isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sudoers plugin: silence most -Wconversion warnings.

Browse Source
This commit is contained in:
Todd C. Miller
2023-07-07 15:07:04 -06:00
parent 4891f37a45
commit a38b714667
58 changed files with 352 additions and 322 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
plugins/sudoers/alias.c
View File

@@ -67,7 +67,7 @@ alias_compare(const void *v1, const void *v2)
*/
struct alias *
alias_get(const struct sudoers_parse_tree *parse_tree, const char *name,
int type)
short type)
{
struct alias key;
struct rbnode *node;
@@ -114,8 +114,9 @@ alias_put(struct alias *a)
* Returns true on success and false on failure, setting errno.
*/
bool
alias_add(struct sudoers_parse_tree *parse_tree, char *name, int type,
char *file, int line, int column, struct member *members)
alias_add(struct sudoers_parse_tree *parse_tree, char *name,
short type, char *file, int line, int column,
struct member *members)
{
struct alias *a;
debug_decl(alias_add, SUDOERS_DEBUG_ALIAS);
@@ -228,7 +229,8 @@ alias_free(void *v)
* Find the named alias, remove it from the tree and return it.
*/
struct alias *
alias_remove(struct sudoers_parse_tree *parse_tree, const char *name, int type)
alias_remove(struct sudoers_parse_tree *parse_tree, const char *name,
short type)
{
struct rbnode *node;
struct alias key;
@@ -262,7 +264,7 @@ free_aliases(struct rbtree *aliases)
}
const char *
alias_type_to_string(int alias_type)
alias_type_to_string(short alias_type)
{
return alias_type == HOSTALIAS ? "Host_Alias" :
alias_type == CMNDALIAS ? "Cmnd_Alias" :
@@ -277,7 +279,7 @@ alias_type_to_string(int alias_type)
*/
static bool
alias_remove_recursive(struct sudoers_parse_tree *parse_tree, char *name,
int type, struct rbtree *freelist)
short type, struct rbtree *freelist)
{
struct member *m;
struct alias *a;
@@ -299,7 +301,7 @@ alias_remove_recursive(struct sudoers_parse_tree *parse_tree, char *name,
static int
alias_find_used_members(struct sudoers_parse_tree *parse_tree,
struct member_list *members, int atype, struct rbtree *used_aliases)
struct member_list *members, short atype, struct rbtree *used_aliases)
{
struct member *m;
int errors = 0;

3
plugins/sudoers/auth/pam.c
View File

@@ -683,7 +683,8 @@ converse(int num_msg, PAM_CONST struct pam_message **msg,
sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
"number of PAM messages: %d", num_msg);
if ((reply = calloc(num_msg, sizeof(struct pam_response))) == NULL) {
reply = calloc((size_t)num_msg, sizeof(struct pam_response));
if (reply == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return_int(PAM_BUF_ERR);
}

2
plugins/sudoers/auth/sudo_auth.c
View File

@@ -465,7 +465,7 @@ auth_getpass(const char *prompt, int type, struct sudo_conv_callback *callback)
/* Call conversation function. */
memset(&msg, 0, sizeof(msg));
msg.msg_type = type;
msg.timeout = def_passwd_timeout.tv_sec;
msg.timeout = (int)def_passwd_timeout.tv_sec;
msg.msg = prompt;
memset(&repl, 0, sizeof(repl));
sudo_conv(1, &msg, &repl, callback);

4
plugins/sudoers/b64_encode.c
View File

@@ -43,14 +43,14 @@ base64_encode(const unsigned char *in, size_t in_len, char *out, size_t out_len)
rem -= 6;
if (io >= out_len)
debug_return_size_t((size_t)-1); /* truncation is failure */
out[io++] = base64enc_tab[(v >> rem) & 63];
out[io++] = (char)base64enc_tab[(v >> rem) & 63];
}
}
if (rem != 0) {
v <<= (6 - rem);
if (io >= out_len)
debug_return_size_t((size_t)-1); /* truncation is failure */
out[io++] = base64enc_tab[v&63];
out[io++] = (char)base64enc_tab[v&63];
}
while (io & 3) {
if (io >= out_len)

4
plugins/sudoers/check_aliases.c
View File

@@ -1,7 +1,7 @@
/*
* SPDX-License-Identifier: ISC
*
* Copyright (c) 2004-2005, 2007-2018, 2021-2022
* Copyright (c) 2004-2005, 2007-2018, 2021-2023
* Todd C. Miller <Todd.Miller@sudo.ws>
*
* Permission to use, copy, modify, and distribute this software for any
@@ -109,7 +109,7 @@ alias_warnx(const char *file, int line, int column, bool strict, bool quiet,
static int
check_alias(struct sudoers_parse_tree *parse_tree,
struct alias_warned_list *warned, char *name, int type,
struct alias_warned_list *warned, char *name, short type,
char *file, int line, int column, bool strict, bool quiet)
{
struct member *m;

23
plugins/sudoers/cvtsudoers.c
View File

@@ -206,7 +206,8 @@ main(int argc, char *argv[])
}
break;
case 'I':
conf->order_increment = sudo_strtonum(optarg, 1, UINT_MAX, &errstr);
conf->order_increment =
(unsigned int)sudo_strtonum(optarg, 1, UINT_MAX, &errstr);
if (errstr != NULL) {
sudo_warnx(U_("order increment: %s: %s"), optarg, U_(errstr));
usage();
@@ -225,7 +226,8 @@ main(int argc, char *argv[])
output_file = optarg;
break;
case 'O':
conf->sudo_order = sudo_strtonum(optarg, 0, UINT_MAX, &errstr);
conf->sudo_order =
(unsigned int)sudo_strtonum(optarg, 0, UINT_MAX, &errstr);
if (errstr != NULL) {
sudo_warnx(U_("starting order: %s: %s"), optarg, U_(errstr));
usage();
@@ -235,7 +237,8 @@ main(int argc, char *argv[])
conf->prune_matches = true;
break;
case 'P':
conf->order_padding = sudo_strtonum(optarg, 1, UINT_MAX, &errstr);
conf->order_padding =
(unsigned int)sudo_strtonum(optarg, 1, UINT_MAX, &errstr);
if (errstr != NULL ) {
sudo_warnx(U_("order padding: %s: %s"), optarg, U_(errstr));
usage();
@@ -522,8 +525,8 @@ cvtsudoers_parse_keyword(const char *conf_file, const char *keyword,
break;
case CONF_UINT:
{
unsigned int uval =
sudo_strtonum(value, 0, UINT_MAX, &errstr);
unsigned int uval =
(unsigned int)sudo_strtonum(value, 0, UINT_MAX, &errstr);
if (errstr != NULL) {
sudo_warnx(U_("%s: %s: %s: %s"),
conf_file, keyword, value, U_(errstr));
@@ -590,7 +593,7 @@ cvtsudoers_conf_read(const char *path)
keyword = line;
if ((value = strchr(line, '=')) == NULL || value == line)
continue;
len = value - line;
len = (size_t)(value - line);
/* Trim whitespace after keyword and NUL-terminate. */
while (len > 0 && isblank((unsigned char)line[len - 1]))
@@ -870,7 +873,7 @@ hostlist_matches_filter(struct sudoers_parse_tree *parse_tree,
char *lhost, *shost;
bool ret = false;
char **shosts;
int n = 0;
size_t n = 0;
debug_decl(hostlist_matches_filter, SUDOERS_DEBUG_UTIL);
if (filters == NULL || STAILQ_EMPTY(&filters->hosts))
@@ -1132,7 +1135,7 @@ filter_userspecs(struct sudoers_parse_tree *parse_tree,
*/
static bool
alias_matches(struct sudoers_parse_tree *parse_tree, const char *name,
const char *alias_name, int alias_type)
const char *alias_name, short alias_type)
{
struct alias *a;
struct member *m;
@@ -1249,7 +1252,7 @@ alias_used_by_userspecs(struct sudoers_parse_tree *parse_tree,
*/
static void
free_aliases_by_members(struct sudoers_parse_tree *parse_tree,
struct member_list *members, int type)
struct member_list *members, short type)
{
struct member *m;
struct alias *a;
@@ -1277,7 +1280,7 @@ filter_defaults(struct sudoers_parse_tree *parse_tree,
struct member_list cmnd_aliases = TAILQ_HEAD_INITIALIZER(cmnd_aliases);
struct defaults *def, *def_next;
struct member *m, *m_next;
int alias_type;
short alias_type;
debug_decl(filter_defaults, SUDOERS_DEBUG_DEFAULTS);
if (filters == NULL && conf->defaults == CVT_DEFAULTS_ALL)

