isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add garbage collection to the sudoers parser to clean up on error.

Browse Source 
This makes it possible to avoid memory leaks when there is a parse error.
This commit is contained in:
Todd C. Miller
2021-02-01 15:06:20 -07:00
parent 4cd6350cad
commit 9ed14870c6
8 changed files with 1202 additions and 441 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
plugins/sudoers/alias.c
View File

@@ -136,11 +136,11 @@ alias_add(struct sudoers_parse_tree *parse_tree, char *name, int type,
HLTQ_TO_TAILQ(&a->members, members, entries);
switch (rbinsert(parse_tree->aliases, a, NULL)) {
case 1:
alias_free(a);
free(a);
errno = EEXIST;
debug_return_bool(false);
case -1:
alias_free(a);
free(a);
debug_return_bool(false);
}
debug_return_bool(true);

1029
plugins/sudoers/gram.c
View File

File diff suppressed because it is too large Load Diff

6
plugins/sudoers/gram.h
View File

@@ -1,8 +1,8 @@
/* A Bison parser, made by GNU Bison 3.7.4. */
/* A Bison parser, made by GNU Bison 3.7.5. */
/* Bison interface for Yacc-like parsers in C
Copyright (C) 1984, 1989-1990, 2000-2015, 2018-2020 Free Software Foundation,
Copyright (C) 1984, 1989-1990, 2000-2015, 2018-2021 Free Software Foundation,
Inc.
This program is free software: you can redistribute it and/or modify
@@ -167,7 +167,7 @@ extern int sudoersdebug;
#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
union YYSTYPE
{
#line 83 "gram.y"
#line 88 "gram.y"
struct cmndspec *cmndspec;
struct defaults *defaults;

