vector after the string table. */
|
||||
strtab_len = strtab - (*bufp + off);
|
||||
strtab_len = (size_t)(strtab - (*bufp + off));
|
||||
strtab = *bufp + off;
|
||||
len = strtab_to_vec(strtab, strtab_len, countp, vecp, bufp, bufsizep,
|
||||
remainder);
|
||||
if (len == (size_t)-1)
|
||||
if (len == -1)
|
||||
debug_return_ssize_t(-1);
|
||||
|
||||
debug_return_size_t(strtab_len + len);
|
||||
debug_return_ssize_t((ssize_t)strtab_len + len);
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -1606,7 +1606,8 @@ ptrace_verify_post_exec(pid_t pid, struct sudo_ptrace_regs *regs,
|
||||
sigset_t chldmask;
|
||||
bool ret = false;
|
||||
int argc, envc, i, status;
|
||||
size_t bufsize, len;
|
||||
size_t bufsize;
|
||||
ssize_t len;
|
||||
debug_decl(ptrace_verify_post_exec, SUDO_DEBUG_EXEC);
|
||||
|
||||
/* Block SIGCHLD for the critical section (waitpid). */
|
||||
@@ -1653,15 +1654,16 @@ ptrace_verify_post_exec(pid_t pid, struct sudo_ptrace_regs *regs,
|
||||
}
|
||||
|
||||
len = proc_read_vec(pid, "cmdline", &argc, &argv, &argbuf, &bufsize, 0);
|
||||
if (len == (size_t)-1) {
|
||||
if (len == -1) {
|
||||
sudo_debug_printf(
|
||||
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
|
||||
"unable to read execve argv for process %d", (int)pid);
|
||||
goto done;
|
||||
}
|
||||
|
||||
len = proc_read_vec(pid, "environ", &envc, &envp, &argbuf, &bufsize, len);
|
||||
if (len == (size_t)-1) {
|
||||
len = proc_read_vec(pid, "environ", &envc, &envp, &argbuf, &bufsize,
|
||||
(size_t)len);
|
||||
if (len == -1) {
|
||||
sudo_debug_printf(
|
||||
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
|
||||
"unable to read execve envp for process %d", (int)pid);
|
||||
@@ -1861,7 +1863,8 @@ ptrace_intercept_execve(pid_t pid, struct intercept_closure *closure)
|
||||
*/
|
||||
unsigned long sp = get_stack_pointer(®s) - 128;
|
||||
unsigned long strtab;
|
||||
size_t len, space = 0;
|
||||
size_t space = 0;
|
||||
ssize_t nwritten;
|
||||
|
||||
sudo_debug_execve(SUDO_DEBUG_DIAG, closure->command,
|
||||
closure->run_argv, envp);
|
||||
@@ -1881,7 +1884,7 @@ ptrace_intercept_execve(pid_t pid, struct intercept_closure *closure)
|
||||
*/
|
||||
if (argv_mismatch) {
|
||||
/* argv pointers */
|
||||
space += (argc + 1 + regs.compat) * regs.wordsize;
|
||||
space += (size_t)(argc + 1 + regs.compat) * regs.wordsize;
|
||||
|
||||
/* argv strings */
|
||||
for (argc = 0; closure->run_argv[argc] != NULL; argc++) {
|
||||
@@ -1902,21 +1905,21 @@ ptrace_intercept_execve(pid_t pid, struct intercept_closure *closure)
|
||||
set_sc_arg2(®s, sp);
|
||||
|
||||
/* Skip over argv pointers (plus NULL) for string table. */
|
||||
strtab += (argc + 1 + regs.compat) * regs.wordsize;
|
||||
strtab += (size_t)(argc + 1 + regs.compat) * regs.wordsize;
|
||||
|
||||
len = ptrace_write_vec(pid, ®s, closure->run_argv,
|
||||
nwritten = ptrace_write_vec(pid, ®s, closure->run_argv,
|
||||
sp, strtab);
|
||||
if (len == (size_t)-1)
|
||||
if (nwritten == -1)
|
||||
goto done;