4
plugins/sudoers/cvtsudoers.h
View File

@@ -48,8 +48,8 @@ struct cvtsudoers_config {
unsigned int order_increment;
unsigned int order_padding;
unsigned int order_max;
short defaults;
short suppress;
int defaults;
int suppress;
bool store_options;
bool expand_aliases;
bool prune_matches;

18
plugins/sudoers/cvtsudoers_csv.c
View File

@@ -36,7 +36,7 @@
#include "cvtsudoers.h"
#include <gram.h>
static void print_member_list_csv(FILE *fp, const struct sudoers_parse_tree *parse_tree, struct member_list *members, bool negated, int alias_type, bool expand_aliases);
static void print_member_list_csv(FILE *fp, const struct sudoers_parse_tree *parse_tree, struct member_list *members, bool negated, short alias_type, bool expand_aliases);
/*
* Print sudoOptions from a defaults_list.
@@ -88,7 +88,7 @@ defaults_type_to_string(int defaults_type)
/*
* Map a Defaults type to an alias type.
*/
static int
static short
defaults_to_alias_type(int defaults_type)
{
switch (defaults_type) {
@@ -185,7 +185,7 @@ format_cmnd(struct sudo_command *c, bool negated)
cp = buf;
TAILQ_FOREACH(digest, &c->digests, entries) {
len = snprintf(cp, bufsiz - (cp - buf), "%s:%s%s ",
len = snprintf(cp, bufsiz - (size_t)(cp - buf), "%s:%s%s ",
digest_type_to_name(digest->digest_type), digest->digest_str,
TAILQ_NEXT(digest, entries) ? "," : "");
if (len < 0 || len >= (int)bufsiz - (cp - buf))
@@ -193,8 +193,8 @@ format_cmnd(struct sudo_command *c, bool negated)
cp += len;
}
len = snprintf(cp, bufsiz - (cp - buf), "%s%s%s%s", negated ? "!" : "",
cmnd, c->args ? " " : "", c->args ? c->args : "");
len = snprintf(cp, bufsiz - (size_t)(cp - buf), "%s%s%s%s",
negated ? "!" : "", cmnd, c->args ? " " : "", c->args ? c->args : "");
if (len < 0 || len >= (int)bufsiz - (cp - buf))
sudo_fatalx(U_("internal error, %s overflow"), __func__);
@@ -207,7 +207,7 @@ format_cmnd(struct sudo_command *c, bool negated)
*/
static void
print_member_csv(FILE *fp, const struct sudoers_parse_tree *parse_tree,
char *name, int type, bool negated, bool quoted, int alias_type,
char *name, int type, bool negated, bool quoted, short alias_type,
bool expand_aliases)
{
struct alias *a;
@@ -260,7 +260,7 @@ print_member_csv(FILE *fp, const struct sudoers_parse_tree *parse_tree,
*/
static void
print_member_list_csv(FILE *fp, const struct sudoers_parse_tree *parse_tree,
struct member_list *members, bool negated, int alias_type,
struct member_list *members, bool negated, short alias_type,
bool expand_aliases)
{
struct member *m, *next;
@@ -292,7 +292,7 @@ print_defaults_binding_csv(FILE *fp,
const struct sudoers_parse_tree *parse_tree,
struct defaults_binding *binding, int type, bool expand_aliases)
{
int alias_type;
short alias_type;
debug_decl(print_defaults_binding_csv, SUDOERS_DEBUG_UTIL);
if (type != DEFAULTS) {
@@ -432,7 +432,7 @@ print_cmndspec_csv(FILE *fp, const struct sudoers_parse_tree *parse_tree,
struct member *m;
struct tm gmt;
bool last_one, quoted = false;
int len;
size_t len;
debug_decl(print_cmndspec_csv, SUDOERS_DEBUG_UTIL);
if (cs->runasuserlist != NULL) {

10
plugins/sudoers/cvtsudoers_json.c
View File

@@ -42,7 +42,7 @@ struct json_alias_closure {
struct json_container *jsonc;
const char *title;
unsigned int count;
int alias_type;
short alias_type;
};
/*
@@ -115,7 +115,7 @@ print_command_json(struct json_container *jsonc, const char *name, bool negated)
* Map an alias type to enum word_type.
*/
static enum word_type
alias_to_word_type(int alias_type)
alias_to_word_type(short alias_type)
{
switch (alias_type) {
case CMNDALIAS:
@@ -162,7 +162,7 @@ print_member_json_int(struct json_container *jsonc,
struct json_value value;
const char *typestr = NULL;
const char *errstr;
int alias_type = UNSPEC;
short alias_type = UNSPEC;
id_t id;
debug_decl(print_member_json_int, SUDOERS_DEBUG_UTIL);
@@ -535,7 +535,7 @@ print_defaults_json(struct json_container *jsonc,
*/
static void
print_aliases_by_type_json(struct json_container *jsonc,
const struct sudoers_parse_tree *parse_tree, int alias_type,
const struct sudoers_parse_tree *parse_tree, short alias_type,
const char *title)
{
struct json_alias_closure closure;
@@ -608,7 +608,7 @@ print_cmndspec_json(struct json_container *jsonc,
struct defaults *def;
struct member *m;
struct tm gmt;
int len;
size_t len;
debug_decl(print_cmndspec_json, SUDOERS_DEBUG_UTIL);
/* Open Cmnd_Spec object. */