355
plugins/sudoers/gram.y
View File

@@ -59,6 +59,11 @@ char *errorfile = NULL;
static int alias_line, alias_column;
#ifdef NO_LEAKS
static struct parser_leak_list parser_leak_list =
SLIST_HEAD_INITIALIZER(parser_leak_list);
#endif
struct sudoers_parse_tree parsed_policy = {
TAILQ_HEAD_INITIALIZER(parsed_policy.userspecs),
TAILQ_HEAD_INITIALIZER(parsed_policy.defaults),
@@ -207,16 +212,20 @@ entry : '\n' {
}
| include {
if (!push_include($1, false)) {
parser_leak_remove(LEAK_PTR, $1);
free($1);
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
free($1);
}
| includedir {
if (!push_include($1, true)) {
parser_leak_remove(LEAK_PTR, $1);
free($1);
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
free($1);
}
| userlist privileges '\n' {
@@ -279,6 +288,7 @@ includedir : INCLUDEDIR WORD '\n' {
defaults_list : defaults_entry
| defaults_list ',' defaults_entry {
parser_leak_remove(LEAK_DEFAULTS, $3);
HLTQ_CONCAT($1, $3, entries);
$$ = $1;
}
@@ -290,6 +300,8 @@ defaults_entry : DEFVAR {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_add(LEAK_DEFAULTS, $$);
}
| '!' DEFVAR {
$$ = new_default($2, NULL, false);
@@ -297,6 +309,8 @@ defaults_entry : DEFVAR {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $2);
parser_leak_add(LEAK_DEFAULTS, $$);
}
| DEFVAR '=' WORD {
$$ = new_default($1, $3, true);
@@ -304,6 +318,9 @@ defaults_entry : DEFVAR {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_remove(LEAK_PTR, $3);
parser_leak_add(LEAK_DEFAULTS, $$);
}
| DEFVAR '+' WORD {
$$ = new_default($1, $3, '+');
@@ -311,6 +328,9 @@ defaults_entry : DEFVAR {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_remove(LEAK_PTR, $3);
parser_leak_add(LEAK_DEFAULTS, $$);
}
| DEFVAR '-' WORD {
$$ = new_default($1, $3, '-');
@@ -318,11 +338,15 @@ defaults_entry : DEFVAR {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_remove(LEAK_PTR, $3);
parser_leak_add(LEAK_DEFAULTS, $$);
}
;
privileges : privilege
| privileges ':' privilege {
parser_leak_remove(LEAK_PRIVILEGE, $3);
HLTQ_CONCAT($1, $3, entries);
$$ = $1;
}
@@ -338,8 +362,11 @@ privilege : hostlist '=' cmndspeclist {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_add(LEAK_PRIVILEGE, p);
TAILQ_INIT(&p->defaults);
parser_leak_remove(LEAK_MEMBER, $1);
HLTQ_TO_TAILQ(&p->hostlist, $1, entries);
parser_leak_remove(LEAK_CMNDSPEC, $3);
HLTQ_TO_TAILQ(&p->cmndlist, $3, entries);
HLTQ_INIT(p, entries);
$$ = p;
@@ -362,6 +389,8 @@ host : ALIAS {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_add(LEAK_MEMBER, $$);
}
| ALL {
$$ = new_member(NULL, ALL);
@@ -369,6 +398,7 @@ host : ALIAS {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_add(LEAK_MEMBER, $$);
}
| NETGROUP {
$$ = new_member($1, NETGROUP);
@@ -376,6 +406,8 @@ host : ALIAS {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_add(LEAK_MEMBER, $$);
}
| NTWKADDR {
$$ = new_member($1, NTWKADDR);
@@ -383,6 +415,8 @@ host : ALIAS {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_add(LEAK_MEMBER, $$);
}
| WORD {
$$ = new_member($1, WORD);
@@ -390,6 +424,8 @@ host : ALIAS {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_add(LEAK_MEMBER, $$);
}
;
@@ -397,6 +433,7 @@ cmndspeclist : cmndspec
| cmndspeclist ',' cmndspec {
struct cmndspec *prev;
prev = HLTQ_LAST($1, cmndspec, entries);
parser_leak_remove(LEAK_CMNDSPEC, $3);
HLTQ_CONCAT($1, $3, entries);
/* propagate runcwd and runchroot */
@@ -459,6 +496,7 @@ cmndspec : runasspec options cmndtag digcmnd {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_add(LEAK_CMNDSPEC, cs);
if ($1 != NULL) {
if ($1->runasusers != NULL) {
cs->runasuserlist =
@@ -468,6 +506,7 @@ cmndspec : runasspec options cmndtag digcmnd {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
/* g/c done via runas container */
HLTQ_TO_TAILQ(cs->runasuserlist,
$1->runasusers, entries);
}
@@ -479,9 +518,11 @@ cmndspec : runasspec options cmndtag digcmnd {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
/* g/c done via runas container */
HLTQ_TO_TAILQ(cs->runasgrouplist,
$1->runasgroups, entries);
}
parser_leak_remove(LEAK_RUNAS, $1);
free($1);
}
#ifdef HAVE_SELINUX
@@ -499,6 +540,7 @@ cmndspec : runasspec options cmndtag digcmnd {
cs->runchroot = $2.runchroot;
cs->tags = $3;
cs->cmnd = $4;
parser_leak_remove(LEAK_MEMBER, $4);
HLTQ_INIT(cs, entries);
/* sudo "ALL" implies the SETENV tag */
if (cs->cmnd->type == ALL && !cs->cmnd->negated &&
@@ -514,6 +556,8 @@ digestspec : SHA224_TOK ':' DIGEST {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $3);
parser_leak_add(LEAK_DIGEST, $$);
}
| SHA256_TOK ':' DIGEST {
$$ = new_digest(SUDO_DIGEST_SHA256, $3);
@@ -521,6 +565,8 @@ digestspec : SHA224_TOK ':' DIGEST {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $3);
parser_leak_add(LEAK_DIGEST, $$);
}
| SHA384_TOK ':' DIGEST {
$$ = new_digest(SUDO_DIGEST_SHA384, $3);
@@ -528,6 +574,8 @@ digestspec : SHA224_TOK ':' DIGEST {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $3);
parser_leak_add(LEAK_DIGEST, $$);
}
| SHA512_TOK ':' DIGEST {
$$ = new_digest(SUDO_DIGEST_SHA512, $3);
@@ -535,11 +583,14 @@ digestspec : SHA224_TOK ':' DIGEST {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $3);
parser_leak_add(LEAK_DIGEST, $$);
}
;
digestlist : digestspec
| digestlist ',' digestspec {
parser_leak_remove(LEAK_DIGEST, $3);
HLTQ_CONCAT($1, $3, entries);
$$ = $1;
}
@@ -564,6 +615,7 @@ digcmnd : opcmnd {
}
$2->name = (char *)c;
}
parser_leak_remove(LEAK_DIGEST, $1);
HLTQ_TO_TAILQ(&c->digests, $1, entries);
$$ = $2;
}
@@ -658,6 +710,7 @@ runaslist : /* empty */ {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_add(LEAK_RUNAS, $$);
}
| userlist {
$$ = calloc(1, sizeof(struct runascontainer));
@@ -665,6 +718,8 @@ runaslist : /* empty */ {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_add(LEAK_RUNAS, $$);
parser_leak_remove(LEAK_MEMBER, $1);
$$->runasusers = $1;
/* $$->runasgroups = NULL; */
}
@@ -674,6 +729,9 @@ runaslist : /* empty */ {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_add(LEAK_RUNAS, $$);
parser_leak_remove(LEAK_MEMBER, $1);
parser_leak_remove(LEAK_MEMBER, $3);
$$->runasusers = $1;
$$->runasgroups = $3;
}
@@ -683,6 +741,8 @@ runaslist : /* empty */ {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_add(LEAK_RUNAS, $$);
parser_leak_remove(LEAK_MEMBER, $2);
/* $$->runasusers = NULL; */
$$->runasgroups = $2;
}
@@ -700,6 +760,7 @@ runaslist : /* empty */ {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_add(LEAK_RUNAS, $$);
}
;
@@ -727,13 +788,16 @@ options : /* empty */ {
| options chdirspec {
free($$.runcwd);
$$.runcwd = $2;
parser_leak_remove(LEAK_PTR, $2);
}
| options chrootspec {
free($$.runchroot);
$$.runchroot = $2;
parser_leak_remove(LEAK_PTR, $2);
}
| options notbeforespec {
$$.notbefore = parse_gentime($2);
parser_leak_remove(LEAK_PTR, $2);
free($2);
if ($$.notbefore == -1) {
sudoerserror(N_("invalid notbefore value"));
@@ -742,6 +806,7 @@ options : /* empty */ {
}
| options notafterspec {
$$.notafter = parse_gentime($2);
parser_leak_remove(LEAK_PTR, $2);
free($2);
if ($$.notafter == -1) {
sudoerserror(N_("invalid notafter value"));
@@ -750,6 +815,7 @@ options : /* empty */ {
}
| options timeoutspec {
$$.timeout = parse_timeout($2);
parser_leak_remove(LEAK_PTR, $2);
free($2);
if ($$.timeout == -1) {
if (errno == ERANGE)
@@ -763,24 +829,28 @@ options : /* empty */ {
#ifdef HAVE_SELINUX
free($$.role);
$$.role = $2;
parser_leak_remove(LEAK_PTR, $2);
#endif
}
| options typespec {
#ifdef HAVE_SELINUX
free($$.type);
$$.type = $2;
parser_leak_remove(LEAK_PTR, $2);
#endif
}
| options privsspec {
#ifdef HAVE_PRIV_SET
free($$.privs);
$$.privs = $2;
parser_leak_remove(LEAK_PTR, $2);
#endif
}
| options limitprivsspec {
#ifdef HAVE_PRIV_SET
free($$.limitprivs);
$$.limitprivs = $2;
parser_leak_remove(LEAK_PTR, $2);
#endif
}
;
@@ -838,6 +908,7 @@ cmnd : ALL {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_add(LEAK_MEMBER, $$);
}
| ALIAS {
$$ = new_member($1, ALIAS);
@@ -845,6 +916,8 @@ cmnd : ALL {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_add(LEAK_MEMBER, $$);
}
| COMMAND {
struct sudo_command *c;
@@ -859,6 +932,10 @@ cmnd : ALL {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1.cmnd);
if ($1.args != NULL)
parser_leak_remove(LEAK_PTR, $1.args);
parser_leak_add(LEAK_MEMBER, $$);
}
;
@@ -875,12 +952,15 @@ hostalias : ALIAS {
alias_error($1, errno);
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_remove(LEAK_MEMBER, $4);
}
| reserved_alias '=' hostlist
;
hostlist : ophost
| hostlist ',' ophost {
parser_leak_remove(LEAK_MEMBER, $3);
HLTQ_CONCAT($1, $3, entries);
$$ = $1;
}
@@ -899,12 +979,15 @@ cmndalias : ALIAS {
alias_error($1, errno);
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_remove(LEAK_MEMBER, $4);
}
