diff --git a/plugins/sudoers/gram.c b/plugins/sudoers/gram.c index e64e34bb3..75ca1799f 100644 --- a/plugins/sudoers/gram.c +++ b/plugins/sudoers/gram.c @@ -81,8 +81,12 @@ #include "sudo_digest.h" #include "toke.h" +#ifdef YYBISON +# define YYERROR_VERBOSE +#endif + /* If we last saw a newline the entry is on the preceding line. */ -#define this_lineno (last_token == COMMENT ? sudolineno - 1 : sudolineno) +#define this_lineno (last_token == '\n' ? sudolineno - 1 : sudolineno) /* * Globals @@ -109,8 +113,9 @@ static bool add_defaults(int, struct member *, struct defaults *); static bool add_userspec(struct member *, struct privilege *); static struct defaults *new_default(char *, char *, short); static struct member *new_member(char *, int); +static struct sudo_command *new_command(char *, char *); static struct command_digest *new_digest(int, char *); -#line 72 "gram.y" +#line 77 "gram.y" #ifndef YYSTYPE_DEFINED #define YYSTYPE_DEFINED typedef union { @@ -127,7 +132,7 @@ typedef union { int tok; } YYSTYPE; #endif /* YYSTYPE_DEFINED */ -#line 125 "gram.c" +#line 130 "gram.c" #define END 0 #define COMMAND 257 #define ALIAS 258 @@ -159,24 +164,23 @@ typedef union { #define FOLLOWLNK 284 #define NOFOLLOWLNK 285 #define ALL 286 -#define COMMENT 287 -#define HOSTALIAS 288 -#define CMNDALIAS 289 -#define USERALIAS 290 -#define RUNASALIAS 291 -#define ERROR 292 -#define TYPE 293 -#define ROLE 294 -#define PRIVS 295 -#define LIMITPRIVS 296 -#define CMND_TIMEOUT 297 -#define NOTBEFORE 298 -#define NOTAFTER 299 -#define MYSELF 300 -#define SHA224_TOK 301 -#define SHA256_TOK 302 -#define SHA384_TOK 303 -#define SHA512_TOK 304 +#define HOSTALIAS 287 +#define CMNDALIAS 288 +#define USERALIAS 289 +#define RUNASALIAS 290 +#define ERROR 291 +#define TYPE 292 +#define ROLE 293 +#define PRIVS 294 +#define LIMITPRIVS 295 +#define CMND_TIMEOUT 296 +#define NOTBEFORE 297 +#define NOTAFTER 298 +#define MYSELF 299 +#define SHA224_TOK 300 +#define SHA256_TOK 301 +#define SHA384_TOK 302 +#define SHA512_TOK 303 #define YYERRCODE 256 #if defined(__cplusplus) || defined(__STDC__) const short sudoerslhs[] = @@ -225,7 +229,7 @@ short sudoersdefred[] = #endif { 0, 0, 113, 115, 116, 117, 0, 0, 0, 0, 0, - 0, 0, 114, 5, 0, 0, 0, 0, 0, 0, + 0, 0, 114, 0, 0, 0, 0, 0, 5, 0, 109, 111, 0, 7, 8, 0, 3, 6, 0, 0, 0, 0, 23, 0, 35, 38, 37, 39, 36, 0, 33, 0, 96, 0, 0, 92, 91, 90, 0, 0, @@ -262,25 +266,25 @@ const short sudoerssindex[] = #else short sudoerssindex[] = #endif - { 703, - -277, 0, 0, 0, 0, -240, -230, -15, 51, -21, - -21, -28, 0, 0, -222, -211, -210, -197, -233, 0, - 0, 0, -25, 0, 0, 703, 0, 0, 7, 9, - -1, -196, 0, 18, 0, 0, 0, 0, 0, -220, - 0, -33, 0, -31, -31, 0, 0, 0, -237, -19, - 11, 13, 14, 0, 0, 0, -27, 0, -9, 4, - 23, 0, 21, 25, 0, 24, 28, 0, 26, 30, - 0, 0, -21, -30, 0, 31, 0, 0, 0, 0, - 0, -195, -173, -172, 0, -15, 0, 51, 18, 18, - 18, 0, -171, -170, -167, -166, -28, 18, -245, 0, - 51, -222, -28, -211, -21, -210, -21, -197, 0, 60, - 51, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 55, 0, 57, 0, 58, 0, 58, 0, - -7, 0, 61, 0, 0, 59, -12, 62, 60, -219, - 0, 0, 0, -236, 0, 0, 63, 59, 0, 0, - 43, 47, 50, 52, 53, 54, 56, 620, 0, 0, - 0, 0, 0, 0, 0, 0, 59, 63, -147, -145, - -144, -143, -142, -141, -140, 0, 0, 0, 0, 0, + { 565, + 8, 0, 0, 0, 0, -241, -240, 19, -21, -13, + -13, -26, 0, -231, -219, -215, -202, -221, 0, 0, + 0, 0, -25, 0, 0, 565, 0, 0, 14, 44, + -14, -198, 0, 18, 0, 0, 0, 0, 0, -210, + 0, -18, 0, -16, -16, 0, 0, 0, -248, 6, + 10, 12, 16, 0, 0, 0, -12, 0, -31, 21, + 17, 0, 29, 33, 0, 31, 35, 0, 34, 38, + 0, 0, -13, -28, 0, 41, 0, 0, 0, 0, + 0, -197, -190, -162, 0, 19, 0, -21, 18, 18, + 18, 0, -161, -159, -157, -156, -26, 18, -223, 0, + -21, -231, -26, -219, -13, -215, -13, -202, 0, 62, + -21, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 65, 0, 66, 0, 67, 0, 67, 0, + -33, 0, 68, 0, 0, 22, 5, 72, 62, -209, + 0, 0, 0, -228, 0, 0, 70, 22, 0, 0, + 54, 56, 57, 58, 59, 60, 61, 631, 0, 0, + 0, 0, 0, 0, 0, 0, 22, 70, -140, -138, + -137, -136, -135, -133, -132, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,}; #if defined(__cplusplus) || defined(__STDC__) @@ -288,24 +292,24 @@ const short sudoersrindex[] = #else short sudoersrindex[] = #endif - { 124, + { 132, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 125, 0, 0, 0, 0, - 1, 0, 0, 217, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 133, 0, 0, 0, 0, + 1, 0, 0, 211, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 253, 0, 0, 297, 0, 0, 333, 0, 0, 369, - 0, 0, 0, 0, 0, 405, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 441, 477, - 513, 0, 0, 0, 0, 0, 0, 549, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 572, + 246, 0, 0, 283, 0, 0, 318, 0, 0, 353, + 0, 0, 0, 0, 0, 388, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 423, 458, + 493, 0, 0, 0, 0, 0, 0, 528, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 584, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 37, 0, 73, 0, 109, 0, 145, 0, - 85, 0, 181, 0, 0, 86, 87, 0, 572, 653, - 0, 0, 0, 0, 0, 0, 88, 0, 0, 0, + 0, 0, 36, 0, 71, 0, 106, 0, 141, 0, + 93, 0, 176, 0, 0, 94, 95, 0, 584, 663, + 0, 0, 0, 0, 0, 0, 96, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 89, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 97, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,}; @@ -315,119 +319,116 @@ const short sudoersgindex[] = short sudoersgindex[] = #endif { 0, - -6, 0, 46, 10, 90, 75, -94, 32, 97, -5, - 64, 65, 121, 5, -26, 2, -4, 0, 0, 36, + 3, 0, 63, 15, 91, 84, -91, 42, 104, -4, + 64, 73, 129, -7, -19, 9, 2, 0, 0, 43, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 44, 0, 0, 122, 0, 0, 0, 0, - 48, 45, 49, 66, + 0, 0, 69, 0, 0, 130, 0, 0, 0, 0, + 53, 55, 49, 52, }; -#define YYTABLESIZE 994 +#define YYTABLESIZE 966 #if defined(__cplusplus) || defined(__STDC__) const short sudoerstable[] = #else short sudoerstable[] = #endif - { 32, - 25, 32, 121, 42, 49, 32, 78, 40, 80, 28, - 88, 19, 73, 88, 44, 45, 97, 32, 73, 46, - 47, 141, 29, 49, 2, 19, 142, 3, 4, 5, - 110, 73, 30, 25, 99, 60, 95, 35, 93, 36, - 37, 83, 38, 84, 25, 148, 63, 66, 48, 143, - 136, 89, 13, 90, 91, 50, 51, 52, 53, 82, - 69, 86, 85, 190, 101, 39, 98, 112, 94, 95, - 95, 96, 100, 151, 152, 153, 154, 155, 156, 157, - 102, 103, 104, 40, 105, 106, 107, 108, 111, 113, - 114, 144, 117, 118, 95, 123, 119, 120, 88, 131, - 97, 73, 149, 169, 139, 100, 167, 170, 108, 127, - 171, 129, 172, 173, 174, 192, 175, 193, 194, 195, - 196, 197, 198, 1, 2, 62, 66, 63, 65, 64, - 100, 115, 150, 100, 125, 137, 87, 109, 92, 72, - 191, 108, 122, 168, 105, 166, 135, 77, 126, 124, - 0, 116, 0, 0, 0, 0, 130, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 108, 0, 0, 0, - 0, 128, 0, 0, 0, 0, 0, 105, 0, 0, - 32, 0, 0, 0, 0, 0, 0, 0, 0, 0, + { 18, + 25, 49, 44, 45, 42, 121, 49, 40, 46, 47, + 25, 40, 99, 78, 32, 88, 32, 28, 73, 18, + 32, 29, 30, 79, 136, 88, 60, 73, 83, 141, + 84, 97, 110, 25, 142, 95, 2, 48, 63, 3, + 4, 5, 66, 80, 25, 95, 82, 35, 73, 36, + 37, 32, 38, 81, 144, 69, 89, 143, 90, 91, + 85, 86, 148, 93, 13, 112, 190, 94, 95, 95, + 100, 98, 113, 96, 102, 39, 50, 51, 52, 53, + 100, 101, 151, 152, 153, 154, 155, 156, 157, 103, + 104, 105, 106, 95, 107, 108, 123, 127, 111, 129, + 114, 131, 117, 100, 118, 108, 119, 120, 88, 97, + 73, 139, 149, 167, 169, 108, 170, 171, 172, 173, + 174, 175, 192, 137, 193, 194, 195, 196, 100, 197, + 198, 1, 2, 62, 66, 63, 65, 64, 108, 92, + 105, 150, 100, 87, 125, 109, 72, 191, 115, 168, + 105, 116, 166, 135, 124, 77, 130, 128, 126, 0, + 0, 0, 0, 108, 0, 0, 0, 122, 0, 0, + 0, 0, 0, 105, 0, 32, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 32, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 105, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 32, 0, + 14, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 14, 0, 0, 0, 2, 46, 47, 3, 4, 5, + 46, 47, 35, 32, 36, 37, 35, 38, 36, 37, + 31, 38, 31, 14, 2, 11, 31, 3, 4, 5, + 0, 0, 13, 0, 48, 11, 25, 0, 25, 48, + 39, 25, 25, 25, 39, 25, 25, 25, 25, 25, + 25, 25, 13, 50, 51, 52, 53, 31, 11, 141, + 0, 0, 12, 0, 142, 0, 25, 25, 25, 25, + 25, 95, 12, 95, 0, 0, 95, 95, 95, 0, + 95, 95, 95, 95, 95, 95, 95, 143, 0, 0, + 0, 0, 0, 0, 0, 12, 0, 10, 0, 0, + 0, 95, 95, 95, 95, 95, 100, 10, 100, 0, + 0, 100, 100, 100, 0, 100, 100, 100, 100, 100, + 100, 100, 0, 0, 0, 0, 0, 0, 0, 0, + 10, 0, 13, 0, 0, 0, 100, 100, 100, 100, + 100, 108, 13, 108, 0, 0, 108, 108, 108, 0, + 108, 108, 108, 108, 108, 108, 108, 0, 0, 0, + 0, 0, 0, 0, 0, 13, 0, 9, 0, 0, + 0, 108, 108, 108, 108, 108, 105, 9, 105, 0, + 0, 105, 105, 105, 0, 105, 105, 105, 105, 105, + 105, 105, 0, 0, 0, 0, 0, 0, 0, 0, + 9, 0, 17, 0, 0, 0, 105, 105, 105, 105, + 105, 32, 17, 32, 0, 0, 32, 32, 32, 0, + 32, 32, 32, 32, 32, 32, 32, 0, 0, 0, + 0, 0, 0, 0, 0, 17, 0, 15, 0, 0, + 0, 32, 32, 32, 32, 32, 14, 15, 14, 0, + 0, 14, 14, 14, 0, 14, 14, 14, 14, 14, + 14, 14, 0, 0, 0, 0, 0, 0, 0, 0, + 15, 0, 16, 0, 0, 0, 14, 14, 14, 14, + 14, 11, 16, 11, 0, 0, 11, 11, 11, 0, + 11, 11, 11, 11, 11, 11, 11, 0, 0, 0, + 0, 0, 0, 0, 0, 16, 0, 18, 0, 0, + 0, 11, 11, 11, 11, 11, 0, 18, 12, 0, + 12, 0, 0, 12, 12, 12, 0, 12, 12, 12, + 12, 12, 12, 12, 0, 0, 0, 0, 0, 0, + 18, 0, 0, 0, 0, 0, 0, 0, 12, 12, + 12, 12, 12, 10, 19, 10, 0, 0, 10, 10, + 10, 0, 10, 10, 10, 10, 10, 10, 10, 0, + 0, 0, 0, 0, 0, 0, 0, 18, 0, 0, + 0, 0, 0, 10, 10, 10, 10, 10, 13, 0, + 13, 0, 0, 13, 13, 13, 60, 13, 13, 13, + 13, 13, 13, 13, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 13, 13, + 13, 13, 13, 9, 0, 9, 0, 0, 9, 9, + 9, 0, 9, 9, 9, 9, 9, 9, 9, 0, + 0, 0, 0, 49, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 9, 9, 9, 9, 9, 17, 0, + 17, 0, 0, 17, 17, 17, 0, 17, 17, 17, + 17, 17, 17, 17, 0, 75, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 17, 17, + 17, 17, 17, 15, 0, 15, 0, 0, 15, 15, + 15, 0, 15, 15, 15, 15, 15, 15, 15, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 105, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 32, 0, 0, 14, 0, 0, 0, - 0, 0, 0, 0, 0, 31, 0, 31, 46, 47, - 0, 31, 35, 0, 36, 37, 2, 38, 32, 3, - 4, 5, 0, 31, 0, 0, 0, 46, 47, 14, - 2, 0, 11, 3, 4, 5, 25, 48, 25, 0, - 39, 25, 25, 25, 13, 25, 25, 25, 25, 25, - 25, 25, 50, 51, 52, 53, 48, 0, 13, 0, - 0, 0, 0, 0, 0, 11, 25, 25, 25, 25, - 25, 25, 95, 79, 95, 81, 12, 95, 95, 95, - 0, 95, 95, 95, 95, 95, 95, 95, 35, 0, - 36, 37, 0, 38, 0, 0, 141, 0, 0, 0, - 0, 142, 95, 95, 95, 95, 95, 95, 100, 12, - 100, 0, 10, 100, 100, 100, 39, 100, 100, 100, - 100, 100, 100, 100, 143, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 100, 100, - 100, 100, 100, 100, 108, 10, 108, 0, 13, 108, - 108, 108, 0, 108, 108, 108, 108, 108, 108, 108, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 108, 108, 108, 108, 108, 108, - 105, 13, 105, 0, 9, 105, 105, 105, 0, 105, - 105, 105, 105, 105, 105, 105, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 105, 105, 105, 105, 105, 105, 32, 9, 32, 0, - 17, 32, 32, 32, 0, 32, 32, 32, 32, 32, - 32, 32, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 32, 32, 32, 32, - 32, 32, 14, 17, 14, 0, 15, 14, 14, 14, - 0, 14, 14, 14, 14, 14, 14, 14, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 14, 14, 14, 14, 14, 14, 11, 