Replace MAX_UID_T_LEN with calls to STRLEN_MAX_UNSIGNED.
This commit is contained in:
Todd C. Miller
@@ -1174,10 +1174,6 @@
|
||||
/* The max number of chars per log file line (for line wrapping). */
|
||||
#undef MAXLOGFILELEN
|
||||
|
||||
/* Define to the max length of a uid_t in string context (excluding the NUL).
|
||||
*/
|
||||
#undef MAX_UID_T_LEN
|
||||
|
||||
/* Define to 1 if resolv.h must be included to get the 'inet_ntop' or
|
||||
'inet_pton' function prototypes. */
|
||||
#undef NEED_RESOLV_H
|
||||
|
||||
101
configure
vendored
101
configure
vendored
@@ -20843,85 +20843,6 @@ printf "%s\n" "#define HAVE_SOCKLEN_T 1" >>confdefs.h
|
||||
|
||||
fi
|
||||
|
||||
ac_fn_c_check_type "$LINENO" "uid_t" "ac_cv_type_uid_t" "$ac_includes_default"
|
||||
if test "x$ac_cv_type_uid_t" = xyes
|
||||
then :
|
||||
|
||||
else case e in #(
|
||||
e)
|
||||
printf "%s\n" "#define uid_t int" >>confdefs.h
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
ac_fn_c_check_type "$LINENO" "gid_t" "ac_cv_type_gid_t" "$ac_includes_default"
|
||||
if test "x$ac_cv_type_gid_t" = xyes
|
||||
then :
|
||||
|
||||
else case e in #(
|
||||
e)
|
||||
printf "%s\n" "#define gid_t int" >>confdefs.h
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
|
||||
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking max length of uid_t" >&5
|
||||
printf %s "checking max length of uid_t... " >&6; }
|
||||
if test ${sudo_cv_uid_t_len+y}
|
||||
then :
|
||||
printf %s "(cached) " >&6
|
||||
else case e in #(
|
||||
e)
|
||||
rm -f conftestdata
|
||||
if test "$cross_compiling" = yes
|
||||
then :
|
||||
sudo_cv_uid_t_len=10
|
||||
else case e in #(
|
||||
e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <pwd.h>
|
||||
#include <limits.h>
|
||||
#include <sys/types.h>
|
||||
int main() {
|
||||
FILE *f;
|
||||
char b[1024];
|
||||
uid_t u = (uid_t) -1;
|
||||
|
||||
if ((f = fopen("conftestdata", "w")) == NULL)
|
||||
return(1);
|
||||
|
||||
(void) sprintf(b, "%lu", (unsigned long) u);
|
||||
(void) fprintf(f, "%d\n", (int)strlen(b));
|
||||
(void) fclose(f);
|
||||
return(0);
|
||||
}
|
||||
_ACEOF
|
||||
if ac_fn_c_try_run "$LINENO"
|
||||
then :
|
||||
sudo_cv_uid_t_len=`cat conftestdata`
|
||||
else case e in #(
|
||||
e) sudo_cv_uid_t_len=10 ;;
|
||||
esac
|
||||
fi
|
||||
rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
|
||||
conftest.$ac_objext conftest.beam conftest.$ac_ext ;;
|
||||
esac
|
||||
fi
|
||||
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $sudo_cv_uid_t_len" >&5
|
||||
printf "%s\n" "$sudo_cv_uid_t_len" >&6; }
|
||||
rm -f conftestdata
|
||||
|
||||
printf "%s\n" "#define MAX_UID_T_LEN $sudo_cv_uid_t_len" >>confdefs.h
|
||||
|
||||
|
||||
|
||||
ac_fn_c_check_member "$LINENO" "struct sockaddr" "sa_len" "ac_cv_member_struct_sockaddr_sa_len" "
|
||||
# include <sys/types.h>
|
||||
@@ -21947,6 +21868,28 @@ fi
|
||||
|
||||
fi
|
||||
|
||||
ac_fn_c_check_type "$LINENO" "uid_t" "ac_cv_type_uid_t" "$ac_includes_default"
|
||||
if test "x$ac_cv_type_uid_t" = xyes
|
||||
then :
|
||||
|
||||
else case e in #(
|
||||
e)
|
||||
printf "%s\n" "#define uid_t int" >>confdefs.h
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
ac_fn_c_check_type "$LINENO" "gid_t" "ac_cv_type_gid_t" "$ac_includes_default"
|
||||
if test "x$ac_cv_type_gid_t" = xyes
|
||||
then :
|
||||
|
||||
else case e in #(
|
||||
e)
|
||||
printf "%s\n" "#define gid_t int" >>confdefs.h
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking type of array argument to getgroups" >&5
|
||||
printf %s "checking type of array argument to getgroups... " >&6; }
|
||||
if test ${ac_cv_type_getgroups+y}
|
||||
|
||||
@@ -2501,7 +2501,6 @@ AC_CHECK_TYPES([struct in6_addr], [], [], [#include <sys/types.h>
|
||||
AC_CHECK_TYPES(socklen_t, [], [], [
|
||||
AC_INCLUDES_DEFAULT
|
||||
#include <sys/socket.h>])
|
||||
SUDO_UID_T_LEN
|
||||
SUDO_SOCK_SA_LEN
|
||||
SUDO_SOCK_SIN_LEN
|
||||
AC_CHECK_SIZEOF([long])
|
||||
|
||||
33
m4/sudo.m4
33
m4/sudo.m4
@@ -454,39 +454,6 @@ AC_DEFUN([SUDO_SOCK_SIN_LEN], [
|
||||
)]
|
||||
)
|
||||
|
||||
dnl
|
||||
dnl check for max length of uid_t in string representation.