| reserved_alias '=' cmndlist
;
cmndlist : digcmnd
| cmndlist ',' digcmnd {
parser_leak_remove(LEAK_MEMBER, $3);
HLTQ_CONCAT($1, $3, entries);
$$ = $1;
}
@@ -923,6 +1006,8 @@ runasalias : ALIAS {
alias_error($1, errno);
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_remove(LEAK_MEMBER, $4);
}
| reserved_alias '=' userlist
;
@@ -940,12 +1025,15 @@ useralias : ALIAS {
alias_error($1, errno);
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_remove(LEAK_MEMBER, $4);
}
| reserved_alias '=' userlist
;
userlist : opuser
| userlist ',' opuser {
parser_leak_remove(LEAK_MEMBER, $3);
HLTQ_CONCAT($1, $3, entries);
$$ = $1;
}
@@ -967,6 +1055,8 @@ user : ALIAS {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_add(LEAK_MEMBER, $$);
}
| ALL {
$$ = new_member(NULL, ALL);
@@ -974,6 +1064,7 @@ user : ALIAS {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_add(LEAK_MEMBER, $$);
}
| NETGROUP {
$$ = new_member($1, NETGROUP);
@@ -981,6 +1072,8 @@ user : ALIAS {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_add(LEAK_MEMBER, $$);
}
| USERGROUP {
$$ = new_member($1, USERGROUP);
@@ -988,6 +1081,8 @@ user : ALIAS {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_add(LEAK_MEMBER, $$);
}
| WORD {
$$ = new_member($1, WORD);
@@ -995,11 +1090,14 @@ user : ALIAS {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_add(LEAK_MEMBER, $$);
}
;
grouplist : opgroup
| grouplist ',' opgroup {
parser_leak_remove(LEAK_MEMBER, $3);
HLTQ_CONCAT($1, $3, entries);
$$ = $1;
}
@@ -1021,6 +1119,8 @@ group : ALIAS {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_add(LEAK_MEMBER, $$);
}
| ALL {
$$ = new_member(NULL, ALL);
@@ -1028,6 +1128,7 @@ group : ALIAS {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_add(LEAK_MEMBER, $$);
}
| WORD {
$$ = new_member($1, WORD);
@@ -1035,6 +1136,8 @@ group : ALIAS {
sudoerserror(N_("unable to allocate memory"));
YYERROR;
}
parser_leak_remove(LEAK_PTR, $1);
parser_leak_add(LEAK_MEMBER, $$);
}
;
%%
@@ -1188,6 +1291,7 @@ new_command(char *cmnd, char *args)
"unable to allocate memory");
debug_return_ptr(NULL);
}
/* garbage collected as part of struct member */
c->cmnd = cmnd;
c->args = args;
@@ -1244,15 +1348,18 @@ add_defaults(int type, struct member *bmem, struct defaults *defs)
sudoerserror(N_("unable to allocate memory"));
debug_return_bool(false);
}
if (bmem != NULL)
if (bmem != NULL) {
parser_leak_remove(LEAK_MEMBER, bmem);
HLTQ_TO_TAILQ(binding, bmem, entries);
else
} else {
TAILQ_INIT(binding);
}
/*
* Set type and binding (who it applies to) for new entries.
* Then add to the global defaults list.
*/
parser_leak_remove(LEAK_DEFAULTS, defs);
HLTQ_FOREACH_SAFE(d, defs, entries, next) {
d->type = type;
d->binding = binding;
@@ -1281,7 +1388,9 @@ add_userspec(struct member *members, struct privilege *privs)
u->line = this_lineno;
u->column = sudolinebuf.toke_start + 1;
u->file = rcstr_addref(sudoers);
parser_leak_remove(LEAK_MEMBER, members);
HLTQ_TO_TAILQ(&u->users, members, entries);
parser_leak_remove(LEAK_PRIVILEGE, privs);
HLTQ_TO_TAILQ(&u->privileges, privs, entries);
STAILQ_INIT(&u->comments);
TAILQ_INSERT_TAIL(&parsed_policy.userspecs, u, entries);
@@ -1367,12 +1476,9 @@ free_default(struct defaults *def, struct member_list **binding)
}
void
free_privilege(struct privilege *priv)
free_cmndspecs(struct cmndspec_list *csl)
{
struct member_list *runasuserlist = NULL, *runasgrouplist = NULL;
struct member_list *prev_binding = NULL;
struct cmndspec *cs;
struct defaults *def;
char *runcwd = NULL, *runchroot = NULL;
#ifdef HAVE_SELINUX
char *role = NULL, *type = NULL;
@@ -1380,12 +1486,12 @@ free_privilege(struct privilege *priv)
#ifdef HAVE_PRIV_SET
char *privs = NULL, *limitprivs = NULL;
#endif /* HAVE_PRIV_SET */
debug_decl(free_privilege, SUDOERS_DEBUG_PARSER);
struct cmndspec *cs;
debug_decl(free_cmndspecs, SUDOERS_DEBUG_PARSER);
while ((cs = TAILQ_FIRST(csl)) != NULL) {
TAILQ_REMOVE(csl, cs, entries);
free(priv->ldap_role);
free_members(&priv->hostlist);
while ((cs = TAILQ_FIRST(&priv->cmndlist)) != NULL) {
TAILQ_REMOVE(&priv->cmndlist, cs, entries);
/* Only free the first instance of runcwd/runchroot. */
if (cs->runcwd != runcwd) {
runcwd = cs->runcwd;
@@ -1431,6 +1537,20 @@ free_privilege(struct privilege *priv)
free_member(cs->cmnd);
free(cs);
}
debug_return;
}
void
free_privilege(struct privilege *priv)
{
struct member_list *prev_binding = NULL;
struct defaults *def;
debug_decl(free_privilege, SUDOERS_DEBUG_PARSER);
free(priv->ldap_role);
free_members(&priv->hostlist);
free_cmndspecs(&priv->cmndlist);
while ((def = TAILQ_FIRST(&priv->defaults)) != NULL) {
TAILQ_REMOVE(&priv->defaults, def, entries);
free_default(def, &prev_binding);
@@ -1526,6 +1646,7 @@ init_parser(const char *path, bool quiet, bool strict)
debug_decl(init_parser, SUDOERS_DEBUG_PARSER);
free_parse_tree(&parsed_policy);
parser_leak_init();
init_lexer();
rcstr_delref(sudoers);
@@ -1568,3 +1689,215 @@ init_options(struct command_options *opts)
opts->limitprivs = NULL;
#endif
}
bool
parser_leak_add(enum parser_leak_types type, void *v)
{
#ifdef NO_LEAKS
struct parser_leak_entry *entry;
debug_decl(parser_leak_add, SUDOERS_DEBUG_PARSER);
if (v == NULL)
debug_return_bool(false);
entry = calloc(1, sizeof(*entry));
if (entry == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return_bool(false);
}
switch (type) {
case LEAK_PRIVILEGE:
entry->u.p = v;
break;
case LEAK_CMNDSPEC:
entry->u.cs = v;
break;
case LEAK_DEFAULTS:
entry->u.d = v;
break;
case LEAK_MEMBER:
entry->u.m = v;
break;
case LEAK_DIGEST:
entry->u.dig = v;
break;
case LEAK_RUNAS:
entry->u.rc = v;
break;
case LEAK_PTR:
entry->u.ptr = v;
break;
default:
free(entry);
sudo_warnx("unexpected leak type %d", type);
debug_return_bool(false);
}
entry->type = type;
SLIST_INSERT_HEAD(&parser_leak_list, entry, entries);
debug_return_bool(true);
#else
return true;
#endif /* NO_LEAKS */
}
bool
parser_leak_remove(enum parser_leak_types type, void *v)
{
#ifdef NO_LEAKS
struct parser_leak_entry *entry, *prev = NULL;
debug_decl(parser_leak_remove, SUDOERS_DEBUG_PARSER);
SLIST_FOREACH(entry, &parser_leak_list, entries) {
switch (entry->type) {
case LEAK_PRIVILEGE:
if (entry->u.p == v)
goto found;
break;
case LEAK_CMNDSPEC:
if (entry->u.cs == v)
goto found;
break;
case LEAK_DEFAULTS:
if (entry->u.d == v)
goto found;
break;
case LEAK_MEMBER:
if (entry->u.m == v)
goto found;
break;
case LEAK_DIGEST:
if (entry->u.dig == v)
goto found;
break;
case LEAK_RUNAS:
if (entry->u.rc == v)
goto found;
break;
case LEAK_PTR:
if (entry->u.ptr == v)
goto found;
break;
default:
sudo_warnx("unexpected leak type %d in %p", entry->type, entry);
}
prev = entry;
}
/* If this happens, there is a bug in the leak tracking code. */
sudo_warnx("%s: unable to find %p, type %d", __func__, v, type);
return false;
found:
if (prev == NULL)
SLIST_REMOVE_HEAD(&parser_leak_list, entries);
else
SLIST_REMOVE_AFTER(prev, entries);
free(entry);
return true;
#endif /* NO_LEAKS */
}
void
parser_leak_free(void)
{
#ifdef NO_LEAKS
struct parser_leak_entry *entry;
void *next;
debug_decl(parser_leak_run, SUDOERS_DEBUG_PARSER);
/* Free the leaks. */
while ((entry = SLIST_FIRST(&parser_leak_list))) {
SLIST_REMOVE_HEAD(&parser_leak_list, entries);
switch (entry->type) {
case LEAK_PRIVILEGE:
{
struct privilege *priv;
HLTQ_FOREACH_SAFE(priv, entry->u.p, entries, next)
free_privilege(priv);
free(entry);
}
break;
case LEAK_CMNDSPEC:
{
struct cmndspec_list specs;
HLTQ_TO_TAILQ(&specs, entry->u.cs, entries);
free_cmndspecs(&specs);
free(entry);
}
break;
case LEAK_DEFAULTS:
{
struct defaults_list defs;
HLTQ_TO_TAILQ(&defs, entry->u.d, entries);
free_defaults(&defs);
free(entry);
}
break;
case LEAK_MEMBER:
{
struct member *m;
HLTQ_FOREACH_SAFE(m, entry->u.m, entries, next)
free_member(m);
free(entry);
}
break;
case LEAK_DIGEST:
{
struct command_digest *dig;
HLTQ_FOREACH_SAFE(dig, entry->u.dig, entries, next) {
free(dig->digest_str);
free(dig);
}
free(entry);
}
break;
case LEAK_RUNAS:
{
struct member *m;
if (entry->u.rc->runasusers != NULL) {
HLTQ_FOREACH_SAFE(m, entry->u.rc->runasusers, entries, next)
free_member(m);
}
if (entry->u.rc->runasgroups != NULL) {
HLTQ_FOREACH_SAFE(m, entry->u.rc->runasgroups, entries, next)
free_member(m);
}
free(entry->u.rc);
free(entry);
break;
}
case LEAK_PTR:
free(entry->u.ptr);
free(entry);
break;
default:
sudo_warnx("unexpected garbage type %d", entry->type);
}
}
debug_return;
#endif /* NO_LEAKS */
}
void
parser_leak_init(void)
{
#ifdef NO_LEAKS
static bool initialized;
debug_decl(parser_leak_init, SUDOERS_DEBUG_PARSER);
if (!initialized) {
atexit(parser_leak_free);
initialized = true;
debug_return;
}
/* Already initialized, free existing leaks. */
parser_leak_free();
debug_return;
#endif /* NO_LEAKS */
}