15, - 11, 0, 16, 11, 11, 11, 0, 11, 11, 11, - 11, 11, 11, 11, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 11, 11, - 11, 11, 11, 11, 0, 16, 0, 0, 18, 0, - 0, 0, 12, 0, 12, 0, 0, 12, 12, 12, - 0, 12, 12, 12, 12, 12, 12, 12, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 18, 12, 12, 12, 12, 12, 12, 10, 0, - 10, 0, 0, 10, 10, 10, 0, 10, 10, 10, - 10, 10, 10, 10, 60, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 10, 10, - 10, 10, 10, 10, 13, 0, 13, 0, 0, 13, - 13, 13, 0, 13, 13, 13, 13, 13, 13, 13, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 49, 0, 13, 13, 13, 13, 13, 13, - 9, 0, 9, 0, 0, 9, 9, 9, 0, 9, - 9, 9, 9, 9, 9, 9, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 75, 0, 0, 0, 0, - 9, 9, 9, 9, 9, 9, 17, 0, 17, 0, - 0, 17, 17, 17, 0, 17, 17, 17, 17, 17, - 17, 17, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 17, 17, 17, 17, - 17, 17, 15, 0, 15, 19, 0, 15, 15, 15, - 0, 15, 15, 15, 15, 15, 15, 15, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 15, 15, 15, 15, 15, 15, 16, 0, + 0, 0, 0, 15, 15, 15, 15, 15, 16, 0, 16, 0, 0, 16, 16, 16, 0, 16, 16, 16, 16, 16, 16, 16, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 16, 16, - 16, 16, 16, 16, 18, 0, 18, 0, 0, 18, - 18, 18, 0, 18, 18, 18, 18, 18, 18, 18, - 0, 0, 0, 0, 0, 0, 0, 0, 60, 60, - 0, 0, 0, 0, 18, 18, 18, 18, 18, 18, - 0, 0, 0, 60, 60, 60, 60, 60, 60, 60, - 60, 60, 60, 60, 60, 60, 60, 60, 0, 0, - 0, 0, 0, 0, 60, 60, 60, 60, 60, 60, - 60, 0, 60, 60, 60, 60, 46, 47, 0, 0, + 16, 16, 16, 18, 0, 18, 0, 0, 18, 18, + 18, 0, 18, 18, 18, 18, 18, 18, 18, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 176, 177, 178, 179, 180, 181, 182, 183, 184, - 185, 186, 187, 188, 189, 48, 0, 0, 0, 75, + 0, 0, 0, 18, 18, 18, 18, 18, 0, 0, + 1, 0, 2, 0, 0, 3, 4, 5, 0, 6, + 7, 8, 9, 10, 11, 12, 0, 0, 0, 0, + 60, 60, 0, 0, 0, 0, 0, 0, 0, 0, + 13, 14, 15, 16, 17, 60, 60, 60, 60, 60, + 60, 60, 60, 60, 60, 60, 60, 60, 60, 60, + 0, 0, 0, 0, 0, 60, 60, 60, 60, 60, + 60, 60, 0, 60, 60, 60, 60, 46, 47, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 176, 177, 178, 179, 180, 181, 182, 183, + 184, 185, 186, 187, 188, 189, 48, 0, 0, 75, 75, 0, 0, 0, 0, 0, 0, 0, 0, 0, 50, 51, 52, 53, 75, 75, 75, 75, 75, 75, 75, 75, 75, 75, 75, 75, 75, 75, 75, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 75, 75, 75, 75, 0, 1, 0, - 2, 0, 0, 3, 4, 5, 0, 6, 7, 8, - 9, 10, 11, 12, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 13, 14, - 15, 16, 17, 18, + 0, 0, 75, 75, 75, 75, }; #if defined(__cplusplus) || defined(__STDC__) const short sudoerscheck[] = @@ -435,112 +436,109 @@ const short sudoerscheck[] = short sudoerscheck[] = #endif { 33, - 0, 33, 97, 9, 33, 33, 0, 33, 0, 287, - 44, 33, 44, 44, 10, 11, 44, 33, 44, 257, - 258, 258, 263, 33, 258, 33, 263, 261, 262, 263, - 61, 44, 263, 33, 44, 258, 0, 258, 58, 260, - 261, 43, 263, 45, 44, 58, 258, 258, 286, 286, - 58, 42, 286, 44, 45, 301, 302, 303, 304, 61, - 258, 44, 259, 158, 61, 286, 57, 263, 58, 33, - 58, 58, 0, 293, 294, 295, 296, 297, 298, 299, - 58, 61, 58, 33, 61, 58, 61, 58, 58, 263, - 263, 33, 264, 264, 58, 101, 264, 264, 44, 40, - 44, 44, 41, 61, 44, 33, 44, 61, 0, 105, - 61, 107, 61, 61, 61, 263, 61, 263, 263, 263, - 263, 263, 263, 0, 0, 41, 41, 41, 41, 41, - 58, 86, 139, 59, 103, 131, 40, 73, 49, 19, - 167, 33, 99, 148, 0, 144, 111, 26, 104, 102, - -1, 88, -1, -1, -1, -1, 108, -1, -1, -1, - -1, -1, -1, -1, -1, -1, 58, -1, -1, -1, - -1, 106, -1, -1, -1, -1, -1, 33, -1, -1, + 0, 33, 10, 11, 9, 97, 33, 33, 257, 258, + 10, 33, 44, 0, 33, 44, 33, 10, 44, 33, + 33, 263, 263, 10, 58, 44, 258, 44, 43, 258, + 45, 44, 61, 33, 263, 0, 258, 286, 258, 261, + 262, 263, 258, 0, 44, 10, 61, 258, 44, 260, + 261, 33, 263, 10, 33, 258, 42, 286, 44, 45, + 259, 44, 58, 58, 286, 263, 158, 58, 33, 58, + 0, 57, 263, 58, 58, 286, 300, 301, 302, 303, + 10, 61, 292, 293, 294, 295, 296, 297, 298, 61, + 58, 61, 58, 58, 61, 58, 101, 105, 58, 107, + 263, 40, 264, 33, 264, 0, 264, 264, 44, 44, + 44, 44, 41, 44, 61, 10, 61, 61, 61, 61, + 61, 61, 263, 131, 263, 263, 263, 263, 58, 263, + 263, 0, 0, 41, 41, 41, 41, 41, 33, 49, + 0, 139, 59, 40, 103, 73, 18, 167, 86, 148, + 10, 88, 144, 111, 102, 26, 108, 106, 104, -1, + -1, -1, -1, 58, -1, -1, -1, 99, -1, -1, + -1, -1, -1, 33, -1, 0, -1, -1, -1, -1, + -1, -1, -1, -1, -1, 10, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, 58, -1, + -1, -1, -1, -1, -1, -1, -1, -1, 33, -1, 0, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, 58, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, 33, -1, -1, 0, -1, -1, -1, - -1, -1, -1, -1, -1, 259, -1, 259, 257, 258, - -1, 259, 258, -1, 260, 261, 258, 263, 58, 261, - 262, 263, -1, 259, -1, -1, -1, 257, 258, 33, - 258, -1, 0, 261, 262, 263, 256, 286, 258, -1, + 10, -1, -1, -1, 258, 257, 258, 261, 262, 263, + 257, 258, 258, 58, 260, 261, 258, 263, 260, 261, + 259, 263, 259, 33, 258, 0, 259, 261, 262, 263, + -1, -1, 286, -1, 286, 10, 256, -1, 258, 286, 286, 261, 262, 263, 286, 265, 266, 267, 268, 269, - 270, 271, 301, 302, 303, 304, 286, -1, 286, -1, - -1, -1, -1, -1, -1, 33, 286, 287, 288, 289, - 290, 291, 256, 287, 258, 287, 0, 261, 262, 263, - -1, 265, 266, 267, 268, 269, 270, 271, 258, -1, - 260, 261, -1, 263, -1, -1, 258, -1, -1, -1, - -1, 263, 286, 287, 288, 289, 290, 291, 256, 33, - 258, -1, 0, 261, 262, 263, 286, 265, 266, 267, - 268, 269, 270, 271, 286, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, 286, 287, - 288, 289, 290, 291, 256, 33, 258, -1, 0, 261, - 262, 263, -1, 265, 266, 267, 268, 269, 270, 271, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, 