16
plugins/sudoers/cvtsudoers_ldif.c
View File

@@ -67,7 +67,8 @@ seen_user_free(void *v)
static bool
safe_string(const char *str)
{
unsigned int ch = *str++;
const unsigned char *ustr = (const unsigned char *)str;
unsigned char ch = *ustr++;
debug_decl(safe_string, SUDOERS_DEBUG_UTIL);
/* Initial char must be <= 127 and not LF, CR, SPACE, ':', '<' */
@@ -86,7 +87,7 @@ safe_string(const char *str)
}
/* Any value <= 127 decimal except NUL, LF, and CR is safe */
while ((ch = *str++) != '\0') {
while ((ch = *ustr++) != '\0') {
if (ch > 127 || ch == '\n' || ch == '\r')
debug_return_bool(false);
}
@@ -237,7 +238,7 @@ format_cmnd(struct sudo_command *c, bool negated)
cp = buf;
TAILQ_FOREACH(digest, &c->digests, entries) {
len = snprintf(cp, bufsiz - (cp - buf), "%s:%s%s ",
len = snprintf(cp, bufsiz - (size_t)(cp - buf), "%s:%s%s ",
digest_type_to_name(digest->digest_type), digest->digest_str,
TAILQ_NEXT(digest, entries) ? "," : "");
if (len < 0 || len >= (int)bufsiz - (cp - buf))
@@ -245,8 +246,8 @@ format_cmnd(struct sudo_command *c, bool negated)
cp += len;
}
len = snprintf(cp, bufsiz - (cp - buf), "%s%s%s%s", negated ? "!" : "",
cmnd, c->args ? " " : "", c->args ? c->args : "");
len = snprintf(cp, bufsiz - (size_t)(cp - buf), "%s%s%s%s",
negated ? "!" : "", cmnd, c->args ? " " : "", c->args ? c->args : "");
if (len < 0 || len >= (int)bufsiz - (cp - buf))
sudo_fatalx(U_("internal error, %s overflow"), __func__);
@@ -259,7 +260,8 @@ format_cmnd(struct sudo_command *c, bool negated)
*/
static void
print_member_ldif(FILE *fp, const struct sudoers_parse_tree *parse_tree,
char *name, int type, bool negated, int alias_type, const char *attr_name)
char *name, int type, bool negated, short alias_type,
const char *attr_name)
{
struct alias *a;
struct member *m;
@@ -322,7 +324,7 @@ print_cmndspec_ldif(FILE *fp, const struct sudoers_parse_tree *parse_tree,
struct tm gmt;
char *attr_val;
bool last_one;
int len;
size_t len;
debug_decl(print_cmndspec_ldif, SUDOERS_DEBUG_UTIL);
/* Print runasuserlist as sudoRunAsUser attributes */

12
plugins/sudoers/cvtsudoers_merge.c
View File

@@ -37,7 +37,7 @@
#include <gram.h>
static struct member *
new_member(const char *name, int type)
new_member(const char *name, short type)
{
struct member *m;
debug_decl(digest_list_equivalent, SUDOERS_DEBUG_PARSER);
@@ -324,7 +324,7 @@ simplify_host_list(struct member_list *hosts, const char *file, int line,
* subsequent parse_trees or merged_tree.
*/
static char *
alias_make_unique(const char *old_name, int type,
alias_make_unique(const char *old_name, short type,
struct sudoers_parse_tree *parse_tree0,
struct sudoers_parse_tree *merged_tree)
{
@@ -407,7 +407,7 @@ alias_rename_members(struct sudoers_parse_tree *parse_tree, struct alias *a,
static void
alias_rename_defaults(const char *old_name, const char *new_name,
int alias_type, struct defaults_list *defaults)
short alias_type, struct defaults_list *defaults)
{
struct defaults *def, *def_next;
struct member *m;
@@ -489,7 +489,7 @@ alias_rename_member_list(const char *old_name, const char *new_name,
static bool
alias_rename_userspecs(const char *old_name, const char *new_name,
int alias_type, struct userspec_list *userspecs)
short alias_type, struct userspec_list *userspecs)
{
struct privilege *priv;
struct cmndspec *cs;
@@ -531,8 +531,8 @@ alias_rename_userspecs(const char *old_name, const char *new_name,
* Rename an alias in parse_tree and all the places where it is used.
*/
static bool
alias_rename(const char *old_name, const char *new_name, int alias_type,
struct sudoers_parse_tree *parse_tree)
alias_rename(const char *old_name, const char *new_name,
short alias_type, struct sudoers_parse_tree *parse_tree)
{
struct alias_rename_closure closure = { old_name, new_name, alias_type };
struct alias *a;

12
plugins/sudoers/cvtsudoers_pwutil.c
View File

@@ -325,7 +325,7 @@ cvtsudoers_make_gidlist_item(const struct passwd *pw, char * const *unused1,
/* Allocate gids[] array and fill it with parsed gids. */
if (ngids != 0) {
gids = reallocarray(NULL, ngids, sizeof(GETGROUPS_T));
gids = reallocarray(NULL, (size_t)ngids, sizeof(GETGROUPS_T));
if (gids == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to allocate memory");
@@ -352,7 +352,7 @@ cvtsudoers_make_gidlist_item(const struct passwd *pw, char * const *unused1,
/* Allocate in one big chunk for easy freeing. */
nsize = strlen(pw->pw_name) + 1;
total = sizeof(*glitem) + nsize;
total += sizeof(gid_t *) * ngids;
total += sizeof(gid_t *) * (size_t)ngids;
if ((glitem = calloc(1, total)) == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
@@ -369,7 +369,7 @@ cvtsudoers_make_gidlist_item(const struct passwd *pw, char * const *unused1,
gidlist = &glitem->gidlist;
cp = (char *)(glitem + 1);
gidlist->gids = (gid_t *)cp;
cp += sizeof(gid_t) * ngids;
cp += sizeof(gid_t) * (size_t)ngids;
/* Set key and datum. */
memcpy(cp, pw->pw_name, nsize);
@@ -421,7 +421,7 @@ cvtsudoers_make_grlist_item(const struct passwd *pw, char * const *unused1)
}
#ifdef _SC_LOGIN_NAME_MAX
groupname_len = MAX(sysconf(_SC_LOGIN_NAME_MAX), 32);
groupname_len = MAX((size_t)sysconf(_SC_LOGIN_NAME_MAX), 32);
#else
groupname_len = MAX(LOGIN_NAME_MAX, 32);
#endif
@@ -469,7 +469,7 @@ again:
}
}
len = strlen(s->str) + 1;
if (cp - (char *)grlitem + len > total) {
if ((size_t)(cp - (char *)grlitem) + len > total) {
total += len + groupname_len;
free(grlitem);
goto again;
@@ -478,7 +478,7 @@ again:
grlist->groups[ngroups++] = cp;
cp += len;
}
grlist->ngroups = ngroups;
grlist->ngroups = (int)ngroups;
debug_return_ptr(&grlitem->cache);
}

13
plugins/sudoers/defaults.c
View File

@@ -131,8 +131,8 @@ dump_defaults(void)
break;
case T_TIMESPEC: {
/* display timespec in minutes as a double */
double d = cur->sd_un.tspec.tv_sec +
(cur->sd_un.tspec.tv_nsec / 1000000000.0);
double d = (double)cur->sd_un.tspec.tv_sec +
((double)cur->sd_un.tspec.tv_nsec / 1000000000.0);
sudo_printf(SUDO_CONV_INFO_MSG, desc, d / 60.0);
sudo_printf(SUDO_CONV_INFO_MSG, "\n");
break;
@@ -817,8 +817,7 @@ check_defaults(const struct sudoers_parse_tree *parse_tree, bool quiet)
continue;
}
}
/* There was an error in the entry, flag it. */
d->error = true;
/* There was an error in the entry. */
ret = false;
}
debug_return_bool(ret);
@@ -834,7 +833,7 @@ store_int(const char *str, struct sudo_defs_types *def)
if (str == NULL) {
def->sd_un.ival = 0;
} else {
i = sudo_strtonum(str, INT_MIN, INT_MAX, &errstr);
i = (int)sudo_strtonum(str, INT_MIN, INT_MAX, &errstr);
if (errstr != NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"%s: %s", str, errstr);
@@ -855,7 +854,7 @@ store_uint(const char *str, struct sudo_defs_types *def)
if (str == NULL) {
def->sd_un.uival = 0;
} else {
u = sudo_strtonum(str, 0, UINT_MAX, &errstr);
u = (unsigned int)sudo_strtonum(str, 0, UINT_MAX, &errstr);
if (errstr != NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"%s: %s", str, errstr);
@@ -1043,7 +1042,7 @@ store_list(const char *str, struct sudo_defs_types *def, int op)
} else {
for (cp = sudo_strsplit(str, end, " \t", &ep); cp != NULL;
cp = sudo_strsplit(NULL, end, " \t", &ep)) {
if (!list_op(cp, ep - cp, &def->sd_un.list, lop))
if (!list_op(cp, (size_t)(ep - cp), &def->sd_un.list, lop))
debug_return_bool(false);
}
}