35
plugins/sudoers/parse.h
View File

@@ -294,6 +294,37 @@ struct cmnd_info {
int status;
};
/*
* The parser passes pointers to data structures that are not stored anywhere.
* We add them to the leak list at allocation time and remove them from
* the list when they are stored in another data structure.
* This makes it possible to free data on error that would otherwise be leaked.
*/
enum parser_leak_types {
LEAK_UNKNOWN,
LEAK_PRIVILEGE,
LEAK_CMNDSPEC,
LEAK_DEFAULTS,
LEAK_MEMBER,
LEAK_DIGEST,
LEAK_RUNAS,
LEAK_PTR
};
struct parser_leak_entry {
SLIST_ENTRY(parser_leak_entry) entries;
enum parser_leak_types type;
union {
struct command_digest *dig;
struct privilege *p;
struct cmndspec *cs;
struct defaults *d;
struct member *m;
struct runascontainer *rc;
void *ptr;
} u;
};
SLIST_HEAD(parser_leak_list, parser_leak_entry);
/* alias.c */
struct rbtree *alloc_aliases(void);
void free_aliases(struct rbtree *aliases);
@@ -313,6 +344,7 @@ bool init_parser(const char *path, bool quiet, bool strict);
struct member *new_member_all(char *name);
void free_member(struct member *m);
void free_members(struct member_list *members);
void free_cmndspecs(struct cmndspec_list *csl);
void free_privilege(struct privilege *priv);
void free_userspec(struct userspec *us);
void free_userspecs(struct userspec_list *usl);
@@ -321,6 +353,9 @@ void free_defaults(struct defaults_list *defs);
void init_parse_tree(struct sudoers_parse_tree *parse_tree, const char *lhost, const char *shost);
void free_parse_tree(struct sudoers_parse_tree *parse_tree);
void reparent_parse_tree(struct sudoers_parse_tree *new_tree);
bool parser_leak_add(enum parser_leak_types type, void *v);
bool parser_leak_remove(enum parser_leak_types type, void *v);
void parser_leak_init(void);
/* match_addr.c */
bool addr_matches(char *n);