286, 287, 288, 289, 290, 291, - 256, 33, 258, -1, 0, 261, 262, 263, -1, 265, - 266, 267, 268, 269, 270, 271, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - 286, 287, 288, 289, 290, 291, 256, 33, 258, -1, - 0, 261, 262, 263, -1, 265, 266, 267, 268, 269, - 270, 271, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, 286, 287, 288, 289, - 290, 291, 256, 33, 258, -1, 0, 261, 262, 263, - -1, 265, 266, 267, 268, 269, 270, 271, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, 286, 287, 288, 289, 290, 291, 256, 33, - 258, -1, 0, 261, 262, 263, -1, 265, 266, 267, - 268, 269, 270, 271, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, 286, 287, - 288, 289, 290, 291, -1, 33, -1, -1, 0, -1, - -1, -1, 256, -1, 258, -1, -1, 261, 262, 263, - -1, 265, 266, 267, 268, 269, 270, 271, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, 33, 286, 287, 288, 289, 290, 291, 256, -1, - 258, -1, -1, 261, 262, 263, -1, 265, 266, 267, - 268, 269, 270, 271, 33, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, 286, 287, - 288, 289, 290, 291, 256, -1, 258, -1, -1, 261, - 262, 263, -1, 265, 266, 267, 268, 269, 270, 271, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, 33, -1, 286, 287, 288, 289, 290, 291, - 256, -1, 258, -1, -1, 261, 262, 263, -1, 265, - 266, 267, 268, 269, 270, 271, -1, -1, -1, -1, - -1, -1, -1, -1, -1, 33, -1, -1, -1, -1, - 286, 287, 288, 289, 290, 291, 256, -1, 258, -1, + 270, 271, 286, 300, 301, 302, 303, 259, 33, 258, + -1, -1, 0, -1, 263, -1, 286, 287, 288, 289, + 290, 256, 10, 258, -1, -1, 261, 262, 263, -1, + 265, 266, 267, 268, 269, 270, 271, 286, -1, -1, + -1, -1, -1, -1, -1, 33, -1, 0, -1, -1, + -1, 286, 287, 288, 289, 290, 256, 10, 258, -1, -1, 261, 262, 263, -1, 265, 266, 267, 268, 269, 270, 271, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, 286, 287, 288, 289, - 290, 291, 256, -1, 258, 33, -1, 261, 262, 263, - -1, 265, 266, 267, 268, 269, 270, 271, -1, -1, + 33, -1, 0, -1, -1, -1, 286, 287, 288, 289, + 290, 256, 10, 258, -1, -1, 261, 262, 263, -1, + 265, 266, 267, 268, 269, 270, 271, -1, -1, -1, + -1, -1, -1, -1, -1, 33, -1, 0, -1, -1, + -1, 286, 287, 288, 289, 290, 256, 10, 258, -1, + -1, 261, 262, 263, -1, 265, 266, 267, 268, 269, + 270, 271, -1, -1, -1, -1, -1, -1, -1, -1, + 33, -1, 0, -1, -1, -1, 286, 287, 288, 289, + 290, 256, 10, 258, -1, -1, 261, 262, 263, -1, + 265, 266, 267, 268, 269, 270, 271, -1, -1, -1, + -1, -1, -1, -1, -1, 33, -1, 0, -1, -1, + -1, 286, 287, 288, 289, 290, 256, 10, 258, -1, + -1, 261, 262, 263, -1, 265, 266, 267, 268, 269, + 270, 271, -1, -1, -1, -1, -1, -1, -1, -1, + 33, -1, 0, -1, -1, -1, 286, 287, 288, 289, + 290, 256, 10, 258, -1, -1, 261, 262, 263, -1, + 265, 266, 267, 268, 269, 270, 271, -1, -1, -1, + -1, -1, -1, -1, -1, 33, -1, 0, -1, -1, + -1, 286, 287, 288, 289, 290, -1, 10, 256, -1, + 258, -1, -1, 261, 262, 263, -1, 265, 266, 267, + 268, 269, 270, 271, -1, -1, -1, -1, -1, -1, + 33, -1, -1, -1, -1, -1, -1, -1, 286, 287, + 288, 289, 290, 256, 10, 258, -1, -1, 261, 262, + 263, -1, 265, 266, 267, 268, 269, 270, 271, -1, + -1, -1, -1, -1, -1, -1, -1, 33, -1, -1, + -1, -1, -1, 286, 287, 288, 289, 290, 256, -1, + 258, -1, -1, 261, 262, 263, 33, 265, 266, 267, + 268, 269, 270, 271, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, 286, 287, + 288, 289, 290, 256, -1, 258, -1, -1, 261, 262, + 263, -1, 265, 266, 267, 268, 269, 270, 271, -1, + -1, -1, -1, 33, -1, -1, -1, -1, -1, -1, + -1, -1, -1, 286, 287, 288, 289, 290, 256, -1, + 258, -1, -1, 261, 262, 263, -1, 265, 266, 267, + 268, 269, 270, 271, -1, 33, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, 286, 287, + 288, 289, 290, 256, -1, 258, -1, -1, 261, 262, + 263, -1, 265, 266, 267, 268, 269, 270, 271, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, 286, 287, 288, 289, 290, 291, 256, -1, + -1, -1, -1, 286, 287, 288, 289, 290, 256, -1, 258, -1, -1, 261, 262, 263, -1, 265, 266, 267, 268, 269, 270, 271, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 286, 287, - 288, 289, 290, 291, 256, -1, 258, -1, -1, 261, - 262, 263, -1, 265, 266, 267, 268, 269, 270, 271, - -1, -1, -1, -1, -1, -1, -1, -1, 257, 258, - -1, -1, -1, -1, 286, 287, 288, 289, 290, 291, - -1, -1, -1, 272, 273, 274, 275, 276, 277, 278, - 279, 280, 281, 282, 283, 284, 285, 286, -1, -1, - -1, -1, -1, -1, 293, 294, 295, 296, 297, 298, - 299, -1, 301, 302, 303, 304, 257, 258, -1, -1, + 288, 289, 290, 256, -1, 258, -1, -1, 261, 262, + 263, -1, 265, 266, 267, 268, 269, 270, 271, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, 272, 273, 274, 275, 276, 277, 278, 279, 280, - 281, 282, 283, 284, 285, 286, -1, -1, -1, 257, + -1, -1, -1, 286, 287, 288, 289, 290, -1, -1, + 256, -1, 258, -1, -1, 261, 262, 263, -1, 265, + 266, 267, 268, 269, 270, 271, -1, -1, -1, -1, + 257, 258, -1, -1, -1, -1, -1, -1, -1, -1, + 286, 287, 288, 289, 290, 272, 273, 274, 275, 276, + 277, 278, 279, 280, 281, 282, 283, 284, 285, 286, + -1, -1, -1, -1, -1, 292, 293, 294, 295, 296, + 297, 298, -1, 300, 301, 302, 303, 257, 258, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, 272, 273, 274, 275, 276, 277, 278, 279, + 280, 281, 282, 283, 284, 285, 286, -1, -1, 257, 258, -1, -1, -1, -1, -1, -1, -1, -1, -1, - 301, 302, 303, 304, 272, 273, 274, 275, 276, 277, + 300, 301, 302, 303, 272, 273, 274, 275, 276, 277, 278, 279, 280, 281, 282, 283, 284, 285, 286, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, 301, 302, 303, 304, -1, 256, -1, - 258, -1, -1, 261, 262, 263, -1, 265, 266, 267, - 268, 269, 270, 271, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, 286, 287, - 288, 289, 290, 