|
||||
strtab += len;
|
||||
strtab += (unsigned long)nwritten;
|
||||
}
|
||||
if (path_mismatch) {
|
||||
/* Update pathname address in the tracee to our new value. */
|
||||
set_sc_arg1(®s, strtab);
|
||||
|
||||
/* Write pathname to the string table. */
|
||||
len = ptrace_write_string(pid, strtab, closure->command);
|
||||
if (len == (size_t)-1)
|
||||
nwritten = ptrace_write_string(pid, strtab, closure->command);
|
||||
if (nwritten == -1)
|
||||
goto done;
|
||||
}
|
||||
|
||||
|
||||
@@ -418,11 +418,11 @@ read_callback(int fd, int what, void *v)
|
||||
default:
|
||||
sudo_debug_printf(SUDO_DEBUG_INFO,
|
||||
"read %zd bytes from fd %d", n, fd);
|
||||
if (!iob->action(iob->buf + iob->len, n, iob)) {
|
||||
if (!iob->action(iob->buf + iob->len, (unsigned int)n, iob)) {
|
||||
terminate_command(iob->ec->cmnd_pid, true);
|
||||
iob->ec->cmnd_pid = -1;
|
||||
}
|
||||
iob->len += n;
|
||||
iob->len += (unsigned int)n;
|
||||
/* Disable reader if buffer is full. */
|
||||
if (iob->len == sizeof(iob->buf))
|
||||
sudo_ev_del(evbase, iob->revent);
|
||||
@@ -484,7 +484,7 @@ write_callback(int fd, int what, void *v)
|
||||
case EBADF:
|
||||
/* other end of pipe closed or pty revoked */
|
||||
sudo_debug_printf(SUDO_DEBUG_INFO,
|
||||
"unable to write %d bytes to fd %d",
|
||||
"unable to write %u bytes to fd %d",
|
||||
iob->len - iob->off, fd);
|
||||
/* Close reader if there is one. */
|
||||
if (iob->revent != NULL) {
|
||||
@@ -515,7 +515,7 @@ write_callback(int fd, int what, void *v)
|
||||
} else {
|
||||
sudo_debug_printf(SUDO_DEBUG_INFO,
|
||||
"wrote %zd bytes to fd %d", n, fd);
|
||||
iob->off += n;
|
||||
iob->off += (unsigned int)n;
|
||||
/* Disable writer and reset the buffer if fully consumed. */
|
||||
if (iob->off == iob->len) {
|
||||
iob->off = iob->len = 0;
|
||||
@@ -946,8 +946,8 @@ fill_exec_closure(struct exec_closure *ec, struct command_status *cstat,
|
||||
ec->cmnd_pid = -1;
|
||||
ec->cstat = cstat;
|
||||
ec->details = details;
|
||||
ec->rows = user_details->ts_rows;
|
||||
ec->cols = user_details->ts_cols;
|
||||
ec->rows = (short)user_details->ts_rows;
|
||||
ec->cols = (short)user_details->ts_cols;
|
||||
|
||||
/* Reset cstat for running the command. */
|
||||
cstat->type = CMD_INVALID;
|
||||
@@ -1464,8 +1464,8 @@ sync_ttysize(struct exec_closure *ec)
|
||||
killpg(ec->cmnd_pid, SIGWINCH);
|
||||
|
||||
/* Update rows/cols. */
|
||||
ec->rows = wsize.ws_row;
|
||||
ec->cols = wsize.ws_col;
|
||||
ec->rows = (short)wsize.ws_row;
|
||||
ec->cols = (short)wsize.ws_col;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -140,7 +140,7 @@ get_net_ifs(char **addrinfo_out)
|
||||
}
|
||||
if (num_interfaces == 0)
|
||||
goto done;
|
||||
ailen = num_interfaces * 2 * INET6_ADDRSTRLEN;
|
||||
ailen = (size_t)num_interfaces * 2 * INET6_ADDRSTRLEN;
|
||||
if ((cp = malloc(ailen)) == NULL) {
|
||||
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
|
||||
"unable to allocate memory");
|
||||