186
plugins/sudoers/toke.c
View File

@@ -3105,13 +3105,14 @@ YY_RULE_SETUP
LEXTRACE("DEFVAR ");
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
return DEFVAR;
}
YY_BREAK
case 4:
YY_RULE_SETUP
#line 134 "toke.l"
#line 135 "toke.l"
{
BEGIN STARTDEFS;
LEXTRACE(", ");
@@ -3120,7 +3121,7 @@ YY_RULE_SETUP
YY_BREAK
case 5:
YY_RULE_SETUP
#line 140 "toke.l"
#line 141 "toke.l"
{
LEXTRACE("= ");
return '=';
@@ -3128,7 +3129,7 @@ YY_RULE_SETUP
YY_BREAK
case 6:
YY_RULE_SETUP
#line 145 "toke.l"
#line 146 "toke.l"
{
LEXTRACE("+= ");
return '+';
@@ -3136,7 +3137,7 @@ YY_RULE_SETUP
YY_BREAK
case 7:
YY_RULE_SETUP
#line 150 "toke.l"
#line 151 "toke.l"
{
LEXTRACE("-= ");
return '-';
@@ -3144,7 +3145,7 @@ YY_RULE_SETUP
YY_BREAK
case 8:
YY_RULE_SETUP
#line 155 "toke.l"
#line 156 "toke.l"
{
LEXTRACE("BEGINSTR ");
sudoerslval.string = NULL;
@@ -3154,11 +3155,12 @@ YY_RULE_SETUP
YY_BREAK
case 9:
YY_RULE_SETUP
#line 162 "toke.l"
#line 163 "toke.l"
{
LEXTRACE("WORD(2) ");
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
return WORD;
}
YY_BREAK
@@ -3167,7 +3169,7 @@ YY_RULE_SETUP
case 10:
/* rule 10 can match eol */
YY_RULE_SETUP
#line 171 "toke.l"
#line 173 "toke.l"
{
/* Line continuation char followed by newline. */
sudolineno++;
@@ -3176,7 +3178,7 @@ YY_RULE_SETUP
YY_BREAK
case 11:
YY_RULE_SETUP
#line 177 "toke.l"
#line 179 "toke.l"
{
LEXTRACE("ENDSTR ");
BEGIN prev_state;
@@ -3192,29 +3194,34 @@ YY_RULE_SETUP
if (sudoerslval.string[1] == '\0' ||
(sudoerslval.string[1] == ':' &&
sudoerslval.string[2] == '\0')) {
free(sudoerslval.string);
sudoerserror(N_("empty group"));
LEXTRACE("ERROR ");
return ERROR;
}
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("USERGROUP ");
return USERGROUP;
case '+':
if (sudoerslval.string[1] == '\0') {
free(sudoerslval.string);
sudoerserror(N_("empty netgroup"));
LEXTRACE("ERROR ");
return ERROR;
}
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("NETGROUP ");
return NETGROUP;
}
}
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("WORD(4) ");
return WORD;
}
YY_BREAK
case 12:
YY_RULE_SETUP
#line 212 "toke.l"
#line 219 "toke.l"
{
LEXTRACE("BACKSLASH ");
if (!append(sudoerstext, sudoersleng))
@@ -3223,7 +3230,7 @@ YY_RULE_SETUP
YY_BREAK
case 13:
YY_RULE_SETUP
#line 218 "toke.l"
#line 225 "toke.l"
{
LEXTRACE("STRBODY ");
if (!append(sudoerstext, sudoersleng))
@@ -3234,7 +3241,7 @@ YY_RULE_SETUP
case 14:
YY_RULE_SETUP
#line 226 "toke.l"
#line 233 "toke.l"
{
/* quoted fnmatch glob char, pass verbatim */
LEXTRACE("QUOTEDCHAR ");
@@ -3245,7 +3252,7 @@ YY_RULE_SETUP
YY_BREAK
case 15:
YY_RULE_SETUP
#line 234 "toke.l"
#line 241 "toke.l"
{
/* quoted sudoers special char, strip backslash */
LEXTRACE("QUOTEDCHAR ");
@@ -3257,17 +3264,19 @@ YY_RULE_SETUP
case 16:
/* rule 16 can match eol */
YY_RULE_SETUP
#line 242 "toke.l"
#line 249 "toke.l"
{
BEGIN INITIAL;
sudoersless(0);
yy_set_bol(0);
parser_leak_add(LEAK_PTR, sudoerslval.command.cmnd);
parser_leak_add(LEAK_PTR, sudoerslval.command.args);
return COMMAND;
} /* end of command line args */
YY_BREAK
case 17:
YY_RULE_SETUP
#line 249 "toke.l"
#line 258 "toke.l"
{
LEXTRACE("ARG ");
if (!fill_args(sudoerstext, sudoersleng, sawspace))
@@ -3278,7 +3287,7 @@ YY_RULE_SETUP
case 18:
YY_RULE_SETUP
#line 257 "toke.l"
#line 266 "toke.l"
{
/* Only return DIGEST if the length is correct. */
yy_size_t digest_len =
@@ -3286,6 +3295,7 @@ YY_RULE_SETUP
if ((yy_size_t)sudoersleng == digest_len * 2) {
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
BEGIN INITIAL;
LEXTRACE("DIGEST ");
return DIGEST;
@@ -3296,7 +3306,7 @@ YY_RULE_SETUP
YY_BREAK
case 19:
YY_RULE_SETUP
#line 272 "toke.l"
#line 282 "toke.l"
{
/* Only return DIGEST if the length is correct. */
yy_size_t len, digest_len =
@@ -3311,6 +3321,7 @@ YY_RULE_SETUP
if ((yy_size_t)sudoersleng == len) {
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
BEGIN INITIAL;
LEXTRACE("DIGEST ");
return DIGEST;
@@ -3321,7 +3332,7 @@ YY_RULE_SETUP
YY_BREAK
case 20:
YY_RULE_SETUP
#line 294 "toke.l"
#line 305 "toke.l"
{
if (continued) {
sudoerserror(N_("invalid line continuation"));
@@ -3336,7 +3347,7 @@ YY_RULE_SETUP
YY_BREAK
case 21:
YY_RULE_SETUP
#line 306 "toke.l"
#line 317 "toke.l"
{
if (continued) {
sudoerserror(N_("invalid line continuation"));
@@ -3352,7 +3363,7 @@ YY_RULE_SETUP
case 22:
/* rule 22 can match eol */
YY_RULE_SETUP
#line 318 "toke.l"
#line 329 "toke.l"
{
if (continued) {
sudoerserror(N_("invalid line continuation"));
@@ -3372,7 +3383,7 @@ YY_RULE_SETUP
case 23:
/* rule 23 can match eol */
YY_RULE_SETUP
#line 334 "toke.l"
#line 345 "toke.l"
{
if (continued) {
sudoerserror(N_("invalid line continuation"));
@@ -3391,7 +3402,7 @@ YY_RULE_SETUP
YY_BREAK
case 24:
YY_RULE_SETUP
#line 350 "toke.l"
#line 361 "toke.l"
{
char deftype;
int n;
@@ -3435,7 +3446,7 @@ YY_RULE_SETUP
YY_BREAK
case 25:
YY_RULE_SETUP
#line 391 "toke.l"
#line 402 "toke.l"
{
int n;
@@ -3465,7 +3476,7 @@ YY_RULE_SETUP
YY_BREAK
