isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add SUDO_DEBUG_INSTANCE_ERROR return value for sudo_debug_register()

Browse Source 
and check for it in places where we check the return value of
sudo_debug_register().
This commit is contained in:
Todd C. Miller
2016-11-21 06:37:23 -10:00
parent de0c5c48aa
commit 6c5936296f
8 changed files with 26 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
include/sudo_debug.h
View File

@@ -84,6 +84,9 @@ struct sudo_conf_debug_file_list;
#define SUDO_DEBUG_UTMP (14<<6) /* utmp file ops */ #define SUDO_DEBUG_UTMP (14<<6) /* utmp file ops */
#define SUDO_DEBUG_ALL 0xffff0000 /* all subsystems */ #define SUDO_DEBUG_ALL 0xffff0000 /* all subsystems */
/* Error return for sudo_debug_register(). */
#define SUDO_DEBUG_INSTANCE_ERROR -2
/* Initializer for instance index to indicate that debugging is not setup. */ /* Initializer for instance index to indicate that debugging is not setup. */
#define SUDO_DEBUG_INSTANCE_INITIALIZER -1 #define SUDO_DEBUG_INSTANCE_INITIALIZER -1

15
lib/util/sudo_debug.c
View File

@@ -243,8 +243,9 @@ bad:
* If subsystem names are specified they override the default values. * If subsystem names are specified they override the default values.
* NOTE: subsystems must not be freed by caller unless deregistered. * NOTE: subsystems must not be freed by caller unless deregistered.
* Sets the active instance to the newly registered instance. * Sets the active instance to the newly registered instance.
* Returns instance index on success or SUDO_DEBUG_INSTANCE_INITIALIZER * Returns instance index on success, SUDO_DEBUG_INSTANCE_INITIALIZER
* on failure. * if no debug files are specified and SUDO_DEBUG_INSTANCE_ERROR
* on error.
*/ */
int int
sudo_debug_register_v1(const char *program, const char *const subsystems[], sudo_debug_register_v1(const char *program, const char *const subsystems[],
@@ -264,7 +265,7 @@ sudo_debug_register_v1(const char *program, const char *const subsystems[],
subsystems = sudo_debug_default_subsystems; subsystems = sudo_debug_default_subsystems;
} else if (ids == NULL) { } else if (ids == NULL) {
/* If subsystems are specified we must have ids[] too. */ /* If subsystems are specified we must have ids[] too. */
return SUDO_DEBUG_INSTANCE_INITIALIZER; return SUDO_DEBUG_INSTANCE_ERROR;
} }
/* Search for existing instance. */ /* Search for existing instance. */
@@ -302,17 +303,17 @@ sudo_debug_register_v1(const char *program, const char *const subsystems[],
if (idx == SUDO_DEBUG_INSTANCE_MAX) { if (idx == SUDO_DEBUG_INSTANCE_MAX) {
/* XXX - realloc? */ /* XXX - realloc? */
sudo_warnx_nodebug("too many debug instances (max %d)", SUDO_DEBUG_INSTANCE_MAX); sudo_warnx_nodebug("too many debug instances (max %d)", SUDO_DEBUG_INSTANCE_MAX);
return SUDO_DEBUG_INSTANCE_INITIALIZER; return SUDO_DEBUG_INSTANCE_ERROR;
} }
if (idx != sudo_debug_last_instance + 1 && idx != free_idx) { if (idx != sudo_debug_last_instance + 1 && idx != free_idx) {
sudo_warnx_nodebug("%s: instance number mismatch: expected %d or %d, got %d", __func__, sudo_debug_last_instance + 1, free_idx, idx); sudo_warnx_nodebug("%s: instance number mismatch: expected %d or %d, got %d", __func__, sudo_debug_last_instance + 1, free_idx, idx);
return SUDO_DEBUG_INSTANCE_INITIALIZER; return SUDO_DEBUG_INSTANCE_ERROR;
} }
if ((instance = malloc(sizeof(*instance))) == NULL) if ((instance = malloc(sizeof(*instance))) == NULL)
return SUDO_DEBUG_INSTANCE_INITIALIZER; return SUDO_DEBUG_INSTANCE_ERROR;
if ((instance->program = strdup(program)) == NULL) { if ((instance->program = strdup(program)) == NULL) {
free(instance); free(instance);
return SUDO_DEBUG_INSTANCE_INITIALIZER; return SUDO_DEBUG_INSTANCE_ERROR;
} }
instance->subsystems = subsystems; instance->subsystems = subsystems;
instance->subsystem_ids = ids; instance->subsystem_ids = ids;

5
plugins/sudoers/iolog.c
View File

@@ -784,7 +784,10 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation,
continue; continue;
} }
} }
sudoers_debug_register(plugin_path, &debug_files); if (!sudoers_debug_register(plugin_path, &debug_files)) {
ret = -1;
goto done;
}
/* /*
* Pull iolog settings out of command_info. * Pull iolog settings out of command_info.

