init_parse_tree() now takes ownership of lhost and shost, if any.
This means that lhost and shost in struct sudoers_parse_tree are no longer const and that free_parse_tree() will free lhost/shost. The only consumer that passed in lho.st/shost was the SSSD back-end which has been updated to avoid a double-free.
This commit is contained in:
@@ -3830,10 +3830,10 @@ free_userspec(struct userspec *us)
|
||||
|
||||
/*
|
||||
* Initialized a sudoers parse tree.
|
||||
* Takes ownership of lhost and shost.
|
||||
*/
|
||||
void
|
||||
init_parse_tree(struct sudoers_parse_tree *parse_tree, const char *lhost,
|
||||
const char *shost)
|
||||
init_parse_tree(struct sudoers_parse_tree *parse_tree, char *lhost, char *shost)
|
||||
{
|
||||
TAILQ_INIT(&parse_tree->userspecs);
|
||||
TAILQ_INIT(&parse_tree->defaults);
|
||||
@@ -3864,6 +3864,10 @@ free_parse_tree(struct sudoers_parse_tree *parse_tree)
|
||||
free_defaults(&parse_tree->defaults);
|
||||
free_aliases(parse_tree->aliases);
|
||||
parse_tree->aliases = NULL;
|
||||
free(parse_tree->lhost);
|
||||
if (parse_tree->shost != parse_tree->lhost)
|
||||
free(parse_tree->shost);
|
||||
parse_tree->lhost = parse_tree->shost = NULL;
|
||||
}
|
||||
|
||||
/*
|
||||
|
@@ -1674,10 +1674,10 @@ free_userspec(struct userspec *us)
|
||||
|
||||
/*
|
||||
* Initialized a sudoers parse tree.
|
||||
* Takes ownership of lhost and shost.
|
||||
*/
|
||||
void
|
||||
init_parse_tree(struct sudoers_parse_tree *parse_tree, const char *lhost,
|
||||
const char *shost)
|
||||
init_parse_tree(struct sudoers_parse_tree *parse_tree, char *lhost, char *shost)
|
||||
{
|
||||
TAILQ_INIT(&parse_tree->userspecs);
|
||||
TAILQ_INIT(&parse_tree->defaults);
|
||||
@@ -1708,6 +1708,10 @@ free_parse_tree(struct sudoers_parse_tree *parse_tree)
|
||||
free_defaults(&parse_tree->defaults);
|
||||
free_aliases(parse_tree->aliases);
|
||||
parse_tree->aliases = NULL;
|
||||
free(parse_tree->lhost);
|
||||
if (parse_tree->shost != parse_tree->lhost)
|
||||
free(parse_tree->shost);
|
||||
parse_tree->lhost = parse_tree->shost = NULL;
|
||||
}
|
||||
|
||||
/*
|
||||
|
@@ -294,7 +294,7 @@ struct sudoers_parse_tree {
|
||||
struct userspec_list userspecs;
|
||||
struct defaults_list defaults;
|
||||
struct rbtree *aliases;
|
||||
const char *shost, *lhost;
|
||||
char *shost, *lhost;
|
||||
};
|
||||
|
||||
/*
|
||||
@@ -366,7 +366,7 @@ void free_userspec(struct userspec *us);
|
||||
void free_userspecs(struct userspec_list *usl);
|
||||
void free_default(struct defaults *def, struct member_list **binding);
|
||||
void free_defaults(struct defaults_list *defs);
|
||||
void init_parse_tree(struct sudoers_parse_tree *parse_tree, const char *lhost, const char *shost);
|
||||
void init_parse_tree(struct sudoers_parse_tree *parse_tree, char *lhost, char *shost);
|
||||
void free_parse_tree(struct sudoers_parse_tree *parse_tree);
|
||||
void reparent_parse_tree(struct sudoers_parse_tree *new_tree);
|
||||
bool parser_leak_add(enum parser_leak_types type, void *v);
|
||||
|
@@ -273,7 +273,7 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
|
||||
}
|
||||
|
||||
/* Only one sudoers source, the sudoers file itself. */
|
||||
init_parse_tree(&parse_tree, user_host, user_shost);
|
||||
init_parse_tree(&parse_tree, NULL, NULL);
|
||||
memset(&sudo_nss_fuzz, 0, sizeof(sudo_nss_fuzz));
|
||||
sudo_nss_fuzz.parse_tree = &parse_tree;
|
||||
sudo_nss_fuzz.query = sudo_fuzz_query;
|
||||
|
@@ -532,9 +532,6 @@ sudo_sss_close(struct sudo_nss *nss)
|
||||
sudo_dso_unload(handle->ssslib);
|
||||
if (handle->pw != NULL)
|
||||
sudo_pw_delref(handle->pw);
|
||||
free(handle->ipa_host);
|
||||
if (handle->ipa_host != handle->ipa_shost)
|
||||
free(handle->ipa_shost);
|
||||
free_parse_tree(&handle->parse_tree);
|
||||
free(handle);
|
||||
nss->handle = NULL;
|
||||
|
Reference in New Issue
Block a user