case 26:
YY_RULE_SETUP
#line 418 "toke.l"
#line 429 "toke.l"
{
/* cmnd does not require passwd for this user */
LEXTRACE("NOPASSWD ");
@@ -3474,7 +3485,7 @@ YY_RULE_SETUP
YY_BREAK
case 27:
YY_RULE_SETUP
#line 424 "toke.l"
#line 435 "toke.l"
{
/* cmnd requires passwd for this user */
LEXTRACE("PASSWD ");
@@ -3483,7 +3494,7 @@ YY_RULE_SETUP
YY_BREAK
case 28:
YY_RULE_SETUP
#line 430 "toke.l"
#line 441 "toke.l"
{
LEXTRACE("NOEXEC ");
return NOEXEC;
@@ -3491,7 +3502,7 @@ YY_RULE_SETUP
YY_BREAK
case 29:
YY_RULE_SETUP
#line 435 "toke.l"
#line 446 "toke.l"
{
LEXTRACE("EXEC ");
return EXEC;
@@ -3499,7 +3510,7 @@ YY_RULE_SETUP
YY_BREAK
case 30:
YY_RULE_SETUP
#line 440 "toke.l"
#line 451 "toke.l"
{
LEXTRACE("SETENV ");
return SETENV;
@@ -3507,7 +3518,7 @@ YY_RULE_SETUP
YY_BREAK
case 31:
YY_RULE_SETUP
#line 445 "toke.l"
#line 456 "toke.l"
{
LEXTRACE("NOSETENV ");
return NOSETENV;
@@ -3515,7 +3526,7 @@ YY_RULE_SETUP
YY_BREAK
case 32:
YY_RULE_SETUP
#line 450 "toke.l"
#line 461 "toke.l"
{
LEXTRACE("LOG_OUTPUT ");
return LOG_OUTPUT;
@@ -3523,7 +3534,7 @@ YY_RULE_SETUP
YY_BREAK
case 33:
YY_RULE_SETUP
#line 455 "toke.l"
#line 466 "toke.l"
{
LEXTRACE("NOLOG_OUTPUT ");
return NOLOG_OUTPUT;
@@ -3531,7 +3542,7 @@ YY_RULE_SETUP
YY_BREAK
case 34:
YY_RULE_SETUP
#line 460 "toke.l"
#line 471 "toke.l"
{
LEXTRACE("LOG_INPUT ");
return LOG_INPUT;
@@ -3539,7 +3550,7 @@ YY_RULE_SETUP
YY_BREAK
case 35:
YY_RULE_SETUP
#line 465 "toke.l"
#line 476 "toke.l"
{
LEXTRACE("NOLOG_INPUT ");
return NOLOG_INPUT;
@@ -3547,7 +3558,7 @@ YY_RULE_SETUP
YY_BREAK
case 36:
YY_RULE_SETUP
#line 470 "toke.l"
#line 481 "toke.l"
{
LEXTRACE("MAIL ");
return MAIL;
@@ -3555,7 +3566,7 @@ YY_RULE_SETUP
YY_BREAK
case 37:
YY_RULE_SETUP
#line 475 "toke.l"
#line 486 "toke.l"
{
LEXTRACE("NOMAIL ");
return NOMAIL;
@@ -3563,7 +3574,7 @@ YY_RULE_SETUP
YY_BREAK
case 38:
YY_RULE_SETUP
#line 480 "toke.l"
#line 491 "toke.l"
{
LEXTRACE("FOLLOW ");
return FOLLOWLNK;
@@ -3571,7 +3582,7 @@ YY_RULE_SETUP
YY_BREAK
case 39:
YY_RULE_SETUP
#line 485 "toke.l"
#line 496 "toke.l"
{
LEXTRACE("NOFOLLOW ");
return NOFOLLOWLNK;
@@ -3579,7 +3590,7 @@ YY_RULE_SETUP
YY_BREAK
case 40:
YY_RULE_SETUP
#line 490 "toke.l"
#line 501 "toke.l"
{
if (sudoerstext[0] == '+')
sudoerserror(N_("empty netgroup"));
@@ -3591,49 +3602,53 @@ YY_RULE_SETUP
YY_BREAK
case 41:
YY_RULE_SETUP
#line 499 "toke.l"
#line 510 "toke.l"
{
/* netgroup */
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("NETGROUP ");
return NETGROUP;
}
YY_BREAK
case 42:
YY_RULE_SETUP
#line 507 "toke.l"
#line 519 "toke.l"
{
/* group */
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("USERGROUP ");
return USERGROUP;
}
YY_BREAK
case 43:
YY_RULE_SETUP
#line 515 "toke.l"
#line 528 "toke.l"
{
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("NTWKADDR ");
return NTWKADDR;
}
YY_BREAK
case 44:
YY_RULE_SETUP
#line 522 "toke.l"
#line 536 "toke.l"
{
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("NTWKADDR ");
return NTWKADDR;
}
YY_BREAK
case 45:
YY_RULE_SETUP
#line 529 "toke.l"
#line 544 "toke.l"
{
if (!ipv6_valid(sudoerstext)) {
sudoerserror(N_("invalid IPv6 address"));
@@ -3642,13 +3657,14 @@ YY_RULE_SETUP
}
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("NTWKADDR ");
return NTWKADDR;
}
YY_BREAK
case 46:
YY_RULE_SETUP
#line 541 "toke.l"
#line 557 "toke.l"
{
if (!ipv6_valid(sudoerstext)) {
sudoerserror(N_("invalid IPv6 address"));
@@ -3657,13 +3673,14 @@ YY_RULE_SETUP
}
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("NTWKADDR ");
return NTWKADDR;
}
YY_BREAK
case 47:
YY_RULE_SETUP
#line 553 "toke.l"
#line 570 "toke.l"
{
LEXTRACE("ALL ");
return ALL;
@@ -3672,7 +3689,7 @@ YY_RULE_SETUP
YY_BREAK
case 48:
YY_RULE_SETUP
#line 559 "toke.l"
#line 576 "toke.l"
{
LEXTRACE("CMND_TIMEOUT ");
return CMND_TIMEOUT;
@@ -3680,7 +3697,7 @@ YY_RULE_SETUP
YY_BREAK
case 49:
YY_RULE_SETUP
#line 564 "toke.l"
#line 581 "toke.l"
{
LEXTRACE("NOTBEFORE ");
return NOTBEFORE;
@@ -3688,7 +3705,7 @@ YY_RULE_SETUP
YY_BREAK
case 50:
YY_RULE_SETUP
#line 569 "toke.l"
#line 586 "toke.l"
{
LEXTRACE("NOTAFTER ");
return NOTAFTER;
@@ -3696,7 +3713,7 @@ YY_RULE_SETUP
YY_BREAK
case 51:
YY_RULE_SETUP
#line 574 "toke.l"
#line 591 "toke.l"
{
LEXTRACE("CWD ");
prev_state = YY_START;
@@ -3706,7 +3723,7 @@ YY_RULE_SETUP
YY_BREAK
case 52:
YY_RULE_SETUP
#line 581 "toke.l"
#line 598 "toke.l"
{
LEXTRACE("CHROOT ");
prev_state = YY_START;
@@ -3716,7 +3733,7 @@ YY_RULE_SETUP
YY_BREAK
case 53:
YY_RULE_SETUP
#line 588 "toke.l"
#line 605 "toke.l"
{
#ifdef HAVE_SELINUX
LEXTRACE("ROLE ");
@@ -3728,7 +3745,7 @@ YY_RULE_SETUP
YY_BREAK
case 54:
YY_RULE_SETUP
#line 597 "toke.l"
#line 614 "toke.l"
{
#ifdef HAVE_SELINUX
LEXTRACE("TYPE ");
@@ -3740,7 +3757,7 @@ YY_RULE_SETUP
YY_BREAK
case 55:
YY_RULE_SETUP
#line 605 "toke.l"
#line 622 "toke.l"
{
#ifdef HAVE_PRIV_SET
LEXTRACE("PRIVS ");
@@ -3752,7 +3769,7 @@ YY_RULE_SETUP
YY_BREAK
case 56:
YY_RULE_SETUP
#line 614 "toke.l"
#line 631 "toke.l"