8
plugins/sudoers/defaults.h
View File

@@ -74,10 +74,10 @@ struct sudo_defs_types {
* Defaults values to apply before others.
*/
struct early_default {
short idx;
short run_callback;
short line;
short column;
int idx;
int run_callback;
int line;
int column;
char *file;
};

8
plugins/sudoers/display.c
View File

@@ -343,7 +343,8 @@ display_bound_defaults_by_type(struct sudoers_parse_tree *parse_tree,
struct defaults_binding *binding = NULL;
struct member *m;
const char *dsep;
int atype, nfound = 0;
short atype;
int nfound = 0;
debug_decl(display_bound_defaults_by_type, SUDOERS_DEBUG_PARSER);
switch (deftype) {
@@ -425,7 +426,7 @@ output(const char *buf)
memset(&repl, 0, sizeof(repl));
if (sudo_conv(1, &msg, &repl, NULL) == -1)
debug_return_int(0);
debug_return_int(strlen(buf));
debug_return_int((int)strlen(buf));
}
/*
@@ -437,8 +438,9 @@ display_privs(struct sudo_nss_list *snl, struct passwd *pw, bool verbose)
{
struct sudo_nss *nss;
struct sudo_lbuf def_buf, priv_buf;
int cols, count, n;
unsigned int olen;
struct stat sb;
int cols, count, olen, n;
debug_decl(display_privs, SUDOERS_DEBUG_PARSER);
cols = sudo_user.cols;

8
plugins/sudoers/editor.c
View File

@@ -65,7 +65,7 @@ wordsplit(const char *str, const char *endstr, const char **last)
if (*str == '"' || *str == '\'') {
const char *endquote;
for (cp = str + 1; cp < endstr; cp = endquote + 1) {
endquote = memchr(cp, *str, endstr - cp);
endquote = memchr(cp, *str, (size_t)(endstr - cp));
if (endquote == NULL)
break;
/* ignore escaped quotes */
@@ -142,7 +142,7 @@ resolve_editor(const char *ed, size_t edlen, int nfiles, char * const *files,
cp = wordsplit(ed, edend, &ep);
if (cp == NULL)
debug_return_str(NULL);
editor = copy_arg(cp, ep - cp);
editor = copy_arg(cp, (size_t)(ep - cp));
if (editor == NULL)
goto oom;
@@ -158,7 +158,7 @@ resolve_editor(const char *ed, size_t edlen, int nfiles, char * const *files,
nargc++;
if (nfiles != 0)
nargc += nfiles + 1;
nargv = reallocarray(NULL, nargc + 1, sizeof(char *));
nargv = reallocarray(NULL, (size_t)(nargc + 1), sizeof(char *));
if (nargv == NULL)
goto oom;
sudoers_gc_add(GC_PTR, nargv);
@@ -168,7 +168,7 @@ resolve_editor(const char *ed, size_t edlen, int nfiles, char * const *files,
editor = NULL;
for (nargc = 1; (cp = wordsplit(NULL, edend, &ep)) != NULL; nargc++) {
/* Copy string, collapsing chars escaped with a backslash. */
nargv[nargc] = copy_arg(cp, ep - cp);
nargv[nargc] = copy_arg(cp, (size_t)(ep - cp));
if (nargv[nargc] == NULL)
goto oom;

9
plugins/sudoers/env.c
View File

@@ -391,7 +391,7 @@ sudo_putenv_nodebug(char *str, bool dupcheck, bool overwrite)
ep--;
}
}
env.env_len = ep - env.envp;
env.env_len = (size_t)(ep - env.envp);
}
}
@@ -1174,9 +1174,10 @@ validate_env_vars(char * const env_vars[])
if (okvar == false) {
/* Not allowed, append to error buffer if space remains. */
if (errpos < &errbuf[sizeof(errbuf)]) {
size_t varlen = strcspn(*ep, "=");
int len = snprintf(errpos, sizeof(errbuf) - (errpos - errbuf),
"%s%.*s", errpos != errbuf ? ", " : "", (int)varlen, *ep);
const size_t varlen = strcspn(*ep, "=");
const size_t errsize = sizeof(errbuf) - (size_t)(errpos - errbuf);
int len = snprintf(errpos, errsize, "%s%.*s",
errpos != errbuf ? ", " : "", (int)varlen, *ep);
if (len >= ssizeof(errbuf) - (errpos - errbuf)) {
memcpy(&errbuf[sizeof(errbuf) - 4], "...", 4);
errpos = &errbuf[sizeof(errbuf)];

2
plugins/sudoers/filedigest.c
View File

@@ -45,7 +45,7 @@ sudo_filedigest(int fd, const char *file, unsigned int digest_type,
int fd2;
debug_decl(sudo_filedigest, SUDOERS_DEBUG_UTIL);
*digest_len = sudo_digest_getlen(digest_type);
*digest_len = (size_t)sudo_digest_getlen(digest_type);
if (*digest_len == (size_t)-1) {
sudo_warnx(U_("unsupported digest type %u for %s"), digest_type, file);
debug_return_ptr(NULL);

4
plugins/sudoers/fmtsudoers.c
View File

@@ -41,7 +41,7 @@
static bool
sudoers_format_member_int(struct sudo_lbuf *lbuf,
const struct sudoers_parse_tree *parse_tree, char *name, int type,
bool negated, const char *separator, int alias_type)
bool negated, const char *separator, short alias_type)
{
struct alias *a;
struct member *m;
@@ -137,7 +137,7 @@ sudoers_format_member_int(struct sudo_lbuf *lbuf,
bool
sudoers_format_member(struct sudo_lbuf *lbuf,
const struct sudoers_parse_tree *parse_tree, struct member *m,
const char *separator, int alias_type)
const char *separator, short alias_type)
{
return sudoers_format_member_int(lbuf, parse_tree, m->name, m->type,
m->negated, separator, alias_type);

2
plugins/sudoers/fmtsudoers_cvt.c
View File

@@ -168,7 +168,7 @@ sudoers_format_default_line(struct sudo_lbuf *lbuf,
struct defaults **next, bool expand_aliases)
{
struct member *m;
int alias_type;
short alias_type;
debug_decl(sudoers_format_default_line, SUDOERS_DEBUG_UTIL);
/* Print Defaults type and binding (if present) */

