isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add plugin_setjmp() wrapper for siglongjmp(error_jmp, 1) so we don't

Browse Source 
need error_jmp to be extern.  Also add plugin_clearjmp() that clears
a flag so error()/errorx() knows when to call exit() vs. longjmp().
This commit is contained in:
Todd C. Miller
2012-11-25 09:34:26 -05:00
parent d658d12195
commit 5496ffe1e8
6 changed files with 49 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
plugins/sudoers/iolog.c
View File

@@ -52,8 +52,6 @@
#include "sudoers.h" #include "sudoers.h"
extern sigjmp_buf error_jmp;
union io_fd { union io_fd {
FILE *f; FILE *f;
#ifdef HAVE_ZLIB_H #ifdef HAVE_ZLIB_H
@@ -478,7 +476,7 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation,
if (argc == 0) if (argc == 0)
debug_return_bool(true); debug_return_bool(true);
if (sigsetjmp(error_jmp, 1)) { if (plugin_setjmp() != 0) {
/* called via error(), errorx() or log_fatal() */ /* called via error(), errorx() or log_fatal() */
rval = -1; rval = -1;
goto done; goto done;
@@ -603,6 +601,7 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation,
rval = true; rval = true;
done: done:
plugin_clearjmp();
efree(tofree); efree(tofree);
if (details.runas_pw) if (details.runas_pw)
sudo_pw_delref(details.runas_pw); sudo_pw_delref(details.runas_pw);
@@ -620,8 +619,9 @@ sudoers_io_close(int exit_status, int error)
int i; int i;
debug_decl(sudoers_io_close, SUDO_DEBUG_PLUGIN) debug_decl(sudoers_io_close, SUDO_DEBUG_PLUGIN)
if (sigsetjmp(error_jmp, 1)) { if (plugin_setjmp() != 0) {
/* called via error(), errorx() or log_fatal() */ /* called via error(), errorx() or log_fatal() */
plugin_clearjmp();
debug_return; debug_return;
} }
@@ -643,8 +643,9 @@ sudoers_io_version(int verbose)
{ {
debug_decl(sudoers_io_version, SUDO_DEBUG_PLUGIN) debug_decl(sudoers_io_version, SUDO_DEBUG_PLUGIN)
if (sigsetjmp(error_jmp, 1)) { if (plugin_setjmp() != 0) {
/* called via error(), errorx() or log_fatal() */ /* called via error(), errorx() or log_fatal() */
plugin_clearjmp();
debug_return_bool(-1); debug_return_bool(-1);
} }
@@ -665,8 +666,9 @@ sudoers_io_log(const char *buf, unsigned int len, int idx)
gettimeofday(&now, NULL); gettimeofday(&now, NULL);
if (sigsetjmp(error_jmp, 1)) { if (plugin_setjmp() != 0) {
/* called via error(), errorx() or log_fatal() */ /* called via error(), errorx() or log_fatal() */
plugin_clearjmp();
debug_return_bool(-1); debug_return_bool(-1);
} }

4
plugins/sudoers/logging.c
View File

@@ -74,8 +74,6 @@ static int should_mail(int);
static void mysyslog(int, const char *, ...); static void mysyslog(int, const char *, ...);
static char *new_logline(const char *, int); static char *new_logline(const char *, int);
extern sigjmp_buf error_jmp;
extern char **NewArgv; /* XXX - for auditing */ extern char **NewArgv; /* XXX - for auditing */
#define MAXSYSLOGTRIES 16 /* num of retries for broken syslogs */ #define MAXSYSLOGTRIES 16 /* num of retries for broken syslogs */
@@ -529,7 +527,7 @@ log_fatal(int flags, const char *fmt, ...)
/* Exit the plugin. */ /* Exit the plugin. */
sudoers_cleanup(0); sudoers_cleanup(0);
sudo_debug_exit(__func__, __FILE__, __LINE__, sudo_debug_subsys); sudo_debug_exit(__func__, __FILE__, __LINE__, sudo_debug_subsys);
siglongjmp(error_jmp, 1); plugin_longjmp(1);
} }
#define MAX_MAILFLAGS 63 #define MAX_MAILFLAGS 63