@@ -207,7 +207,7 @@ get_net_ifs(char **addrinfo_out)
|
||||
goto bad;
|
||||
}
|
||||
cp += len;
|
||||
ailen -= len;
|
||||
ailen -= (size_t)len;
|
||||
}
|
||||
*addrinfo_out = addrinfo;
|
||||
goto done;
|
||||
|
||||
@@ -642,7 +642,7 @@ parse_args(int argc, char **argv, const char *shell, int *old_optind,
|
||||
ac += 2; /* -c cmnd */
|
||||
}
|
||||
|
||||
av = reallocarray(NULL, ac + 1, sizeof(char *));
|
||||
av = reallocarray(NULL, (size_t)ac + 1, sizeof(char *));
|
||||
if (av == NULL)
|
||||
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
||||
if (!gc_add(GC_PTR, av))
|
||||
@@ -667,7 +667,7 @@ parse_args(int argc, char **argv, const char *shell, int *old_optind,
|
||||
char **av;
|
||||
int ac;
|
||||
|
||||
av = reallocarray(NULL, argc + 2, sizeof(char *));
|
||||
av = reallocarray(NULL, (size_t)argc + 2, sizeof(char *));
|
||||
if (av == NULL)
|
||||
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
||||
if (!gc_add(GC_PTR, av))
|
||||
@@ -713,7 +713,7 @@ display_usage(FILE *fp)
|
||||
if (strcmp(getprogname(), "sudoedit") == 0)
|
||||
uvecs = sudoedit_usage;
|
||||
|
||||
indent = strlen(getprogname()) + 8;
|
||||
indent = (int)strlen(getprogname()) + 8;
|
||||
while ((uvec = *uvecs) != NULL) {
|
||||
(void)fprintf(fp, "usage: %s %s\n", getprogname(), uvec[0]);
|
||||
for (i = 1; uvec[i] != NULL; i++) {
|
||||
|
||||
@@ -126,7 +126,7 @@ closefrom_except(int startfd, struct preserved_fd_list *pfds)
|
||||
}
|
||||
|
||||
/* Create bitmap of preserved (relocated) fds. */
|
||||
fdbits = calloc((lastfd + NBBY) / NBBY, 1);
|
||||
fdbits = calloc((size_t)(lastfd + NBBY) / NBBY, 1);
|
||||
if (fdbits == NULL)
|
||||
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
||||
TAILQ_FOREACH(pfd, pfds, entries) {
|
||||
|
||||
29
src/sudo.c
29
src/sudo.c
@@ -400,7 +400,8 @@ fill_group_list(const char *user, struct sudo_cred *cred)
|
||||
*/
|
||||
cred->ngroups = sudo_conf_max_groups();
|
||||
if (cred->ngroups > 0) {
|
||||
cred->groups = reallocarray(NULL, cred->ngroups, sizeof(GETGROUPS_T));
|
||||
cred->groups =
|
||||
reallocarray(NULL, (size_t)cred->ngroups, sizeof(GETGROUPS_T));
|
||||
if (cred->groups != NULL) {
|
||||
/* Clamp to max_groups if insufficient space for all groups. */
|
||||
if (sudo_getgrouplist2(user, cred->gid, &cred->groups,
|
||||
@@ -446,7 +447,8 @@ get_user_groups(const char *user, struct sudo_cred *cred)
|
||||
if (cred->ngroups > 0) {
|
||||
/* Use groups from kernel if not at limit or source is static. */
|
||||
if (cred->ngroups != maxgroups || group_source == GROUP_SOURCE_STATIC) {
|
||||
cred->groups = reallocarray(NULL, cred->ngroups, sizeof(GETGROUPS_T));
|
||||
cred->groups = reallocarray(NULL, (size_t)cred->ngroups,
|
||||
sizeof(GETGROUPS_T));
|
||||
if (cred->groups == NULL)
|
||||
goto done;
|
||||
cred->ngroups = getgroups(cred->ngroups, cred->groups);
|
||||
@@ -476,17 +478,19 @@ get_user_groups(const char *user, struct sudo_cred *cred)
|
||||
/*
|
||||
* Format group list as a comma-separated string of gids.