2
plugins/sudoers/getdate.c
View File

@@ -2188,7 +2188,7 @@ LookupWord(char *buff)
/* Make it lowercase. */
for (p = buff; *p; p++) {
if (isupper((unsigned char)*p))
*p = tolower((unsigned char)*p);
*p = (char)tolower((unsigned char)*p);
}
if ((bufflen = (int)(p - buff)) == 0)
return '\0';

2
plugins/sudoers/getdate.y
View File

@@ -654,7 +654,7 @@ LookupWord(char *buff)
/* Make it lowercase. */
for (p = buff; *p; p++) {
if (isupper((unsigned char)*p))
*p = tolower((unsigned char)*p);
*p = (char)tolower((unsigned char)*p);
}
if ((bufflen = (int)(p - buff)) == 0)
return '\0';

8
plugins/sudoers/gram.c
View File

@@ -2932,7 +2932,7 @@ yyreduce:
#line 1024 "gram.y"
{
alias_line = this_lineno;
alias_column = sudolinebuf.toke_start + 1;
alias_column = (int)sudolinebuf.toke_start + 1;
}
#line 2932 "gram.c"
break;
@@ -2965,7 +2965,7 @@ yyreduce:
#line 1051 "gram.y"
{
alias_line = this_lineno;
alias_column = sudolinebuf.toke_start + 1;
alias_column = (int)sudolinebuf.toke_start + 1;
}
#line 2965 "gram.c"
break;
@@ -2998,7 +2998,7 @@ yyreduce:
#line 1078 "gram.y"
{
alias_line = this_lineno;
alias_column = sudolinebuf.toke_start + 1;
alias_column = (int)sudolinebuf.toke_start + 1;
}
#line 2998 "gram.c"
break;
@@ -3021,7 +3021,7 @@ yyreduce:
#line 1097 "gram.y"
{
alias_line = this_lineno;
alias_column = sudolinebuf.toke_start + 1;
alias_column = (int)sudolinebuf.toke_start + 1;
}
#line 3021 "gram.c"
break;

8
plugins/sudoers/gram.y
View File

@@ -1023,7 +1023,7 @@ hostaliases : hostalias
hostalias : ALIAS {
alias_line = this_lineno;
alias_column = sudolinebuf.toke_start + 1;
alias_column = (int)sudolinebuf.toke_start + 1;
} '=' hostlist {
if (!alias_add(&parsed_policy, $1, HOSTALIAS,
sudoers, alias_line, alias_column, $4)) {
@@ -1050,7 +1050,7 @@ cmndaliases : cmndalias
cmndalias : ALIAS {
alias_line = this_lineno;
alias_column = sudolinebuf.toke_start + 1;
alias_column = (int)sudolinebuf.toke_start + 1;
} '=' cmndlist {
if (!alias_add(&parsed_policy, $1, CMNDALIAS,
sudoers, alias_line, alias_column, $4)) {
@@ -1077,7 +1077,7 @@ runasaliases : runasalias
runasalias : ALIAS {
alias_line = this_lineno;
alias_column = sudolinebuf.toke_start + 1;
alias_column = (int)sudolinebuf.toke_start + 1;
} '=' userlist {
if (!alias_add(&parsed_policy, $1, RUNASALIAS,
sudoers, alias_line, alias_column, $4)) {
@@ -1096,7 +1096,7 @@ useraliases : useralias
useralias : ALIAS {
alias_line = this_lineno;
alias_column = sudolinebuf.toke_start + 1;
alias_column = (int)sudolinebuf.toke_start + 1;
} '=' userlist {
if (!alias_add(&parsed_policy, $1, USERALIAS,
sudoers, alias_line, alias_column, $4)) {

6
plugins/sudoers/group_plugin.c
View File

@@ -80,7 +80,7 @@ group_plugin_fallback(char *path, size_t pathsize)
}
/* If directory ends in /lib/, try again with /lib/64/ or /lib64/. */
dirlen = slash - path;
dirlen = (int)(slash - path);
if (dirlen < 4 || strncmp(slash - 4, "/lib", 4) != 0) {
goto done;
}
@@ -98,7 +98,7 @@ group_plugin_fallback(char *path, size_t pathsize)
if (dot == NULL) {
goto done;
}
plen = dot - path;
plen = (int)(dot - path);
/* If basename(path) doesn't match libfoo64.so, try adding the 64. */
if (plen >= 2 && strncmp(dot - 2, "64", 2) == 0) {
@@ -206,7 +206,7 @@ group_plugin_load(const char *plugin_info)
}
}
if (ac != 0) {
argv = reallocarray(NULL, ac + 1, sizeof(char *));
argv = reallocarray(NULL, (size_t)(ac + 1), sizeof(char *));
if (argv == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));

14
plugins/sudoers/iolog.c
View File

@@ -89,7 +89,7 @@ cb_maxseq(const char *file, int line, int column,
unsigned int value;
debug_decl(cb_maxseq, SUDOERS_DEBUG_UTIL);
value = sudo_strtonum(sd_un->str, 0, SESSID_MAX, &errstr);
value = (unsigned int)sudo_strtonum(sd_un->str, 0, SESSID_MAX, &errstr);
if (errstr != NULL) {
if (errno != ERANGE) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
@@ -234,7 +234,7 @@ deserialize_stringlist(const char *s)
continue;
if ((str = malloc(sizeof(*str))) == NULL)
goto bad;
if ((str->str = strndup(cp, (ep - cp))) == NULL) {
if ((str->str = strndup(cp, (size_t)(ep - cp))) == NULL) {
free(str);
goto bad;
}
@@ -317,8 +317,8 @@ iolog_deserialize_info(struct log_details *details, char * const user_info[],
switch (**cur) {
case 'c':
if (strncmp(*cur, "cols=", sizeof("cols=") - 1) == 0) {
int n = sudo_strtonum(*cur + sizeof("cols=") - 1, 1, INT_MAX,
NULL);
int n = (int)sudo_strtonum(*cur + sizeof("cols=") - 1, 1,
INT_MAX, NULL);
if (n > 0)
evlog->columns = n;
continue;
@@ -342,8 +342,8 @@ iolog_deserialize_info(struct log_details *details, char * const user_info[],
break;
case 'l':
if (strncmp(*cur, "lines=", sizeof("lines=") - 1) == 0) {
int n = sudo_strtonum(*cur + sizeof("lines=") - 1, 1, INT_MAX,
NULL);
int n = (int)sudo_strtonum(*cur + sizeof("lines=") - 1, 1,
INT_MAX, NULL);
if (n > 0)
evlog->lines = n;
continue;
@@ -1132,7 +1132,7 @@ sudoers_io_change_winsize_local(unsigned int lines, unsigned int cols,
*errstr = strerror(EOVERFLOW);
goto done;
}
if (iolog_write(&iolog_files[IOFD_TIMING], tbuf, len, errstr) == -1)
if (iolog_write(&iolog_files[IOFD_TIMING], tbuf, (size_t)len, errstr) == -1)
goto done;
/* Success. */