30
plugins/sudoers/plugin_error.c
View File

@@ -41,7 +41,8 @@
static void _warning(int, const char *, va_list); static void _warning(int, const char *, va_list);
void sudoers_cleanup(int); void sudoers_cleanup(int);
sigjmp_buf error_jmp; static sigjmp_buf error_jmp;
static bool setjmp_enabled = false;
extern sudo_conv_t sudo_conv; extern sudo_conv_t sudo_conv;
@@ -54,7 +55,7 @@ error2(int eval, const char *fmt, ...)
_warning(1, fmt, ap); _warning(1, fmt, ap);
va_end(ap); va_end(ap);
sudoers_cleanup(0); sudoers_cleanup(0);
if (sudo_conv != NULL) if (setjmp_enabled)
siglongjmp(error_jmp, eval); siglongjmp(error_jmp, eval);
else else
exit(eval); exit(eval);
@@ -69,7 +70,7 @@ errorx2(int eval, const char *fmt, ...)
_warning(0, fmt, ap); _warning(0, fmt, ap);
va_end(ap); va_end(ap);
sudoers_cleanup(0); sudoers_cleanup(0);
if (sudo_conv != NULL) if (setjmp_enabled)
siglongjmp(error_jmp, eval); siglongjmp(error_jmp, eval);
else else
exit(eval); exit(eval);
@@ -80,7 +81,7 @@ verror2(int eval, const char *fmt, va_list ap)
{ {
_warning(1, fmt, ap); _warning(1, fmt, ap);
sudoers_cleanup(0); sudoers_cleanup(0);
if (sudo_conv != NULL) if (setjmp_enabled)
siglongjmp(error_jmp, eval); siglongjmp(error_jmp, eval);
else else
exit(eval); exit(eval);
@@ -91,7 +92,7 @@ verrorx2(int eval, const char *fmt, va_list ap)
{ {
_warning(0, fmt, ap); _warning(0, fmt, ap);
sudoers_cleanup(0); sudoers_cleanup(0);
if (sudo_conv != NULL) if (setjmp_enabled)
siglongjmp(error_jmp, eval); siglongjmp(error_jmp, eval);
else else
exit(eval); exit(eval);
@@ -188,3 +189,22 @@ warning_restore_locale(void)
{ {
sudoers_setlocale(oldlocale, NULL); sudoers_setlocale(oldlocale, NULL);
} }
int
plugin_setjmp(void)
{
setjmp_enabled = true;
return sigsetjmp(error_jmp, 1);
}
void
plugin_longjmp(int val)
{
siglongjmp(error_jmp, val);
}
void
plugin_clearjmp(void)
{
setjmp_enabled = false;
}