|
||||
*/
|
||||
glsize = sizeof("groups=") - 1 + (cred->ngroups * (MAX_UID_T_LEN + 1));
|
||||
glsize = sizeof("groups=") - 1 + ((size_t)cred->ngroups * (MAX_UID_T_LEN + 1));
|
||||
if ((gid_list = malloc(glsize)) == NULL)
|
||||
goto done;
|
||||
memcpy(gid_list, "groups=", sizeof("groups=") - 1);
|
||||
cp = gid_list + sizeof("groups=") - 1;
|
||||
glsize -= (size_t)(cp - gid_list);
|
||||
for (i = 0; i < cred->ngroups; i++) {
|
||||
len = snprintf(cp, glsize - (cp - gid_list), "%s%u",
|
||||
i ? "," : "", (unsigned int)cred->groups[i]);
|
||||
if (len < 0 || (size_t)len >= glsize - (cp - gid_list))
|
||||
len = snprintf(cp, glsize, "%s%u", i ? "," : "",
|
||||
(unsigned int)cred->groups[i]);
|
||||
if (len < 0 || (size_t)len >= glsize)
|
||||
sudo_fatalx(U_("internal error, %s overflow"), __func__);
|
||||
cp += len;
|
||||
glsize -= (size_t)len;
|
||||
}
|
||||
done:
|
||||
debug_return_str(gid_list);
|
||||
@@ -704,7 +708,8 @@ command_info_to_details(char * const info[], struct command_details *details)
|
||||
SET_FLAG("cwd_optional=", CD_CWD_OPTIONAL)
|
||||
if (strncmp("closefrom=", info[i], sizeof("closefrom=") - 1) == 0) {
|
||||
cp = info[i] + sizeof("closefrom=") - 1;
|
||||
details->closefrom = sudo_strtonum(cp, 0, INT_MAX, &errstr);
|
||||
details->closefrom =
|
||||
(int)sudo_strtonum(cp, 0, INT_MAX, &errstr);
|
||||
if (errstr != NULL)
|
||||
sudo_fatalx(U_("%s: %s"), info[i], U_(errstr));
|
||||
break;
|
||||
@@ -714,7 +719,8 @@ command_info_to_details(char * const info[], struct command_details *details)
|
||||
SET_FLAG("exec_background=", CD_EXEC_BG)
|
||||
if (strncmp("execfd=", info[i], sizeof("execfd=") - 1) == 0) {
|
||||
cp = info[i] + sizeof("execfd=") - 1;
|
||||
details->execfd = sudo_strtonum(cp, 0, INT_MAX, &errstr);
|
||||
details->execfd =
|
||||
(int)sudo_strtonum(cp, 0, INT_MAX, &errstr);
|
||||
if (errstr != NULL)
|
||||
sudo_fatalx(U_("%s: %s"), info[i], U_(errstr));
|
||||
#ifdef HAVE_FEXECVE
|
||||
@@ -740,7 +746,7 @@ command_info_to_details(char * const info[], struct command_details *details)
|
||||
case 'n':
|
||||
if (strncmp("nice=", info[i], sizeof("nice=") - 1) == 0) {
|
||||
cp = info[i] + sizeof("nice=") - 1;
|
||||
details->priority = sudo_strtonum(cp, INT_MIN, INT_MAX,
|
||||
details->priority = (int)sudo_strtonum(cp, INT_MIN, INT_MAX,
|
||||
&errstr);
|
||||
if (errstr != NULL)
|
||||
sudo_fatalx(U_("%s: %s"), info[i], U_(errstr));
|
||||
@@ -840,7 +846,7 @@ command_info_to_details(char * const info[], struct command_details *details)