7
plugins/sudoers/iolog_path_escapes.c
View File

@@ -55,7 +55,7 @@ fill_seq(char *str, size_t strsize, void *v)
sessid[1], sessid[2], sessid[3], sessid[4], sessid[5]);
if (len < 0)
debug_return_size_t(strsize); /* handle non-standard snprintf() */
debug_return_size_t(len);
debug_return_size_t((size_t)len);
#endif /* SUDOERS_NO_SEQ */
}
@@ -77,7 +77,7 @@ fill_group(char *str, size_t strsize, void *unused)
len = strlcpy(str, grp->gr_name, strsize);
sudo_gr_delref(grp);
} else {
len = snprintf(str, strsize, "#%u", (unsigned int)user_gid);
len = (size_t)snprintf(str, strsize, "#%u", (unsigned int)user_gid);
}
debug_return_size_t(len);
}
@@ -103,7 +103,8 @@ fill_runas_group(char *str, size_t strsize, void *unused)
len = strlcpy(str, grp->gr_name, strsize);
sudo_gr_delref(grp);
} else {
len = snprintf(str, strsize, "#%u", (unsigned int)runas_pw->pw_gid);
len = (size_t)snprintf(str, strsize, "#%u",
(unsigned int)runas_pw->pw_gid);
}
}
debug_return_size_t(len);

20
plugins/sudoers/ldap.c
View File

@@ -163,7 +163,7 @@ sudo_ldap_join_uri(struct ldap_config_str_list *uri_list)
char *cp = buf;
STAILQ_FOREACH(uri, uri_list, entries) {
cp += strlcpy(cp, uri->val, len - (cp - buf));
cp += strlcpy(cp, uri->val, len - (size_t)(cp - buf));
*cp++ = ' ';
}
cp[-1] = '\0';
@@ -484,7 +484,8 @@ sudo_ldap_timefilter(char *buffer, size_t buffersize)
bool ret = false;
struct tm gmt;
time_t now;
int len;
size_t tblen;
int buflen;
debug_decl(sudo_ldap_timefilter, SUDOERS_DEBUG_LDAP);
/* Make sure we have a formatted timestamp for __now__. */
@@ -496,16 +497,16 @@ sudo_ldap_timefilter(char *buffer, size_t buffersize)
/* Format the timestamp according to the RFC. */
timebuffer[sizeof(timebuffer) - 1] = '\0';
len = strftime(timebuffer, sizeof(timebuffer), "%Y%m%d%H%M%S.0Z", &gmt);
if (len == 0 || timebuffer[sizeof(timebuffer) - 1] != '\0') {
tblen = strftime(timebuffer, sizeof(timebuffer), "%Y%m%d%H%M%S.0Z", &gmt);
if (tblen == 0 || timebuffer[sizeof(timebuffer) - 1] != '\0') {
sudo_warnx("%s", U_("unable to format timestamp"));
goto done;
}
/* Build filter. */
len = snprintf(buffer, buffersize, "(&(|(!(sudoNotAfter=*))(sudoNotAfter>=%s))(|(!(sudoNotBefore=*))(sudoNotBefore<=%s)))",
buflen = snprintf(buffer, buffersize, "(&(|(!(sudoNotAfter=*))(sudoNotAfter>=%s))(|(!(sudoNotBefore=*))(sudoNotBefore<=%s)))",
timebuffer, timebuffer);
if (len < 0 || (size_t)len >= buffersize) {
if (buflen < 0 || (size_t)buflen >= buffersize) {
sudo_warnx(U_("internal error, %s overflow"), __func__);
errno = EOVERFLOW;
goto done;
@@ -1236,7 +1237,7 @@ sudo_set_krb5_ccache_name(const char *name, const char **old_name)
* gss_krb5_ccache_name().
*/
if (sudo_gss_krb5_ccache_name != NULL) {
ret = sudo_gss_krb5_ccache_name(&junk, name, old_name);
ret = (int)sudo_gss_krb5_ccache_name(&junk, name, old_name);
} else {
/* No gss_krb5_ccache_name(), fall back on KRB5CCNAME. */
if (old_name != NULL)
@@ -1286,7 +1287,8 @@ sudo_krb5_copy_cc_file(const char *old_ccname)
while ((nread = read(ofd, buf, sizeof(buf))) > 0) {
ssize_t off = 0;
do {
nwritten = write(nfd, buf + off, nread - off);
nwritten = write(nfd, buf + off,
(size_t)(nread - off));
if (nwritten == -1) {
sudo_warn("error writing to %s", new_ccname);
goto write_error;
@@ -1773,7 +1775,7 @@ sudo_ldap_result_add_entry(struct ldap_result *lres, LDAPMessage *entry)
* of 100 entries to save on allocation time.
*/
if (++lres->nentries > lres->allocated_entries) {
int allocated_entries = lres->allocated_entries + ALLOCATION_INCREMENT;
size_t allocated_entries = lres->allocated_entries + ALLOCATION_INCREMENT;
struct ldap_entry_wrapper *entries = reallocarray(lres->entries,
allocated_entries, sizeof(lres->entries[0]));
if (entries == NULL)

2
plugins/sudoers/ldap_conf.c
View File

@@ -425,7 +425,7 @@ sudo_ldap_parse_keyword(const char *keyword, const char *value,
*(int *)(cur->valp) = sudo_strtobool(value) == true;
break;
case CONF_INT:
*(int *)(cur->valp) = sudo_strtonum(value, INT_MIN, INT_MAX,
*(int *)(cur->valp) = (int)sudo_strtonum(value, INT_MIN, INT_MAX,
&errstr);
if (errstr != NULL) {
sudo_warnx(U_("%s: %s: %s: %s"),

6
plugins/sudoers/ldap_innetgr.c
View File

@@ -112,19 +112,19 @@ sudo_ldap_match_netgroup(const char *triple, const char *host,
/* Parse host. */
cp = triple + 1;
ep = strchr(cp, ',');
if (ep == NULL || !sudo_ldap_netgroup_match_str(host, cp, ep - cp, true))
if (ep == NULL || !sudo_ldap_netgroup_match_str(host, cp, (size_t)(ep - cp), true))
debug_return_int(0);
/* Parse user. */
cp = ep + 1;
ep = strchr(cp, ',');
if (ep == NULL || !sudo_ldap_netgroup_match_str(user, cp, ep - cp, def_case_insensitive_user))
if (ep == NULL || !sudo_ldap_netgroup_match_str(user, cp, (size_t)(ep - cp), def_case_insensitive_user))
debug_return_int(0);
/* Parse domain. */
cp = ep + 1;
ep = strchr(cp, ')');
if (ep == NULL || !sudo_ldap_netgroup_match_str(domain, cp, ep - cp, true))
if (ep == NULL || !sudo_ldap_netgroup_match_str(domain, cp, (size_t)(ep - cp), true))
debug_return_int(0);
debug_return_int(1);

6
plugins/sudoers/ldap_util.c
View File

@@ -253,7 +253,7 @@ sudo_ldap_extract_digest(const char *cmnd, char **endptr,
{
const char *ep, *cp = cmnd;
struct command_digest *digest;
int digest_type = SUDO_DIGEST_INVALID;
unsigned int digest_type = SUDO_DIGEST_INVALID;
debug_decl(sudo_ldap_extract_digest, SUDOERS_DEBUG_LDAP);
/*
@@ -671,7 +671,7 @@ sudo_ldap_value_cat(char *dst, const char *src, size_t size)
/* Find the end of dst and adjust bytes left but don't go past end */
while (n-- != 0 && *d != '\0')
d++;
dlen = d - dst;
dlen = (size_t)(d - dst);
n = size - dlen;
if (n == 0)
@@ -723,7 +723,7 @@ done:
*d = '\0';
while (*s != '\0')
s++;
return dlen + (s - src); /* count does not include NUL */
return dlen + (size_t)(s - src); /* count does not include NUL */
}
/*