|
||||
dnl we can't really trust UID_MAX or MAXUID since they may exist
|
||||
dnl only for backward compatibility.
|
||||
dnl
|
||||
AC_DEFUN([SUDO_UID_T_LEN],
|
||||
[AC_REQUIRE([AC_TYPE_UID_T])
|
||||
AC_CACHE_CHECK([max length of uid_t], sudo_cv_uid_t_len, [
|
||||
rm -f conftestdata
|
||||
AC_RUN_IFELSE([AC_LANG_SOURCE([[
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <pwd.h>
|
||||
#include <limits.h>
|
||||
#include <sys/types.h>
|
||||
int main() {
|
||||
FILE *f;
|
||||
char b[1024];
|
||||
uid_t u = (uid_t) -1;
|
||||
|
||||
if ((f = fopen("conftestdata", "w")) == NULL)
|
||||
return(1);
|
||||
|
||||
(void) sprintf(b, "%lu", (unsigned long) u);
|
||||
(void) fprintf(f, "%d\n", (int)strlen(b));
|
||||
(void) fclose(f);
|
||||
return(0);
|
||||
}]])], [sudo_cv_uid_t_len=`cat conftestdata`], [sudo_cv_uid_t_len=10], [sudo_cv_uid_t_len=10])
|
||||
])
|
||||
rm -f conftestdata
|
||||
AC_DEFINE_UNQUOTED(MAX_UID_T_LEN, $sudo_cv_uid_t_len, [Define to the max length of a uid_t in string context (excluding the NUL).])
|
||||
])
|
||||
|
||||
dnl
|
||||
dnl There are three different utmp variants we need to check for.
|
||||
dnl SUDO_CHECK_UTMP_MEMBERS(utmp_type)
|
||||
|
||||
@@ -82,7 +82,7 @@ do { \
|
||||
struct cache_item *
|
||||
cvtsudoers_make_pwitem(uid_t uid, const char *name)
|
||||
{
|
||||
char *cp, uidstr[MAX_UID_T_LEN + 2];
|
||||
char *cp, uidstr[STRLEN_MAX_UNSIGNED(uid_t) + 2];
|
||||
size_t nsize, psize, gsize, dsize, ssize, total;
|
||||
#ifdef HAVE_LOGIN_CAP_H
|
||||
size_t csize;
|
||||
@@ -191,7 +191,7 @@ cvtsudoers_make_pwitem(uid_t uid, const char *name)
|
||||
struct cache_item *
|
||||
cvtsudoers_make_gritem(gid_t gid, const char *name)
|
||||
{
|
||||
char *cp, gidstr[MAX_UID_T_LEN + 2];
|
||||
char *cp, gidstr[STRLEN_MAX_UNSIGNED(gid_t) + 2];
|
||||
size_t nsize, psize, total, len, nmem = 0;
|
||||
struct cache_item_gr *gritem;
|
||||
struct group gr, *newgr;
|
||||
|
||||
@@ -854,7 +854,7 @@ bool
|
||||
rebuild_env(const struct sudoers_context *ctx)
|
||||
{
|
||||
char **ep, *cp, *ps1;
|
||||
char idbuf[MAX_UID_T_LEN + 1];
|
||||
char idbuf[STRLEN_MAX_UNSIGNED(uid_t) + 1];
|
||||
unsigned int didvar;
|
||||
bool reset_home = false;
|
||||
int len;
|
||||
|
||||
@@ -296,7 +296,7 @@ iolog_deserialize_info(struct log_details *details, char * const user_info[],
|
||||
const char *runas_uid_str = "0", *runas_euid_str = NULL;
|
||||
const char *runas_gid_str = "0", *runas_egid_str = NULL;
|
||||
const char *errstr;
|
||||
char idbuf[MAX_UID_T_LEN + 2];
|
||||
char idbuf[STRLEN_MAX_UNSIGNED(uid_t) + 2];
|
||||
char * const *cur;
|
||||
struct passwd *pw;
|
||||
struct group *gr;
|
||||
|
||||
@@ -804,7 +804,8 @@ done:
|
||||
static char *
|
||||
sudo_ldap_build_pass1(struct sudoers_context *ctx, LDAP *ld, struct passwd *pw)
|
||||
{
|
||||
char timebuffer[TIMEFILTER_LENGTH + 1], idbuf[MAX_UID_T_LEN + 1];
|
||||
char idbuf[STRLEN_MAX_UNSIGNED(uid_t) + 1];