|
||||
SET_FLAG("sudoedit_follow=", CD_SUDOEDIT_FOLLOW)
|
||||
if (strncmp("sudoedit_nfiles=", info[i], sizeof("sudoedit_nfiles=") - 1) == 0) {
|
||||
cp = info[i] + sizeof("sudoedit_nfiles=") - 1;
|
||||
details->nfiles = sudo_strtonum(cp, 1, INT_MAX,
|
||||
details->nfiles = (int)sudo_strtonum(cp, 1, INT_MAX,
|
||||
&errstr);
|
||||
if (errstr != NULL)
|
||||
sudo_fatalx(U_("%s: %s"), info[i], U_(errstr));
|
||||
@@ -850,7 +856,8 @@ command_info_to_details(char * const info[], struct command_details *details)
|
||||
case 't':
|
||||
if (strncmp("timeout=", info[i], sizeof("timeout=") - 1) == 0) {
|
||||
cp = info[i] + sizeof("timeout=") - 1;
|
||||
details->timeout = sudo_strtonum(cp, 0, INT_MAX, &errstr);
|
||||
details->timeout =
|
||||
(unsigned int)sudo_strtonum(cp, 0, UINT_MAX, &errstr);
|
||||
if (errstr != NULL)
|
||||
sudo_fatalx(U_("%s: %s"), info[i], U_(errstr));
|
||||
SET(details->flags, CD_SET_TIMEOUT);
|
||||
|
||||
@@ -191,7 +191,7 @@ struct command_details {
|
||||
mode_t umask;
|
||||
int argc;
|
||||
int priority;
|
||||
int timeout;
|
||||
unsigned int timeout;
|
||||
int closefrom;
|
||||
int flags;
|
||||
int execfd;
|
||||
|
||||
@@ -84,7 +84,7 @@ set_tmpdir(const struct sudo_cred *user_cred)
|
||||
saved_cred.ngroups = getgroups(0, NULL); // -V575
|
||||
if (saved_cred.ngroups > 0) {
|
||||
saved_cred.groups =
|
||||
reallocarray(NULL, saved_cred.ngroups, sizeof(GETGROUPS_T));
|
||||
reallocarray(NULL, (size_t)saved_cred.ngroups, sizeof(GETGROUPS_T));
|
||||
if (saved_cred.groups == NULL) {
|
||||
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
||||
debug_return_bool(false);
|
||||
@@ -149,7 +149,7 @@ sudo_edit_mktemp(const char *ofile, char **tfile)
|
||||
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
||||
debug_return_int(-1);
|
||||
}
|
||||
tfd = mkstemps(*tfile, suff ? strlen(suff) : 0);
|
||||
tfd = mkstemps(*tfile, suff ? (int)strlen(suff) : 0);
|
||||
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
|
||||
"%s -> %s, fd %d", ofile, *tfile, tfd);
|
||||
debug_return_int(tfd);
|
||||
@@ -687,7 +687,7 @@ sudo_edit(struct command_details *command_details,
|
||||
}
|
||||
|
||||
/* Copy editor files to temporaries. */
|
||||
tf = calloc(nfiles, sizeof(*tf));
|
||||
tf = calloc((size_t)nfiles, sizeof(*tf));
|
||||
if (tf == NULL) {
|
||||
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
||||
goto cleanup;
|
||||
@@ -707,7 +707,7 @@ sudo_edit(struct command_details *command_details,
|
||||
* to create a new argv.
