Promote verbose flag to int for display_privs and display_cmnd.

A negative verbosity will prevent non-error output from being
displayed.

plugins/sudoers/display.c

@@ -455,7 +455,7 @@ output(const char *buf)
  */
 int
 display_privs(struct sudoers_context *ctx, const struct sudo_nss_list *snl,
-    struct passwd *pw, bool verbose)
+    struct passwd *pw, int verbose)
 {
     const struct sudo_nss *nss;
     struct sudo_lbuf def_buf, priv_buf;
@@ -464,6 +464,11 @@ display_privs(struct sudoers_context *ctx, const struct sudo_nss_list *snl,
     struct stat sb;
     debug_decl(display_privs, SUDOERS_DEBUG_PARSER);
 
+    if (verbose < 0) {
+	/* Nothing to display. */
+	debug_return_int(true);
+    }
+
     cols = ctx->user.cols;
     if (fstat(STDOUT_FILENO, &sb) == 0 && S_ISFIFO(sb.st_mode))
 	cols = 0;
@@ -608,7 +613,7 @@ done:
  */
 int
 display_cmnd(struct sudoers_context *ctx, const struct sudo_nss_list *snl,
-    struct passwd *pw, bool verbose)
+    struct passwd *pw, int verbose)
 {
     struct sudoers_match_info match_info = { NULL };
     struct sudo_lbuf lbuf;
@@ -635,6 +640,10 @@ display_cmnd(struct sudoers_context *ctx, const struct sudo_nss_list *snl,
 	    break;
     }
     if (match == ALLOW) {
+	if (verbose < 0) {
+	    /* Nothing to display. */
+	    debug_return_int(true);
+	}
 	if (verbose) {
 	    /* Append matching sudoers rule (long form). */
 	    display_cmndspec_long(match_info.parse_tree, pw, match_info.us,

plugins/sudoers/parse.h

@@ -479,8 +479,8 @@ struct sudo_nss_list;
 unsigned int sudoers_lookup(struct sudo_nss_list *snl, struct sudoers_context *ctx, time_t now, sudoers_lookup_callback_fn_t callback, void *cb_data, int *cmnd_status, int pwflag);
 
 /* display.c */
-int display_privs(struct sudoers_context *ctx, const struct sudo_nss_list *snl, struct passwd *pw, bool verbose);
+int display_privs(struct sudoers_context *ctx, const struct sudo_nss_list *snl, struct passwd *pw, int verbose);
-int display_cmnd(struct sudoers_context *ctx, const struct sudo_nss_list *snl, struct passwd *pw, bool verbose);
+int display_cmnd(struct sudoers_context *ctx, const struct sudo_nss_list *snl, struct passwd *pw, int verbose);
 
 /* parse_ldif.c */
 bool sudoers_parse_ldif(struct sudoers_parse_tree *parse_tree, FILE *fp, const char *sudoers_base, bool store_options);

plugins/sudoers/regress/fuzz/fuzz_policy.c

@@ -816,7 +816,7 @@ sudoers_lookup(struct sudo_nss_list *snl, struct sudoers_context *ctx,
 /* STUB */
 int
 display_cmnd(struct sudoers_context *ctx, const struct sudo_nss_list *snl,
-    struct passwd *pw, bool verbose)
+    struct passwd *pw, int verbose)
 {
     return true;
 }
@@ -824,7 +824,7 @@ display_cmnd(struct sudoers_context *ctx, const struct sudo_nss_list *snl,
 /* STUB */
 int
 display_privs(struct sudoers_context *ctx, const struct sudo_nss_list *snl,
-    struct passwd *pw, bool verbose)
+    struct passwd *pw, int verbose)
 {
     return true;
 }

plugins/sudoers/sudoers.c

@@ -908,7 +908,7 @@ done:
  * -2 for usage error.
  */
 int
-sudoers_list(int argc, char * const argv[], const char *list_user, bool verbose)
+sudoers_list(int argc, char * const argv[], const char *list_user, int verbose)
 {
     struct passwd *pw;
     int ret = -1;

plugins/sudoers/sudoers.h

@@ -440,7 +440,7 @@ int set_cmnd_path(struct sudoers_context *ctx, const char *runchroot);
 void set_cmnd_status(struct sudoers_context *ctx, const char *runchroot);
 int sudoers_init(void *info, sudoers_logger_t logger, char * const envp[]);
 int sudoers_check_cmnd(int argc, char *const argv[], char *env_add[], void *closure);
-int sudoers_list(int argc, char *const argv[], const char *list_user, bool verbose);
+int sudoers_list(int argc, char *const argv[], const char *list_user, int verbose);
 int sudoers_validate_user(void);
 void sudoers_cleanup(void);
 bool sudoers_override_umask(void);