isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make hexchar() return -1 on invalid input instead of calling fatalx().

Browse Source 
Callers used to check that the string was hex before calling hexchar().
Now callers must check for a -1 return value instead.
This commit is contained in:
Todd C. Miller
2014-03-26 13:50:51 -06:00
parent 2220f55aef
commit 9ff3b1b570
3 changed files with 13 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
plugins/sudoers/match.c
View File

@@ -81,7 +81,6 @@
# include <ndir.h>
# endif
#endif
#include <ctype.h>
#include <pwd.h>
#include <grp.h>
#include <errno.h>
@@ -605,6 +604,7 @@ digest_matches(const char *file, const struct sudo_digest *sd)
SHA2_CTX ctx;
FILE *fp;
unsigned int i;
int h;
debug_decl(digest_matches, SUDO_DEBUG_MATCH)
for (i = 0; digest_functions[i].digest_name != NULL; i++) {
@@ -620,11 +620,10 @@ digest_matches(const char *file, const struct sudo_digest *sd)
if (strlen(sd->digest_str) == func->digest_len * 2) {
/* Convert the command digest from ascii hex to binary. */
for (i = 0; i < func->digest_len; i++) {
if (!isxdigit((unsigned char)sd->digest_str[i + i]) ||
!isxdigit((unsigned char)sd->digest_str[i + i + 1])) {
h = hexchar(&sd->digest_str[i + i]);
if (h == -1)
goto bad_format;
}
sudoers_digest[i] = hexchar(&sd->digest_str[i + i]);
sudoers_digest[i] = (unsigned char)h;
}
} else {
size_t len = base64_decode(sd->digest_str, sudoers_digest,