|
||||
*/
|
||||
nargc = editor_argc + nfiles;
|
||||
nargv = reallocarray(NULL, nargc + 1, sizeof(char *));
|
||||
nargv = reallocarray(NULL, (size_t)nargc + 1, sizeof(char *));
|
||||
if (nargv == NULL) {
|
||||
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
||||
goto cleanup;
|
||||
|
||||
@@ -95,8 +95,8 @@ struct io_buffer {
|
||||
struct sudo_event *revent;
|
||||
struct sudo_event *wevent;
|
||||
sudo_io_action_t action;
|
||||
int len; /* buffer length (how much produced) */
|
||||
int off; /* write position (how much already consumed) */
|
||||
unsigned int len; /* buffer length (how much produced) */
|
||||
unsigned int off; /* write position (how much already consumed) */
|
||||
char buf[64 * 1024];
|
||||
};
|
||||
SLIST_HEAD(io_buffer_list, io_buffer);
|
||||
|
||||
@@ -90,7 +90,7 @@ static char **
|
||||
copy_vector(char * const *src)
|
||||
{
|
||||
char **copy;
|
||||
int i, len = 0;
|
||||
size_t i, len = 0;
|
||||
debug_decl(copy_vector, SUDO_DEBUG_EXEC);
|
||||
|
||||
if (src != NULL) {
|
||||
@@ -141,7 +141,7 @@ resolve_path(const char *cmnd, char *out_cmnd, size_t out_size)
|
||||
endp = cp + strlen(cp);
|
||||
while (cp < endp) {
|
||||
char *colon = strchr(cp, ':');
|
||||
dirlen = colon ? (colon - cp) : (endp - cp);
|
||||
dirlen = colon ? (int)(colon - cp) : (int)(endp - cp);
|
||||
if (dirlen == 0) {
|
||||
/* empty PATH component is the same as "." */
|
||||
len = snprintf(path, sizeof(path), "./%s", cmnd);
|
||||
@@ -265,12 +265,12 @@ exec_wrapper(const char *cmnd, char * const argv[], char * const envp[],
|
||||
|
||||
for (argc = 0; argv[argc] != NULL; argc++)
|
||||
continue;
|
||||
shargv = sudo_mmap_allocarray(argc + 2, sizeof(char *));
|
||||
shargv = sudo_mmap_allocarray((size_t)argc + 2, sizeof(char *));
|
||||
if (shargv == NULL)
|
||||
goto bad;
|
||||
shargv[0] = "sh";
|
||||
shargv[1] = ncmnd;
|
||||
memcpy(shargv + 2, nargv + 1, argc * sizeof(char *));
|
||||
memcpy(shargv + 2, nargv + 1, (size_t)argc * sizeof(char *));
|
||||
((sudo_fn_execve_t)fn)(_PATH_SUDO_BSHELL, (char **)shargv, nenvp);
|
||||
sudo_mmap_free(shargv);
|
||||
}
|
||||
@@ -311,7 +311,7 @@ execl_wrapper(int type, const char *name, const char *arg, va_list ap)
|
||||
while (va_arg(ap2, char *) != NULL)
|
||||
argc++;
|
||||
va_end(ap2);
|
||||
argv = sudo_mmap_allocarray(argc + 1, sizeof(char *));
|
||||
argv = sudo_mmap_allocarray((size_t)argc + 1, sizeof(char *));
|
||||
if (argv == NULL)
|
||||
debug_return_int(-1);
|
||||
|
||||
|
||||
@@ -85,7 +85,7 @@ send_req(int sock, const void *buf, size_t len)
|
||||
continue;
|
||||
debug_return_bool(false);
|
||||
}
|
||||
len -= nwritten;
|
||||
len -= (size_t)nwritten;
|
||||
cp += nwritten;
|
||||
} while (len > 0);
|
||||
|
||||
@@ -115,7 +115,7 @@ send_client_hello(int sock)
|
||||
goto done;
|
||||
}
|
||||
/* Wire message size is used for length encoding, precedes message. */
|
||||
msg_len = len;
|
||||
msg_len = len & 0xffffffff;
|
||||
len += sizeof(msg_len);
|
||||
|
||||
if ((buf = sudo_mmap_alloc(len)) == NULL) {
|
||||
@@ -196,7 +196,7 @@ recv_intercept_response(int fd)
|
||||
"error reading response");
|
||||
goto done;
|
||||
default:
|
||||
rem -= nread;
|
||||
rem -= (uint32_t)nread;
|
||||
cp += nread;
|
||||
break;
|
||||
}
|
||||
@@ -248,7 +248,7 @@ sudo_interposer_init(void)
|
||||
|
||||
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, "%s", *p);