5
plugins/sudoers/linux_audit.c
View File

@@ -87,8 +87,9 @@ linux_audit_command(char *const argv[], int result)
goto done;
}
for (av = argv, cp = command; *av != NULL; av++) {
n = strlcpy(cp, *av, size - (cp - command));
if (n >= size - (cp - command)) {
const size_t rem = size - (size_t)(cp - command);
n = strlcpy(cp, *av, rem);
if (n >= rem) {
sudo_warnx(U_("internal error, %s overflow"), __func__);
goto done;
}

36
plugins/sudoers/log_client.c
View File

@@ -959,8 +959,8 @@ fmt_accept_message(struct client_closure *closure, struct eventlog *evlog)
sudo_warn("%s", U_("unable to get time of day"));
debug_return_bool(false);
}
ts.tv_sec = now.tv_sec;
ts.tv_nsec = now.tv_nsec;
ts.tv_sec = (int64_t)now.tv_sec;
ts.tv_nsec = (int32_t)now.tv_nsec;
accept_msg.submit_time = &ts;
/* Client will send IoBuffer messages. */
@@ -1008,8 +1008,8 @@ fmt_reject_message(struct client_closure *closure, struct eventlog *evlog)
sudo_warn("%s", U_("unable to get time of day"));
debug_return_bool(false);
}
ts.tv_sec = now.tv_sec;
ts.tv_nsec = now.tv_nsec;
ts.tv_sec = (int64_t)now.tv_sec;
ts.tv_nsec = (int32_t)now.tv_nsec;
reject_msg.submit_time = &ts;
/* Reason for rejecting the request. */
@@ -1057,8 +1057,8 @@ fmt_alert_message(struct client_closure *closure, struct eventlog *evlog)
sudo_warn("%s", U_("unable to get time of day"));
debug_return_bool(false);
}
ts.tv_sec = now.tv_sec;
ts.tv_nsec = now.tv_nsec;
ts.tv_sec = (int64_t)now.tv_sec;
ts.tv_nsec = (int32_t)now.tv_nsec;
alert_msg.alert_time = &ts;
/* Reason for the alert. */
@@ -1184,8 +1184,8 @@ fmt_exit_message(struct client_closure *closure, int exit_status, int error)
}
sudo_timespecsub(&run_time, &closure->start_time, &run_time);
ts.tv_sec = run_time.tv_sec;
ts.tv_nsec = run_time.tv_nsec;
ts.tv_sec = (int64_t)run_time.tv_sec;
ts.tv_nsec = (int32_t)run_time.tv_nsec;
exit_msg.run_time = &ts;
if (error != 0) {
@@ -1256,8 +1256,8 @@ fmt_io_buf(struct client_closure *closure, int type, const char *buf,
debug_decl(fmt_io_buf, SUDOERS_DEBUG_UTIL);
/* Fill in IoBuffer. */
ts.tv_sec = delay->tv_sec;
ts.tv_nsec = delay->tv_nsec;
ts.tv_sec = (int64_t)delay->tv_sec;
ts.tv_nsec = (int32_t)delay->tv_nsec;
iobuf_msg.delay = &ts;
iobuf_msg.data.data = (void *)buf;
iobuf_msg.data.len = len;
@@ -1294,11 +1294,11 @@ fmt_winsize(struct client_closure *closure, unsigned int lines,
debug_decl(fmt_winsize, SUDOERS_DEBUG_UTIL);
/* Fill in ChangeWindowSize message. */
ts.tv_sec = delay->tv_sec;
ts.tv_nsec = delay->tv_nsec;
ts.tv_sec = (int64_t)delay->tv_sec;
ts.tv_nsec = (int32_t)delay->tv_nsec;
winsize_msg.delay = &ts;
winsize_msg.rows = lines;
winsize_msg.cols = cols;
winsize_msg.rows = (int32_t)lines;
winsize_msg.cols = (int32_t)cols;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: sending ChangeWindowSize, %dx%d",
__func__, winsize_msg.rows, winsize_msg.cols);
@@ -1330,8 +1330,8 @@ fmt_suspend(struct client_closure *closure, const char *signame, struct timespec
debug_decl(fmt_suspend, SUDOERS_DEBUG_UTIL);
/* Fill in CommandSuspend message. */
ts.tv_sec = delay->tv_sec;
ts.tv_nsec = delay->tv_nsec;
ts.tv_sec = (int64_t)delay->tv_sec;
ts.tv_nsec = (int32_t)delay->tv_nsec;
suspend_msg.delay = &ts;
suspend_msg.signal = (char *)signame;
@@ -1779,7 +1779,7 @@ server_msg_cb(int fd, int what, void *v)
default:
break;
}
buf->len += nread;
buf->len += (size_t)nread;
while (buf->len - buf->off >= sizeof(msg_len)) {
/* Read wire message size (uint32_t in network byte order). */
@@ -1905,7 +1905,7 @@ client_msg_cb(int fd, int what, void *v)
sudo_warn("send");
goto bad;
}
buf->off += nwritten;
buf->off += (size_t)nwritten;
if (buf->off == buf->len) {
/* sent entire message, move buf to free list */

4
plugins/sudoers/logging.c
View File

@@ -394,7 +394,7 @@ fmt_authfail_message(unsigned int tries)
debug_return_ptr(ret);
}
len = snprintf(numbuf, sizeof(numbuf), "%u", tries);
len = (size_t)snprintf(numbuf, sizeof(numbuf), "%u", tries);
if (len >= sizeof(numbuf))
goto overflow;
@@ -436,7 +436,7 @@ fmt_authfail_message(unsigned int tries)
src++;
break;
case 'd':
len = strlcpy(dst, numbuf, dst_end - dst);
len = strlcpy(dst, numbuf, (size_t)(dst_end - dst));
if (len >= (size_t)(dst_end - dst))
goto overflow;
dst += len;

4
plugins/sudoers/match_addr.c
View File

@@ -127,7 +127,7 @@ addr_matches_if_netmask(const char *n, const char *m)
debug_return_bool(false);
}
} else {
i = sudo_strtonum(m, 1, 32, &errstr);
i = (size_t)sudo_strtonum(m, 1, 32, &errstr);
if (errstr != NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"IPv4 netmask %s: %s", m, errstr);
@@ -140,7 +140,7 @@ addr_matches_if_netmask(const char *n, const char *m)
#ifdef HAVE_STRUCT_IN6_ADDR
else {
if (inet_pton(AF_INET6, m, &mask.ip6) != 1) {
j = sudo_strtonum(m, 1, 128, &errstr);
j = (size_t)sudo_strtonum(m, 1, 128, &errstr);
if (errstr != NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"IPv6 netmask %s: %s", m, errstr);

2
plugins/sudoers/match_command.c
View File

@@ -674,7 +674,7 @@ command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args,
const char *slash = strrchr(sudoers_cmnd, '/');
if (slash != NULL) {
char sudoers_cmnd_dir[PATH_MAX], *resolved;
const size_t len = slash - sudoers_cmnd;
const size_t len = (size_t)(slash - sudoers_cmnd);
if (len >= sizeof(sudoers_cmnd_dir))
goto bad;
if (len != 0)