{
#ifdef HAVE_PRIV_SET
LEXTRACE("LIMITPRIVS ");
@@ -3764,30 +3781,33 @@ YY_RULE_SETUP
YY_BREAK
case 57:
YY_RULE_SETUP
#line 623 "toke.l"
#line 640 "toke.l"
{
got_alias:
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("ALIAS ");
return ALIAS;
}
YY_BREAK
case 58:
YY_RULE_SETUP
#line 631 "toke.l"
#line 649 "toke.l"
{
/* XXX - no way to specify digest for command */
/* no command args allowed for Defaults!/path */
if (!fill_cmnd(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.command.cmnd);
parser_leak_add(LEAK_PTR, sudoerslval.command.args);
LEXTRACE("COMMAND ");
return COMMAND;
}
YY_BREAK
case 59:
YY_RULE_SETUP
#line 640 "toke.l"
#line 660 "toke.l"
{
digest_type = SUDO_DIGEST_SHA224;
BEGIN WANTDIGEST;
@@ -3797,7 +3817,7 @@ YY_RULE_SETUP
YY_BREAK
case 60:
YY_RULE_SETUP
#line 647 "toke.l"
#line 667 "toke.l"
{
digest_type = SUDO_DIGEST_SHA256;
BEGIN WANTDIGEST;
@@ -3807,7 +3827,7 @@ YY_RULE_SETUP
YY_BREAK
case 61:
YY_RULE_SETUP
#line 654 "toke.l"
#line 674 "toke.l"
{
digest_type = SUDO_DIGEST_SHA384;
BEGIN WANTDIGEST;
@@ -3817,7 +3837,7 @@ YY_RULE_SETUP
YY_BREAK
case 62:
YY_RULE_SETUP
#line 661 "toke.l"
#line 681 "toke.l"
{
digest_type = SUDO_DIGEST_SHA512;
BEGIN WANTDIGEST;
@@ -3827,7 +3847,7 @@ YY_RULE_SETUP
YY_BREAK
case 63:
YY_RULE_SETUP
#line 668 "toke.l"
#line 688 "toke.l"
{
BEGIN GOTCMND;
LEXTRACE("COMMAND ");
@@ -3837,24 +3857,26 @@ YY_RULE_SETUP
YY_BREAK
case 64:
YY_RULE_SETUP
#line 675 "toke.l"
#line 695 "toke.l"
{
BEGIN prev_state;
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("WORD(5) ");
return WORD;
}
YY_BREAK
case 65:
YY_RULE_SETUP
#line 683 "toke.l"
#line 704 "toke.l"
{
/* directories can't have args... */
if (sudoerstext[sudoersleng - 1] == '/') {
LEXTRACE("COMMAND ");
if (!fill_cmnd(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.command.cmnd);
return COMMAND;
}
BEGIN GOTCMND;
@@ -3865,7 +3887,7 @@ YY_RULE_SETUP
YY_BREAK
case 66:
YY_RULE_SETUP
#line 697 "toke.l"
#line 719 "toke.l"
{
LEXTRACE("BEGINSTR ");
sudoerslval.string = NULL;
@@ -3875,11 +3897,12 @@ YY_RULE_SETUP
YY_BREAK
case 67:
YY_RULE_SETUP
#line 704 "toke.l"
#line 726 "toke.l"
{
/* a word */
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("WORD(6) ");
return WORD;
}
@@ -3887,11 +3910,12 @@ YY_RULE_SETUP
case 68:
YY_RULE_SETUP
#line 713 "toke.l"
#line 736 "toke.l"
{
/* include file/directory */
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
BEGIN INITIAL;
LEXTRACE("WORD(7) ");
return WORD;
@@ -3899,7 +3923,7 @@ YY_RULE_SETUP
YY_BREAK
case 69:
YY_RULE_SETUP
#line 722 "toke.l"
#line 746 "toke.l"
{
LEXTRACE("BEGINSTR ");
sudoerslval.string = NULL;
@@ -3910,7 +3934,7 @@ YY_RULE_SETUP
case 70:
YY_RULE_SETUP
#line 730 "toke.l"
#line 754 "toke.l"
{
LEXTRACE("( ");
return '(';
@@ -3918,7 +3942,7 @@ YY_RULE_SETUP
YY_BREAK
case 71:
YY_RULE_SETUP
#line 735 "toke.l"
#line 759 "toke.l"
{
LEXTRACE(") ");
return ')';
@@ -3926,7 +3950,7 @@ YY_RULE_SETUP
YY_BREAK
case 72:
YY_RULE_SETUP
#line 740 "toke.l"
#line 764 "toke.l"
{
LEXTRACE(", ");
return ',';
@@ -3934,7 +3958,7 @@ YY_RULE_SETUP
YY_BREAK
case 73:
YY_RULE_SETUP
#line 745 "toke.l"
#line 769 "toke.l"
{
LEXTRACE("= ");
return '=';
@@ -3942,7 +3966,7 @@ YY_RULE_SETUP
YY_BREAK
case 74:
YY_RULE_SETUP
#line 750 "toke.l"
#line 774 "toke.l"
{
LEXTRACE(": ");
return ':';
@@ -3950,7 +3974,7 @@ YY_RULE_SETUP
YY_BREAK
case 75:
YY_RULE_SETUP
#line 755 "toke.l"
#line 779 "toke.l"
{
if (sudoersleng & 1) {
LEXTRACE("!");
@@ -3961,7 +3985,7 @@ YY_RULE_SETUP
case 76:
/* rule 76 can match eol */
YY_RULE_SETUP
#line 762 "toke.l"
#line 786 "toke.l"
{
if (YY_START == INSTR) {
/* re-scan after changing state */
@@ -3980,7 +4004,7 @@ YY_RULE_SETUP
YY_BREAK
case 77:
YY_RULE_SETUP
#line 778 "toke.l"
#line 802 "toke.l"
{ /* throw away space/tabs */
sawspace = true; /* but remember for fill_args */
}
@@ -3988,7 +4012,7 @@ YY_RULE_SETUP
case 78:
/* rule 78 can match eol */
YY_RULE_SETUP
#line 782 "toke.l"
#line 806 "toke.l"
{
sawspace = true; /* remember for fill_args */
sudolineno++;
@@ -3998,7 +4022,7 @@ YY_RULE_SETUP
case 79:
/* rule 79 can match eol */
YY_RULE_SETUP
#line 788 "toke.l"
#line 812 "toke.l"
{
if (sudoerstext[sudoersleng - 1] == '\n') {
/* comment ending in a newline */
@@ -4016,7 +4040,7 @@ YY_RULE_SETUP
YY_BREAK
case 80:
YY_RULE_SETUP
#line 803 "toke.l"
#line 827 "toke.l"
{
LEXTRACE("NOMATCH ");
return NOMATCH;
@@ -4031,7 +4055,7 @@ case YY_STATE_EOF(INSTR):
case YY_STATE_EOF(WANTDIGEST):
case YY_STATE_EOF(GOTINC):
case YY_STATE_EOF(EXPECTPATH):
#line 808 "toke.l"
#line 832 "toke.l"
{
if (!pop_include())
yyterminate();
@@ -4039,10 +4063,10 @@ case YY_STATE_EOF(EXPECTPATH):
YY_BREAK
case 81:
YY_RULE_SETUP
#line 813 "toke.l"
#line 837 "toke.l"
ECHO;
YY_BREAK
#line 4040 "toke.c"
#line 4064 "toke.c"
case YY_END_OF_BUFFER:
{
@@ -5003,7 +5027,7 @@ void sudoersfree (void * ptr )
#define YYTABLES_NAME "yytables"
#line 813 "toke.l"
#line 837 "toke.l"
struct path_list {