291, + -1, -1, 300, 301, 302, 303, }; #define YYFINAL 20 #ifndef YYDEBUG #define YYDEBUG 0 #endif -#define YYMAXTOKEN 304 +#define YYMAXTOKEN 303 #if YYDEBUG #if defined(__cplusplus) || defined(__STDC__) const char * const sudoersname[] = @@ -548,21 +546,21 @@ const char * const sudoersname[] = char *sudoersname[] = #endif { -"end-of-file",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, -"'!'",0,0,0,0,0,0,"'('","')'",0,"'+'","','","'-'",0,0,0,0,0,0,0,0,0,0,0,0,"':'", -0,0,"'='",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, +"end-of-file",0,0,0,0,0,0,0,0,0,"'\\n'",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, +0,0,"'!'",0,0,0,0,0,0,"'('","')'",0,"'+'","','","'-'",0,0,0,0,0,0,0,0,0,0,0,0, +"':'",0,0,"'='",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, -"COMMAND","ALIAS","DEFVAR","NTWKADDR","NETGROUP","USERGROUP","WORD","DIGEST", -"INCLUDE","INCLUDEDIR","DEFAULTS","DEFAULTS_HOST","DEFAULTS_USER", +0,0,0,"COMMAND","ALIAS","DEFVAR","NTWKADDR","NETGROUP","USERGROUP","WORD", +"DIGEST","INCLUDE","INCLUDEDIR","DEFAULTS","DEFAULTS_HOST","DEFAULTS_USER", "DEFAULTS_RUNAS","DEFAULTS_CMND","NOPASSWD","PASSWD","NOEXEC","EXEC","SETENV", "NOSETENV","LOG_INPUT","NOLOG_INPUT","LOG_OUTPUT","NOLOG_OUTPUT","MAIL", -"NOMAIL","FOLLOWLNK","NOFOLLOWLNK","ALL","COMMENT","HOSTALIAS","CMNDALIAS", -"USERALIAS","RUNASALIAS","ERROR","TYPE","ROLE","PRIVS","LIMITPRIVS", -"CMND_TIMEOUT","NOTBEFORE","NOTAFTER","MYSELF","SHA224_TOK","SHA256_TOK", -"SHA384_TOK","SHA512_TOK", +"NOMAIL","FOLLOWLNK","NOFOLLOWLNK","ALL","HOSTALIAS","CMNDALIAS","USERALIAS", +"RUNASALIAS","ERROR","TYPE","ROLE","PRIVS","LIMITPRIVS","CMND_TIMEOUT", +"NOTBEFORE","NOTAFTER","MYSELF","SHA224_TOK","SHA256_TOK","SHA384_TOK", +"SHA512_TOK", }; #if defined(__cplusplus) || defined(__STDC__) const char * const sudoersrule[] = @@ -574,8 +572,8 @@ char *sudoersrule[] = "file : line", "line : entry", "line : line entry", -"entry : COMMENT", -"entry : error COMMENT", +"entry : '\\n'", +"entry : error '\\n'", "entry : include", "entry : includedir", "entry : userlist privileges", @@ -588,9 +586,9 @@ char *sudoersrule[] = "entry : DEFAULTS_RUNAS userlist defaults_list", "entry : DEFAULTS_HOST hostlist defaults_list", "entry : DEFAULTS_CMND cmndlist defaults_list", -"include : INCLUDE WORD COMMENT", +"include : INCLUDE WORD '\\n'", "include : INCLUDE WORD END", -"includedir : INCLUDEDIR WORD COMMENT", +"includedir : INCLUDEDIR WORD '\\n'", "includedir : INCLUDEDIR WORD END", "defaults_list : defaults_entry", "defaults_list : defaults_list ',' defaults_entry", @@ -722,7 +720,7 @@ short *yysslim; YYSTYPE *yyvs; unsigned int yystacksize; int yyparse(void); -#line 952 "gram.y" +#line 957 "gram.y" void sudoerserror(const char *s) { @@ -820,6 +818,7 @@ new_member(char *name, int type) debug_return_ptr(m); } + static struct sudo_command * new_command(char *cmnd, char *args) { @@ -1198,7 +1197,7 @@ init_options(struct command_options *opts) opts->limitprivs = NULL; #endif } -#line 1144 "gram.c" +#line 1143 "gram.c" /* allocate initial stack or double stack size, up to YYMAXDEPTH */ static int yygrowstack(void) { @@ -1389,23 +1388,23 @@ yyreduce: switch (yyn) { case 1: -#line 176 "gram.y" +#line 181 "gram.y" { ; } break; case 5: -#line 184 "gram.y" +#line 189 "gram.y" { ; } break; case 6: -#line 187 "gram.y" +#line 192 "gram.y" { yyerrok; } break; case 7: -#line 190 "gram.y" +#line 195 "gram.y" { if (!push_include(yyvsp[0].string, false)) { free(yyvsp[0].string); @@ -1415,7 +1414,7 @@ case 7: } break; case 8: -#line 197 "gram.y" +#line 202 "gram.y" { if (!push_include(yyvsp[0].string, true)) { free(yyvsp[0].string); @@ -1425,7 +1424,7 @@ case 8: } break; case 9: -#line 204 "gram.y" +#line 209 "gram.y" { if (!add_userspec(yyvsp[-1].member, yyvsp[0].privilege)) { sudoerserror(N_("unable to allocate memory")); @@ -1434,97 +1433,97 @@ case 9: } break; case 10: -#line 210 "gram.y" +#line 215 "gram.y" { ; } break; case 11: -#line 213 "gram.y" +#line 218 "gram.y" { ; } break; case 12: -#line 216 "gram.y" +#line 221 "gram.y" { ; } break; case 13: -#line 219 "gram.y" +#line 224 "gram.y" { ; } break; case 14: -#line 222 "gram.y" +#line 227 "gram.y" { if (!add_defaults(DEFAULTS, NULL, yyvsp[0].defaults)) YYERROR; } break; case 15: -#line 226 "gram.y" +#line 231 "gram.y" { if (!add_defaults(DEFAULTS_USER, yyvsp[-1].member, yyvsp[0].defaults)) YYERROR; } break; case 16: -#line 230 "gram.y" +#line 235 "gram.y" { if (!add_defaults(DEFAULTS_RUNAS, yyvsp[-1].member, yyvsp[0].defaults)) YYERROR; } break; case 17: -#line 234 "gram.y" +#line 239 "gram.y" { if (!add_defaults(DEFAULTS_HOST, yyvsp[-1].member, yyvsp[0].defaults)) YYERROR; } break; case 18: -#line 238 "gram.y" +#line 243 "gram.y" { if (!add_defaults(DEFAULTS_CMND, yyvsp[-1].member, yyvsp[0].defaults)) YYERROR; } break; case 19: -#line 244 "gram.y" +#line 249 "gram.y" { yyval.string = yyvsp[-1].string; } break; case 20: -#line 247 "gram.y" -{ - yyval.string = yyvsp[-1].string; - } -break; -case 21: #line 252 "gram.y" { yyval.string = yyvsp[-1].string; } break; +case 21: +#line 257 "gram.y" +{ + yyval.string = yyvsp[-1].string; + } +break; case 22: -#line 255 "gram.y" +#line 260 "gram.y" { yyval.string = yyvsp[-1].string; } break; case 24: -#line 261 "gram.y" +#line 266 "gram.y" { HLTQ_CONCAT(yyvsp[-2].defaults, yyvsp[0].defaults, entries); yyval.defaults = yyvsp[-2].defaults; } break; case 25: -#line 267 "gram.y" +#line 272 "gram.y" { yyval.defaults = new_default(yyvsp[0].string, NULL, true); if (yyval.defaults == NULL) { @@ -1534,7 +1533,7 @@ case 25: } break; case 26: -#line 274 "gram.y" +#line 279 "gram.y" { yyval.defaults = new_default(yyvsp[0].string, NULL, false); if (yyval.defaults == NULL) { @@ -1544,7 +1543,7 @@ case 26: } break; case 27: -#line 281 "gram.y" +#line 286 "gram.y" { yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, true); if (yyval.defaults == NULL) { @@ -1554,7 +1553,7 @@ case 27: } break; case 28: -#line 288 "gram.y" +#line 293 "gram.y" { yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '+'); if (yyval.defaults == NULL) { @@ -1564,7 +1563,7 @@ case 28: } break; case 29: -#line 295 "gram.y" +#line 300 "gram.y" { yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '-'); if (yyval.defaults == NULL) { @@ -1574,14 +1573,14 @@ case 29: } break; case 31: -#line 305 "gram.y" +#line 310 "gram.y" { HLTQ_CONCAT(yyvsp[-2].privilege, yyvsp[0].privilege, entries); yyval.privilege = yyvsp[-2].privilege; } break; case 32: -#line 311 "gram.y" +#line 316 "gram.y" { struct privilege *p = calloc(1, sizeof(*p)); if (p == NULL) { @@ -1596,21 +1595,21 @@ case 32: } break; case 33: -#line 325 "gram.y" +#line 330 "gram.y" { yyval.member = yyvsp[0].member; yyval.member->negated = false; } break; case 34: -#line 329 "gram.y" +#line 334 "gram.y" { yyval.member = yyvsp[0].member; yyval.member->negated = true; } break; case 35: -#line 335 "gram.y" +#line 340 "gram.y" { yyval.member = new_member(yyvsp[0].string, ALIAS); if (yyval.member == NULL) { @@ -1620,7 +1619,7 @@ case 35: } break; case 36: -#line 342 "gram.y" +#line 347 "gram.y" { yyval.member = new_member(NULL, ALL); if (yyval.member == NULL) { @@ -1630,7 +1629,7 @@ case 36: } break; case 37: -#line 349 "gram.y" +#line 354 "gram.y" { yyval.member = new_member(yyvsp[0].string, NETGROUP); if (yyval.member == NULL) { @@ -1640,7 +1639,7 @@ case 37: } break; case 38: -#line 356 "gram.y" +#line 361 "gram.y" { yyval.member = new_member(yyvsp[0].string, NTWKADDR); if (yyval.member == NULL) { @@ -1650,7 +1649,7 @@ case 38: } break; case 39: -#line 363 "gram.y" +#line 368 "gram.y" { yyval.member = new_member(yyvsp[0].string, WORD); if (yyval.member == NULL) { @@ -1660,7 +1659,7 @@ case 39: } break; case 41: -#line 373 "gram.y" +#line 378 "gram.y" { struct cmndspec *prev; prev = HLTQ_LAST(yyvsp[-2].cmndspec, cmndspec, entries); @@ -1714,7 +1713,7 @@ case 41: } break; case 42: -#line 426 "gram.y" +#line 431 "gram.y" { struct cmndspec *cs = calloc(1, sizeof(*cs)); if (cs == NULL) { @@ -1768,7 +1767,7 @@ case 42: } break; case 43: -#line 479 "gram.y" +#line 484 "gram.y" { yyval.digest = new_digest(SUDO_DIGEST_SHA224, yyvsp[0].string); if (yyval.digest == NULL) { @@ -1778,7 +1777,7 @@ case 43: } break; case 44: -#line 486 "gram.y" +#line 491 "gram.y" { yyval.digest = new_digest(SUDO_DIGEST_SHA256, yyvsp[0].string); if (yyval.digest == NULL) { @@ -1788,7 +1787,7 @@ case 44: } break; case 45: -#line 493 "gram.y" +#line 498 "gram.y" { yyval.digest = new_digest(SUDO_DIGEST_SHA384, yyvsp[0].string); if (yyval.digest == NULL) { @@ -1798,7 +1797,7 @@ case 45: } break; case 46: -#line 500 "gram.y" +#line 505 "gram.y" { yyval.digest = new_digest(SUDO_DIGEST_SHA512, yyvsp[0].string); if (yyval.digest == NULL) { @@ -1808,20 +1807,20 @@ case 46: } break; case 48: -#line 510 "gram.y" +#line 515 "gram.y" { HLTQ_CONCAT(yyvsp[-2].digest, yyvsp[0].digest, entries); yyval.digest = yyvsp[-2].digest; } break; case 49: -#line 516 "gram.y" +#line 521 "gram.y" { yyval.member = yyvsp[0].member; } break; case 50: -#line 519 "gram.y" +#line 524 "gram.y" { struct sudo_command *c = (struct sudo_command *) yyvsp[0].member->name; @@ -1843,75 +1842,75 @@ case 50: } break; case 51: -#line 540 "gram.y" +#line 545 "gram.y" { yyval.member = yyvsp[0].member; yyval.member->negated = false; } break; case 52: -#line 544 "gram.y" +#line 549 "gram.y" { yyval.member = yyvsp[0].member; yyval.member->negated = true; } break; case 53: -#line 550 "gram.y" -{ - yyval.string = yyvsp[0].string; - } -break; -case 54: #line 555 "gram.y" { yyval.string = yyvsp[0].string; } break; -case 55: -#line 559 "gram.y" +case 54: +#line 560 "gram.y" { yyval.string = yyvsp[0].string; } break; -case 56: +case 55: #line 564 "gram.y" { yyval.string = yyvsp[0].string; } break; -case 57: +case 56: #line 569 "gram.y" { yyval.string = yyvsp[0].string; } break; -case 58: +case 57: #line 574 "gram.y" { yyval.string = yyvsp[0].string; } break; +case 58: +#line 579 "gram.y" +{ + yyval.string = yyvsp[0].string; + } +break; case 59: -#line 578 "gram.y" +#line 583 "gram.y" { yyval.string = yyvsp[0].string; } break; case 60: -#line 583 "gram.y" +#line 588 "gram.y" { yyval.runas = NULL; } break; case 61: -#line 586 "gram.y" +#line 591 "gram.y" { yyval.runas = yyvsp[-1].runas; } break; case 62: -#line 591 "gram.y" +#line 596 "gram.y" { yyval.runas = calloc(1, sizeof(struct runascontainer)); if (yyval.runas != NULL) { @@ -1929,7 +1928,7 @@ case 62: } break; case 63: -#line 606 "gram.y" +#line 611 "gram.y" { yyval.runas = calloc(1, sizeof(struct runascontainer)); if (yyval.runas == NULL) { @@ -1941,7 +1940,7 @@ case 63: } break; case 64: -#line 615 "gram.y" +#line 620 "gram.y" { yyval.runas = calloc(1, sizeof(struct runascontainer)); if (yyval.runas == NULL) { @@ -1953,7 +1952,7 @@ case 64: } break; case 65: -#line 624 "gram.y" +#line 629 "gram.y" { yyval.runas = calloc(1, sizeof(struct runascontainer)); if (yyval.runas == NULL) { @@ -1965,7 +1964,7 @@ case 65: } break; case 66: -#line 633 "gram.y" +#line 638 "gram.y" { yyval.runas = calloc(1, sizeof(struct runascontainer)); if (yyval.runas != NULL) { @@ -1983,13 +1982,13 @@ case 66: } break; case 67: -#line 650 "gram.y" +#line 655 "gram.y" { init_options(&yyval.options); } break; case 68: -#line 653 "gram.y" +#line 658 "gram.y" { yyval.options.notbefore = parse_gentime(yyvsp[0].string); free(yyvsp[0].string); @@ -2000,7 +1999,7 @@ case 68: } break; case 69: -#line 661 "gram.y" +#line 666 "gram.y" { yyval.options.notafter = parse_gentime(yyvsp[0].string); free(yyvsp[0].string); @@ -2011,7 +2010,7 @@ case 69: } break; case 70: -#line 669 "gram.y" +#line 674 "gram.y" { yyval.options.timeout = parse_timeout(yyvsp[0].string); free(yyvsp[0].string); @@ -2025,7 +2024,7 @@ case 70: } break; case 71: -#line 680 "gram.y" +#line 685 "gram.y" { #ifdef HAVE_SELINUX free(yyval.options.role); @@ -2034,7 +2033,7 @@ case 71: } break; case 72: -#line 686 "gram.y" +#line 691 "gram.y" { #ifdef HAVE_SELINUX free(yyval.options.type); @@ -2043,7 +2042,7 @@ case 72: } break; case 73: -#line 692 "gram.y" +#line 697 "gram.y" { #ifdef HAVE_PRIV_SET free(yyval.options.privs); @@ -2052,7 +2051,7 @@ case 73: } break; case 74: -#line 698 "gram.y" +#line 703 "gram.y" { #ifdef HAVE_PRIV_SET free(yyval.options.limitprivs); @@ -2061,97 +2060,97 @@ case 74: } break; case 75: -#line 706 "gram.y" +#line 711 "gram.y" { TAGS_INIT(yyval.tag); } break; case 76: -#line 709 "gram.y" +#line 714 "gram.y" { yyval.tag.nopasswd = true; } break; case 77: -#line 712 "gram.y" +#line 717 "gram.y" { yyval.tag.nopasswd = false; } break; case 78: -#line 715 "gram.y" +#line 720 "gram.y" { yyval.tag.noexec = true; } break; case 79: -#line 718 "gram.y" +#line 723 "gram.y" { yyval.tag.noexec = false; } break; case 80: -#line 721 "gram.y" +#line 726 "gram.y" { yyval.tag.setenv = true; } break; case 81: -#line 724 "gram.y" +#line 729 "gram.y" { yyval.tag.setenv = false; } break; case 82: -#line 727 "gram.y" +#line 732 "gram.y" { yyval.tag.log_input = true; } break; case 83: -#line 730 "gram.y" +#line 735 "gram.y" { yyval.tag.log_input = false; } break; case 84: -#line 733 "gram.y" +#line 738 "gram.y" { yyval.tag.log_output = true; } break; case 85: -#line 736 "gram.y" +#line 741 "gram.y" { yyval.tag.log_output = false; } break; case 86: -#line 739 "gram.y" +#line 744 "gram.y" { yyval.tag.follow = true; } break; case 87: -#line 742 "gram.y" +#line 747 "gram.y" { yyval.tag.follow = false; } break; case 88: -#line 745 "gram.y" +#line 750 "gram.y" { yyval.tag.send_mail = true; } break; case 89: -#line 748 "gram.y" +#line 753 "gram.y" { yyval.tag.send_mail = false; } break; case 90: -#line 753 "gram.y" +#line 758 "gram.y" { yyval.member = new_member(NULL, ALL); if (yyval.member == NULL) { @@ -2161,7 +2160,7 @@ case 90: } break; case 91: -#line 760 "gram.y" +#line 765 "gram.y" { yyval.member = new_member(yyvsp[0].string, ALIAS); if (yyval.member == NULL) { @@ -2171,7 +2170,7 @@ case 91: } break; case 92: -#line 767 "gram.y" +#line 772 "gram.y" { struct sudo_command *c; @@ -2188,7 +2187,7 @@ case 92: } break; case 95: -#line 787 "gram.y" +#line 792 "gram.y" { const char *s; s = alias_add(&parsed_policy, yyvsp[-2].string, HOSTALIAS, @@ -2200,14 +2199,14 @@ case 95: } break; case 97: -#line 799 "gram.y" +#line 804 "gram.y" { HLTQ_CONCAT(yyvsp[-2].member, yyvsp[0].member, entries); yyval.member = yyvsp[-2].member; } break; case 100: -#line 809 "gram.y" +#line 814 "gram.y" { const char *s; s = alias_add(&parsed_policy, yyvsp[-2].string, CMNDALIAS, @@ -2219,14 +2218,14 @@ case 100: } break; case 102: -#line 821 "gram.y" +#line 826 "gram.y" { HLTQ_CONCAT(yyvsp[-2].member, yyvsp[0].member, entries); yyval.member = yyvsp[-2].member; } break; case 105: -#line 831 "gram.y" +#line 836 "gram.y" { const char *s; s = alias_add(&parsed_policy, yyvsp[-2].string, RUNASALIAS, @@ -2238,7 +2237,7 @@ case 105: } break; case 108: -#line 846 "gram.y" +#line 851 "gram.y" { const char *s; s = alias_add(&parsed_policy, yyvsp[-2].string, USERALIAS, @@ -2250,28 +2249,28 @@ case 108: } break; case 110: -#line 858 "gram.y" +#line 863 "gram.y" { HLTQ_CONCAT(yyvsp[-2].member, yyvsp[0].member, entries); yyval.member = yyvsp[-2].member; } break; case 111: -#line 864 "gram.y" +#line 869 "gram.y" { yyval.member = yyvsp[0].member; yyval.member->negated = false; } break; case 112: -#line 868 "gram.y" +#line 873 "gram.y" { yyval.member = yyvsp[0].member; yyval.member->negated = true; } break; case 113: -#line 874 "gram.y" +#line 879 "gram.y" { yyval.member = new_member(yyvsp[0].string, ALIAS); if (yyval.member == NULL) { @@ -2281,7 +2280,7 @@ case 113: } break; case 114: -#line 881 "gram.y" +#line 886 "gram.y" { yyval.member = new_member(NULL, ALL); if (yyval.member == NULL) { @@ -2291,7 +2290,7 @@ case 114: } break; case 115: -#line 888 "gram.y" +#line 893 "gram.y" { yyval.member = new_member(yyvsp[0].string, NETGROUP); if (yyval.member == NULL) { @@ -2301,7 +2300,7 @@ case 115: } break; case 116: -#line 895 "gram.y" +#line 900 "gram.y" { yyval.member = new_member(yyvsp[0].string, USERGROUP); if (yyval.member == NULL) { @@ -2311,7 +2310,7 @@ case 116: } break; case 117: -#line 902 "gram.y" +#line 907 "gram.y" { yyval.member = new_member(yyvsp[0].string, WORD); if (yyval.member == NULL) { @@ -2321,28 +2320,28 @@ case 117: } break; case 119: -#line 912 "gram.y" +#line 917 "gram.y" { HLTQ_CONCAT(yyvsp[-2].member, yyvsp[0].member, entries); yyval.member = yyvsp[-2].member; } break; case 120: -#line 918 "gram.y" +#line 923 "gram.y" { yyval.member = yyvsp[0].member; yyval.member->negated = false; } break; case 121: -#line 922 "gram.y" +#line 927 "gram.y" { yyval.member = yyvsp[0].member; yyval.member->negated = true; } break; case 122: -#line 928 "gram.y" +#line 933 "gram.y" { yyval.member = new_member(yyvsp[0].string, ALIAS); if (yyval.member == NULL) { @@ -2352,7 +2351,7 @@ case 122: } break; case 123: -#line 935 "gram.y" +#line 940 "gram.y" { yyval.member = new_member(NULL, ALL); if (yyval.member == NULL) { @@ -2362,7 +2361,7 @@ case 123: } break; case 124: -#line 942 "gram.y" +#line 947 "gram.y" { yyval.member = new_member(yyvsp[0].string, WORD); if (yyval.member == NULL) { @@ -2371,7 +2370,7 @@ case 124: } } break; -#line 2317 "gram.c" +#line 2316 "gram.c" } yyssp -= yym; yystate = *yyssp; diff --git a/plugins/sudoers/gram.h b/plugins/sudoers/gram.h index 9e93d6cad..6cfe58631 100644 --- a/plugins/sudoers/gram.h +++ b/plugins/sudoers/gram.h @@ -29,24 +29,23 @@ #define FOLLOWLNK 284 #define NOFOLLOWLNK 285 #define ALL 286 -#define COMMENT 287 -#define HOSTALIAS 288 -#define CMNDALIAS 289 -#define USERALIAS 290 -#define RUNASALIAS 291 -#define ERROR 292 -#define TYPE 293 -#define ROLE 294 -#define PRIVS 295 -#define LIMITPRIVS 296 -#define CMND_TIMEOUT 297 -#define NOTBEFORE 298 -#define NOTAFTER 299 -#define MYSELF 300 -#define SHA224_TOK 301 -#define SHA256_TOK 302 -#define SHA384_TOK 303 -#define SHA512_TOK 304 +#define HOSTALIAS 287 +#define CMNDALIAS 288 +#define USERALIAS 289 +#define RUNASALIAS 290 +#define ERROR 291 +#define TYPE 292 +#define ROLE 293 +#define PRIVS 294 +#define LIMITPRIVS 295 +#define CMND_TIMEOUT 296 +#define NOTBEFORE 297 +#define NOTAFTER 298 +#define MYSELF 299 +#define SHA224_TOK 300 +#define SHA256_TOK 301 +#define SHA384_TOK 302 +#define SHA512_TOK 303 #ifndef YYSTYPE_DEFINED #define YYSTYPE_DEFINED typedef union { diff --git a/plugins/sudoers/gram.y b/plugins/sudoers/gram.y index 6a582f146..7f023b0b8 100644 --- a/plugins/sudoers/gram.y +++ b/plugins/sudoers/gram.y @@ -38,8 +38,12 @@ #include "sudo_digest.h" #include "toke.h" +#ifdef YYBISON +# define YYERROR_VERBOSE +#endif + /* If we last saw a newline the entry is on the preceding line. */ -#define this_lineno (last_token == COMMENT ? sudolineno - 1 : sudolineno) +#define this_lineno (last_token == '\n' ? sudolineno - 1 : sudolineno) /* * Globals @@ -66,6 +70,7 @@ static bool add_defaults(int, struct member *, struct defaults *); static bool add_userspec(struct member *, struct privilege *); static struct defaults *new_default(char *, char *, short); static struct member *new_member(char *, int); +static struct sudo_command *new_command(char *, char *); static struct command_digest *new_digest(int, char *); %} @@ -115,13 +120,13 @@ static struct command_digest *new_digest(int, char *); %token FOLLOWLNK /* follow symbolic links */ %token NOFOLLOWLNK /* don't follow symbolic links */ %token ALL /* ALL keyword */ -%token COMMENT /* comment and/or carriage return */ %token HOSTALIAS /* Host_Alias keyword */ %token CMNDALIAS /* Cmnd_Alias keyword */ %token USERALIAS /* User_Alias keyword */ %token RUNASALIAS /* Runas_Alias keyword */ %token ':' '=' ',' '!' '+' '-' /* union member tokens */ %token '(' ')' /* runas tokens */ +%token '\n' /* newline (with optional comment) */ %token ERROR /* error from lexer */ %token TYPE /* SELinux type */ %token ROLE /* SELinux role */ @@ -181,10 +186,10 @@ line : entry | line entry ; -entry : COMMENT { +entry : '\n' { ; } - | error COMMENT { + | error '\n' { yyerrok; } | include { @@ -241,7 +246,7 @@ entry : COMMENT { } ; -include : INCLUDE WORD COMMENT { +include : INCLUDE WORD '\n' { $$ = $2; } | INCLUDE WORD END { @@ -249,7 +254,7 @@ include : INCLUDE WORD COMMENT { } ; -includedir : INCLUDEDIR WORD COMMENT { +includedir : INCLUDEDIR WORD '\n' { $$ = $2; } | INCLUDEDIR WORD END { @@ -1046,6 +1051,7 @@ new_member(char *name, int type) debug_return_ptr(m); } + static struct sudo_command * new_command(char *cmnd, char *args) { diff --git a/plugins/sudoers/toke.c b/plugins/sudoers/toke.c index dca198f92..50cfc2308 100644 --- a/plugins/sudoers/toke.c +++ b/plugins/sudoers/toke.c @@ -9,7 +9,7 @@ #define YY_INT_ALIGNED short int -/* $OpenBSD: flex.skl,v 1.16 2017/05/02 19:16:19 millert Exp $ */ +/* $OpenBSD: flex.skl,v 1.17 2020/08/06 17:23:29 deraadt Exp $ */ /* A lexical scanner generated by flex */ @@ -2458,11 +2458,13 @@ YY_DECL if ( ! (yy_start) ) (yy_start) = 1; /* first start state */ - if ( ! sudoersin ) + if ( ! sudoersin ) { sudoersin = stdin; + } - if ( ! sudoersout ) + if ( ! sudoersout ) { sudoersout = stdout; + } if ( ! YY_CURRENT_BUFFER ) { sudoersensure_buffer_stack (); @@ -2471,12 +2473,12 @@ YY_DECL } sudoers_load_buffer_state( ); - } + } { #line 119 "toke.l" -#line 2474 "toke.c" +#line 2476 "toke.c" while ( 1 ) /* loops until end-of-file is reached */ { @@ -3392,7 +3394,7 @@ YY_RULE_SETUP sudolineno++; continued = false; LEXTRACE("\n"); - LEXRETURN(COMMENT); + LEXRETURN('\n'); } /* return newline */ YY_BREAK case 74: @@ -3428,7 +3430,7 @@ YY_RULE_SETUP LEXRETURN(ERROR); } LEXTRACE("#\n"); - LEXRETURN(COMMENT); + LEXRETURN('\n'); } /* comment, not uid/gid */ YY_BREAK case 77: @@ -3463,7 +3465,7 @@ YY_RULE_SETUP #line 796 "toke.l" ECHO; YY_BREAK -#line 3461 "toke.c" +#line 3463 "toke.c" case YY_END_OF_BUFFER: { diff --git a/plugins/sudoers/toke.l b/plugins/sudoers/toke.l index 46fd1080d..282fd1f43 100644 --- a/plugins/sudoers/toke.l +++ b/plugins/sudoers/toke.l @@ -750,7 +750,7 @@ sudoedit { sudolineno++; continued = false; LEXTRACE("\n"); - LEXRETURN(COMMENT); + LEXRETURN('\n'); } /* return newline */ <*>[[:blank:]]+ { /* throw away space/tabs */ @@ -775,7 +775,7 @@ sudoedit { LEXRETURN(ERROR); } LEXTRACE("#\n"); - LEXRETURN(COMMENT); + LEXRETURN('\n'); } /* comment, not uid/gid */ <*>. {