|
||||
char timebuffer[TIMEFILTER_LENGTH + 1];
|
||||
char *buf, *notbuf;
|
||||
struct ldap_netgroup_list netgroups;
|
||||
struct ldap_netgroup *ng = NULL;
|
||||
@@ -835,14 +836,14 @@ sudo_ldap_build_pass1(struct sudoers_context *ctx, LDAP *ld, struct passwd *pw)
|
||||
|
||||
/* Add space for username and uid, including the negated versions. */
|
||||
sz += ((sizeof("(sudoUser=)(sudoUser=#)") - 1 +
|
||||
sudo_ldap_value_len(pw->pw_name) + MAX_UID_T_LEN) * 2) + 2;
|
||||
sudo_ldap_value_len(pw->pw_name) + sizeof(idbuf) - 1) * 2) + 2;
|
||||
|
||||
/* Add space for primary and supplementary groups and gids */
|
||||
if ((grp = sudo_getgrgid(pw->pw_gid)) != NULL) {
|
||||
sz += ((sizeof("(sudoUser=%)") - 1 +
|
||||
sudo_ldap_value_len(grp->gr_name)) * 2) + 1;
|
||||
}
|
||||
sz += ((sizeof("(sudoUser=%#)") - 1 + MAX_UID_T_LEN) * 2) + 1;
|
||||
sz += ((sizeof("(sudoUser=%#)") - 1 + sizeof(idbuf) - 1) * 2) + 1;
|
||||
if ((grlist = sudo_get_grlist(pw)) != NULL) {
|
||||
for (i = 0; i < grlist->ngroups; i++) {
|
||||
if (grp != NULL && strcasecmp(grlist->groups[i], grp->gr_name) == 0)
|
||||
@@ -855,7 +856,7 @@ sudo_ldap_build_pass1(struct sudoers_context *ctx, LDAP *ld, struct passwd *pw)
|
||||
for (i = 0; i < gidlist->ngids; i++) {
|
||||
if (pw->pw_gid == gidlist->gids[i])
|
||||
continue;
|
||||
sz += ((sizeof("(sudoUser=%#)") - 1 + MAX_UID_T_LEN) * 2) + 1;
|
||||
sz += ((sizeof("(sudoUser=%#)") - 1 + sizeof(idbuf) - 1) * 2) + 1;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -810,7 +810,7 @@ sudoers_policy_store_result(struct sudoers_context *ctx, bool accepted,
|
||||
|
||||
/* We reserve an extra spot in the list for the effective gid. */
|
||||
glsize = sizeof("runas_groups=") - 1 +
|
||||
(((size_t)gidlist->ngids + 1) * (MAX_UID_T_LEN + 1));
|
||||
(((size_t)gidlist->ngids + 1) * (STRLEN_MAX_UNSIGNED(gid_t) + 1));
|
||||
gid_list = malloc(glsize);
|
||||
if (gid_list == NULL) {
|
||||
sudo_gidlist_delref(gidlist);
|
||||
|
||||
@@ -479,7 +479,8 @@ get_user_groups(const char *user, struct sudo_cred *cred)
|
||||
/*
|
||||
* Format group list as a comma-separated string of gids.
|
||||
*/
|
||||
glsize = sizeof("groups=") - 1 + ((size_t)cred->ngroups * (MAX_UID_T_LEN + 1));
|
||||
glsize = sizeof("groups=") - 1 +
|
||||
((size_t)cred->ngroups * (STRLEN_MAX_UNSIGNED(gid_t) + 1));
|
||||
if ((gid_list = malloc(glsize)) == NULL)
|
||||
goto done;
|
||||
memcpy(gid_list, "groups=", sizeof("groups=") - 1);
|
||||
|
||||
@@ -387,7 +387,7 @@ selinux_fmt_sudo_user(const struct sudo_cred *user_cred)
|
||||
int i, len;
|
||||
debug_decl(selinux_fmt_sudo_user, SUDO_DEBUG_EDIT);
|
||||
|
||||
user_size = (MAX_UID_T_LEN + 1) * (2 + user_cred->ngroups);
|
||||
user_size = (STRLEN_MAX_UNSIGNED(uid_t) + 1) * (2 + user_cred->ngroups);
|
||||
if ((user_str = malloc(user_size)) == NULL)
|
||||
debug_return_ptr(NULL);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user