3
plugins/sudoers/policy.c
View File

@@ -669,7 +669,8 @@ sudoers_policy_open(unsigned int version, sudo_conv_t conversation,
continue; continue;
} }
} }
sudoers_debug_register(plugin_path, &debug_files); if (!sudoers_debug_register(plugin_path, &debug_files))
debug_return_int(-1);
/* Call the sudoers init function. */ /* Call the sudoers init function. */
info.settings = settings; info.settings = settings;

2
plugins/sudoers/sudoers.h
View File

@@ -369,7 +369,7 @@ extern sudo_printf_t sudo_printf;
/* sudoers_debug.c */ /* sudoers_debug.c */
bool sudoers_debug_parse_flags(struct sudo_conf_debug_file_list *debug_files, const char *entry); bool sudoers_debug_parse_flags(struct sudo_conf_debug_file_list *debug_files, const char *entry);
void sudoers_debug_register(const char *plugin_path, struct sudo_conf_debug_file_list *debug_files); bool sudoers_debug_register(const char *plugin_path, struct sudo_conf_debug_file_list *debug_files);
void sudoers_debug_deregister(void); void sudoers_debug_deregister(void);
/* policy.c */ /* policy.c */

5
plugins/sudoers/sudoers_debug.c
View File

@@ -113,7 +113,7 @@ oom:
* debug subsystem, freeing the debug list when done. * debug subsystem, freeing the debug list when done.
* Sets the active debug instance as a side effect. * Sets the active debug instance as a side effect.
*/ */
void bool
sudoers_debug_register(const char *program, sudoers_debug_register(const char *program,
struct sudo_conf_debug_file_list *debug_files) struct sudo_conf_debug_file_list *debug_files)
{ {
@@ -129,6 +129,8 @@ sudoers_debug_register(const char *program,
if (program != NULL) { if (program != NULL) {
sudoers_debug_instance = sudo_debug_register(program, sudoers_debug_instance = sudo_debug_register(program,
sudoers_subsystem_names, sudoers_subsystem_ids, debug_files); sudoers_subsystem_names, sudoers_subsystem_ids, debug_files);
if (sudoers_debug_instance == SUDO_DEBUG_INSTANCE_ERROR)
return false;
} }
TAILQ_FOREACH_SAFE(debug_file, debug_files, entries, debug_next) { TAILQ_FOREACH_SAFE(debug_file, debug_files, entries, debug_next) {
TAILQ_REMOVE(debug_files, debug_file, entries); TAILQ_REMOVE(debug_files, debug_file, entries);
@@ -137,6 +139,7 @@ sudoers_debug_register(const char *program,
free(debug_file); free(debug_file);
} }
} }
return true;
} }
/* /*

3
plugins/sudoers/visudo.c
View File

@@ -168,7 +168,8 @@ main(int argc, char *argv[])
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
/* Initialize the debug subsystem. */ /* Initialize the debug subsystem. */
sudoers_debug_register(getprogname(), sudo_conf_debug_files(getprogname())); if (!sudoers_debug_register(getprogname(), sudo_conf_debug_files(getprogname())))
exit(EXIT_FAILURE);
/* Parse sudoers plugin options, if any. */ /* Parse sudoers plugin options, if any. */
parse_sudoers_options(); parse_sudoers_options();

2
src/sudo.c
View File

@@ -179,6 +179,8 @@ main(int argc, char *argv[], char *envp[])
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
sudo_debug_instance = sudo_debug_register(getprogname(), sudo_debug_instance = sudo_debug_register(getprogname(),
NULL, NULL, sudo_conf_debug_files(getprogname())); NULL, NULL, sudo_conf_debug_files(getprogname()));
if (sudo_debug_instance == SUDO_DEBUG_INSTANCE_ERROR)
exit(EXIT_FAILURE);
/* Make sure we are setuid root. */ /* Make sure we are setuid root. */
sudo_check_suid(argc > 0 ? argv[0] : "sudo"); sudo_check_suid(argc > 0 ? argv[0] : "sudo");