|
||||
|
||||
fd = sudo_strtonum(fdstr, 0, INT_MAX, &errstr);
|
||||
fd = (int)sudo_strtonum(fdstr, 0, INT_MAX, &errstr);
|
||||
if (errstr != NULL) {
|
||||
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
|
||||
"invalid SUDO_INTERCEPT_FD: %s: %s", fdstr, errstr);
|
||||
@@ -280,7 +280,7 @@ sudo_interposer_init(void)
|
||||
if (res->type_case == INTERCEPT_RESPONSE__TYPE_HELLO_RESP) {
|
||||
intercept_token.u64[0] = res->u.hello_resp->token_lo;
|
||||
intercept_token.u64[1] = res->u.hello_resp->token_hi;
|
||||
intercept_port = res->u.hello_resp->portno;
|
||||
intercept_port = (in_port_t)res->u.hello_resp->portno;
|
||||
log_only = res->u.hello_resp->log_only;
|
||||
} else {
|
||||
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
|
||||
@@ -340,7 +340,7 @@ send_policy_check_req(int sock, const char *cmnd, char * const argv[],
|
||||
goto done;
|
||||
}
|
||||
/* Wire message size is used for length encoding, precedes message. */
|
||||
msg_len = len;
|
||||
msg_len = len & 0xffffffff;
|
||||
len += sizeof(msg_len);
|
||||
|
||||
if ((buf = sudo_mmap_alloc(len)) == NULL) {
|
||||
|
||||
@@ -222,7 +222,7 @@ restart:
|
||||
}
|
||||
|
||||
if (timeout > 0)
|
||||
alarm(timeout);
|
||||
alarm((unsigned int)timeout);
|
||||
pass = getln(input, buf, sizeof(buf), feedback, &errval);
|
||||
alarm(0);
|
||||
save_errno = errno;
|
||||
|
||||
@@ -133,7 +133,7 @@ get_process_ttyname(char *name, size_t namelen)
|
||||
if (rc != -1) {
|
||||
if ((dev_t)ki_proc->sudo_kp_tdev != (dev_t)-1) {
|
||||
errno = serrno;
|
||||
ret = sudo_ttyname_dev(ki_proc->sudo_kp_tdev, name, namelen);
|
||||
ret = sudo_ttyname_dev((dev_t)ki_proc->sudo_kp_tdev, name, namelen);
|
||||
if (ret == NULL) {
|
||||
sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
|
||||
"unable to map device number %lu to name",
|
||||
@@ -223,7 +223,7 @@ get_process_ttyname(char *name, size_t namelen)
|
||||
*/
|
||||
if ((fd = open(path, O_RDONLY | O_NOFOLLOW)) != -1) {
|
||||
cp = buf;
|
||||
while ((nread = read(fd, cp, buf + sizeof(buf) - cp)) != 0) {
|
||||
while ((nread = read(fd, cp, sizeof(buf) - (size_t)(cp - buf))) != 0) {
|
||||
if (nread == -1) {
|
||||
if (errno == EAGAIN || errno == EINTR)
|
||||
continue;
|
||||
@@ -233,7 +233,7 @@ get_process_ttyname(char *name, size_t namelen)
|
||||
if (cp >= buf + sizeof(buf))
|
||||
break;
|
||||
}
|
||||
if (nread == 0 && memchr(buf, '\0', cp - buf) == NULL) {
|
||||
if (nread == 0 && memchr(buf, '\0', (size_t)(cp - buf)) == NULL) {
|
||||
/*
|
||||
* Field 7 is the tty dev (0 if no tty).
|
||||
* Since the process name at field 2 "(comm)" may include
|
||||
@@ -251,8 +251,8 @@ get_process_ttyname(char *name, size_t namelen)
|
||||
*ep = '\0';
|
||||
field++;
|
||||
if (field == 7) {
|
||||
int tty_nr = sudo_strtonum(cp, INT_MIN, INT_MAX,
|
||||
&errstr);
|
||||
int tty_nr = (int)sudo_strtonum(cp, INT_MIN,
|
||||
INT_MAX, &errstr);
|
||||
if (errstr) {
|
||||
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
|
||||
"%s: tty device %s: %s", path, cp, errstr);
|
||||
@@ -272,7 +272,8 @@ get_process_ttyname(char *name, size_t namelen)
|
||||
break;
|
||||
}
|
||||
if (field == 3) {
|
||||
ppid = sudo_strtonum(cp, INT_MIN, INT_MAX, NULL);
|
||||
ppid =
|
||||
(int)sudo_strtonum(cp, INT_MIN, INT_MAX, NULL);
|
||||
}
|
||||
cp = ep + 1;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user