24
plugins/sudoers/toke.l
View File

@@ -127,6 +127,7 @@ DEFVAR [a-z_]+
LEXTRACE("DEFVAR ");
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
return DEFVAR;
}
@@ -163,6 +164,7 @@ DEFVAR [a-z_]+
LEXTRACE("WORD(2) ");
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
return WORD;
}
}
@@ -189,22 +191,27 @@ DEFVAR [a-z_]+
if (sudoerslval.string[1] == '\0' ||
(sudoerslval.string[1] == ':' &&
sudoerslval.string[2] == '\0')) {
free(sudoerslval.string);
sudoerserror(N_("empty group"));
LEXTRACE("ERROR ");
return ERROR;
}
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("USERGROUP ");
return USERGROUP;
case '+':
if (sudoerslval.string[1] == '\0') {
free(sudoerslval.string);
sudoerserror(N_("empty netgroup"));
LEXTRACE("ERROR ");
return ERROR;
}
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("NETGROUP ");
return NETGROUP;
}
}
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("WORD(4) ");
return WORD;
}
@@ -243,6 +250,8 @@ DEFVAR [a-z_]+
BEGIN INITIAL;
sudoersless(0);
yy_set_bol(0);
parser_leak_add(LEAK_PTR, sudoerslval.command.cmnd);
parser_leak_add(LEAK_PTR, sudoerslval.command.args);
return COMMAND;
} /* end of command line args */
@@ -261,6 +270,7 @@ DEFVAR [a-z_]+
if ((yy_size_t)sudoersleng == digest_len * 2) {
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
BEGIN INITIAL;
LEXTRACE("DIGEST ");
return DIGEST;
@@ -283,6 +293,7 @@ DEFVAR [a-z_]+
if ((yy_size_t)sudoersleng == len) {
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
BEGIN INITIAL;
LEXTRACE("DIGEST ");
return DIGEST;
@@ -500,6 +511,7 @@ NOFOLLOW[[:blank:]]*: {
/* netgroup */
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("NETGROUP ");
return NETGROUP;
}
@@ -508,6 +520,7 @@ NOFOLLOW[[:blank:]]*: {
/* group */
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("USERGROUP ");
return USERGROUP;
}
@@ -515,6 +528,7 @@ NOFOLLOW[[:blank:]]*: {
{IPV4ADDR}(\/{IPV4ADDR})? {
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("NTWKADDR ");
return NTWKADDR;
}
@@ -522,6 +536,7 @@ NOFOLLOW[[:blank:]]*: {
{IPV4ADDR}\/([12]?[0-9]|3[0-2]) {
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("NTWKADDR ");
return NTWKADDR;
}
@@ -534,6 +549,7 @@ NOFOLLOW[[:blank:]]*: {
}
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("NTWKADDR ");
return NTWKADDR;
}
@@ -546,6 +562,7 @@ NOFOLLOW[[:blank:]]*: {
}
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("NTWKADDR ");
return NTWKADDR;
}
@@ -624,6 +641,7 @@ ALL {
got_alias:
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("ALIAS ");
return ALIAS;
}
@@ -633,6 +651,8 @@ ALL {
/* no command args allowed for Defaults!/path */
if (!fill_cmnd(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.command.cmnd);
parser_leak_add(LEAK_PTR, sudoerslval.command.args);
LEXTRACE("COMMAND ");
return COMMAND;
}
@@ -676,6 +696,7 @@ sudoedit {
BEGIN prev_state;
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("WORD(5) ");
return WORD;
}
@@ -686,6 +707,7 @@ sudoedit {
LEXTRACE("COMMAND ");
if (!fill_cmnd(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.command.cmnd);
return COMMAND;
}
BEGIN GOTCMND;
@@ -705,6 +727,7 @@ sudoedit {
/* a word */
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
LEXTRACE("WORD(6) ");
return WORD;
}
@@ -714,6 +737,7 @@ sudoedit {
/* include file/directory */
if (!fill(sudoerstext, sudoersleng))
yyterminate();
parser_leak_add(LEAK_PTR, sudoerslval.string);
BEGIN INITIAL;
LEXTRACE("WORD(7) ");
return WORD;

4
plugins/sudoers/toke_util.c
View File

@@ -156,8 +156,8 @@ fill_args(const char *s, size_t len, int addspace)
if (p == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
goto bad;
} else
sudoerslval.command.args = p;
}
sudoerslval.command.args = p;
}
/* Efficiently append the arg (with a leading space if needed). */