17
plugins/sudoers/policy.c
View File

@@ -73,8 +73,6 @@ static const char *interfaces_string;
extern char *login_style; extern char *login_style;
#endif /* HAVE_BSD_AUTH_H */ #endif /* HAVE_BSD_AUTH_H */
extern sigjmp_buf error_jmp;
/* /*
* Deserialize args, settings and user_info arrays. * Deserialize args, settings and user_info arrays.
* Fills in struct sudo_user and other common sudoers state. * Fills in struct sudo_user and other common sudoers state.
@@ -469,9 +467,10 @@ sudoers_policy_open(unsigned int version, sudo_conv_t conversation,
if (sudo_version < SUDO_API_MKVERSION(1, 2)) if (sudo_version < SUDO_API_MKVERSION(1, 2))
args = NULL; args = NULL;
if (sigsetjmp(error_jmp, 1)) { if (plugin_setjmp() != 0) {
/* called via error(), errorx() or log_fatal() */ /* called via error(), errorx() or log_fatal() */
rewind_perms(); rewind_perms();
plugin_clearjmp();
debug_return_bool(-1); debug_return_bool(-1);
} }
@@ -487,8 +486,9 @@ sudoers_policy_close(int exit_status, int error_code)
{ {
debug_decl(sudoers_policy_close, SUDO_DEBUG_PLUGIN) debug_decl(sudoers_policy_close, SUDO_DEBUG_PLUGIN)
if (sigsetjmp(error_jmp, 1)) { if (plugin_setjmp() != 0) {
/* called via error(), errorx() or log_fatal() */ /* called via error(), errorx() or log_fatal() */
plugin_clearjmp();
debug_return; debug_return;
} }
@@ -536,8 +536,9 @@ sudoers_policy_init_session(struct passwd *pwd, char **user_env[])
if (sudo_version < SUDO_API_MKVERSION(1, 2)) if (sudo_version < SUDO_API_MKVERSION(1, 2))
user_env = NULL; user_env = NULL;
if (sigsetjmp(error_jmp, 1)) { if (plugin_setjmp() != 0) {
/* called via error(), errorx() or log_fatal() */ /* called via error(), errorx() or log_fatal() */
plugin_clearjmp();
debug_return_bool(-1); debug_return_bool(-1);
} }
@@ -578,10 +579,11 @@ sudoers_policy_invalidate(int remove)
debug_decl(sudoers_policy_invalidate, SUDO_DEBUG_PLUGIN) debug_decl(sudoers_policy_invalidate, SUDO_DEBUG_PLUGIN)
user_cmnd = "kill"; user_cmnd = "kill";
if (sigsetjmp(error_jmp, 1) == 0) { if (plugin_setjmp() == 0) {
remove_timestamp(remove); remove_timestamp(remove);
sudoers_cleanup(0); sudoers_cleanup(0);
} }
plugin_clearjmp();
debug_return; debug_return;
} }
@@ -621,8 +623,9 @@ sudoers_policy_version(int verbose)
{ {
debug_decl(sudoers_policy_version, SUDO_DEBUG_PLUGIN) debug_decl(sudoers_policy_version, SUDO_DEBUG_PLUGIN)
if (sigsetjmp(error_jmp, 1)) { if (plugin_setjmp() != 0) {
/* error recovery via error(), errorx() or log_fatal() */ /* error recovery via error(), errorx() or log_fatal() */
plugin_clearjmp();
debug_return_bool(-1); debug_return_bool(-1);
} }

3
plugins/sudoers/sudoers.c
View File

@@ -231,7 +231,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
(void) sigaction(SIGTSTP, &sa, &saved_sa_tstp); (void) sigaction(SIGTSTP, &sa, &saved_sa_tstp);
/* XXX - would like to move this to policy.c but need the cleanup. */ /* XXX - would like to move this to policy.c but need the cleanup. */
if (sigsetjmp(error_jmp, 1)) { if (plugin_setjmp() != 0) {
/* error recovery via error(), errorx() or log_fatal() */ /* error recovery via error(), errorx() or log_fatal() */
rval = -1; rval = -1;
goto done; goto done;
@@ -522,6 +522,7 @@ bad:
rval = false; rval = false;
done: done:
plugin_clearjmp();
rewind_perms(); rewind_perms();
/* Restore signal handlers before we exec. */ /* Restore signal handlers before we exec. */

5
plugins/sudoers/sudoers.h
View File

@@ -23,7 +23,6 @@
#define _SUDO_SUDOERS_H #define _SUDO_SUDOERS_H
#include <limits.h> #include <limits.h>
#include <setjmp.h>
#ifdef HAVE_STDBOOL_H #ifdef HAVE_STDBOOL_H
# include <stdbool.h> # include <stdbool.h>
#else #else
@@ -371,7 +370,9 @@ int group_plugin_query(const char *user, const char *group,
int sudo_setgroups(int ngids, const GETGROUPS_T *gids); int sudo_setgroups(int ngids, const GETGROUPS_T *gids);
/* plugin_error.c */ /* plugin_error.c */
extern sigjmp_buf error_jmp; int plugin_setjmp(void);
void plugin_clearjmp(void);
void plugin_longjmp(int val) __attribute__((__noreturn__));
#ifndef _SUDO_MAIN #ifndef _SUDO_MAIN
extern struct sudo_user sudo_user; extern struct sudo_user sudo_user;