17
plugins/sudoers/parse.h
View File

@@ -275,7 +275,7 @@ struct sudoers_comment {
*/
struct alias {
char *name; /* alias name */
unsigned short type; /* {USER,HOST,RUNAS,CMND}ALIAS */
short type; /* {USER,HOST,RUNAS,CMND}ALIAS */
short used; /* "used" flag for cycle detection */
int line; /* line number of alias entry */
int column; /* column number of alias entry */
@@ -292,9 +292,8 @@ struct defaults {
char *val; /* variable value */
struct defaults_binding *binding; /* user/host/runas binding */
char *file; /* file Defaults entry was in */
short type; /* DEFAULTS{,_USER,_RUNAS,_HOST} */
char op; /* true, false, '+', '-' */
char error; /* parse error flag */
int type; /* DEFAULTS{,_USER,_RUNAS,_HOST} */
int op; /* true, false, '+', '-' */
int line; /* line number of Defaults entry */
int column; /* column number of Defaults entry */
};
@@ -390,10 +389,10 @@ SLIST_HEAD(parser_leak_list, parser_leak_entry);
struct rbtree *alloc_aliases(void);
void free_aliases(struct rbtree *aliases);
bool no_aliases(const struct sudoers_parse_tree *parse_tree);
bool alias_add(struct sudoers_parse_tree *parse_tree, char *name, int type, char *file, int line, int column, struct member *members);
const char *alias_type_to_string(int alias_type);
struct alias *alias_get(const struct sudoers_parse_tree *parse_tree, const char *name, int type);
struct alias *alias_remove(struct sudoers_parse_tree *parse_tree, const char *name, int type);
bool alias_add(struct sudoers_parse_tree *parse_tree, char *name, short type, char *file, int line, int column, struct member *members);
const char *alias_type_to_string(short alias_type);
struct alias *alias_get(const struct sudoers_parse_tree *parse_tree, const char *name, short type);
struct alias *alias_remove(struct sudoers_parse_tree *parse_tree, const char *name, short type);
bool alias_find_used(struct sudoers_parse_tree *parse_tree, struct rbtree *used_aliases);
void alias_apply(struct sudoers_parse_tree *parse_tree, int (*func)(struct sudoers_parse_tree *, struct alias *, void *), void *cookie);
void alias_free(void *a);
@@ -495,7 +494,7 @@ bool sudoers_parse_ldif(struct sudoers_parse_tree *parse_tree, FILE *fp, const c
struct sudo_lbuf;
bool sudoers_format_cmndspec(struct sudo_lbuf *lbuf, const struct sudoers_parse_tree *parse_tree, struct cmndspec *cs, struct cmndspec *prev_cs, struct cmndtag tags, bool expand_aliases);
bool sudoers_format_default(struct sudo_lbuf *lbuf, struct defaults *d);
bool sudoers_format_member(struct sudo_lbuf *lbuf, const struct sudoers_parse_tree *parse_tree, struct member *m, const char *separator, int alias_type);
bool sudoers_format_member(struct sudo_lbuf *lbuf, const struct sudoers_parse_tree *parse_tree, struct member *m, const char *separator, short alias_type);
bool sudoers_defaults_to_tags(const char *var, const char *val, int op, struct cmndtag *tags);
bool sudoers_defaults_list_to_tags(struct defaults_list *defs, struct cmndtag *tags);

8
plugins/sudoers/parse_ldif.c
View File

@@ -577,7 +577,7 @@ sudoers_parse_ldif(struct sudoers_parse_tree *parse_tree,
bool in_role = false;
size_t linesize = 0;
char *attr, *name, *line = NULL, *savedline = NULL;
ssize_t savedlen = 0;
size_t savedlen = 0;
bool mismatch = false;
int errors = 0;
debug_decl(sudoers_parse_ldif, SUDOERS_DEBUG_UTIL);
@@ -647,12 +647,12 @@ sudoers_parse_ldif(struct sudoers_parse_tree *parse_tree,
char *tmp;
/* Append to saved line. */
linesize = savedlen + len + 1;
linesize = savedlen + (size_t)len + 1;
if ((tmp = realloc(savedline, linesize)) == NULL) {
sudo_fatalx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
}
memcpy(tmp + savedlen, line, len + 1);
memcpy(tmp + savedlen, line, (size_t)len + 1);
free(line);
line = tmp;
savedline = NULL;
@@ -661,7 +661,7 @@ sudoers_parse_ldif(struct sudoers_parse_tree *parse_tree,
/* Check for folded line */
if ((ch = getc(fp)) == ' ') {
/* folded line, append to the saved portion. */
savedlen = len;
savedlen = (size_t)len;
savedline = line;
line = NULL;
linesize = 0;

23
plugins/sudoers/policy.c
View File

@@ -191,7 +191,7 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
if (MATCHES(*cur, "closefrom=")) {
errno = 0;
p = *cur + sizeof("closefrom=") - 1;
user_closefrom = sudo_strtonum(p, 3, INT_MAX, &errstr);
user_closefrom = (int)sudo_strtonum(p, 3, INT_MAX, &errstr);
if (user_closefrom == 0) {
sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
goto bad;
@@ -361,7 +361,7 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
if (MATCHES(*cur, "max_groups=")) {
errno = 0;
p = *cur + sizeof("max_groups=") - 1;
sudo_user.max_groups = sudo_strtonum(p, 1, 1024, &errstr);
sudo_user.max_groups = (int)sudo_strtonum(p, 1, 1024, &errstr);
if (sudo_user.max_groups == 0) {
sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
goto bad;
@@ -473,7 +473,7 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
if (MATCHES(*cur, "lines=")) {
errno = 0;
p = *cur + sizeof("lines=") - 1;
sudo_user.lines = sudo_strtonum(p, 1, INT_MAX, &errstr);
sudo_user.lines = (int)sudo_strtonum(p, 1, INT_MAX, &errstr);
if (sudo_user.lines == 0) {
sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
goto bad;
@@ -483,7 +483,7 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
if (MATCHES(*cur, "cols=")) {
errno = 0;
p = *cur + sizeof("cols=") - 1;
sudo_user.cols = sudo_strtonum(p, 1, INT_MAX, &errstr);
sudo_user.cols = (int)sudo_strtonum(p, 1, INT_MAX, &errstr);
if (sudo_user.cols == 0) {
sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
goto bad;
@@ -803,7 +803,7 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[],
/* We reserve an extra spot in the list for the effective gid. */
glsize = sizeof("runas_groups=") - 1 +
((gidlist->ngids + 1) * (MAX_UID_T_LEN + 1));
((size_t)(gidlist->ngids + 1) * (MAX_UID_T_LEN + 1));
gid_list = malloc(glsize);
if (gid_list == NULL) {
sudo_gidlist_delref(gidlist);
@@ -811,29 +811,32 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[],
}
memcpy(gid_list, "runas_groups=", sizeof("runas_groups=") - 1);
cp = gid_list + sizeof("runas_groups=") - 1;
glsize -= (size_t)(cp - gid_list);
/* On BSD systems the effective gid is the first group in the list. */
egid = runas_gr ? (unsigned int)runas_gr->gr_gid :
(unsigned int)runas_pw->pw_gid;
len = snprintf(cp, glsize - (cp - gid_list), "%u", (unsigned int)egid);
if (len < 0 || (size_t)len >= glsize - (cp - gid_list)) {
len = snprintf(cp, glsize, "%u", (unsigned int)egid);
if (len < 0 || (size_t)len >= glsize) {
sudo_warnx(U_("internal error, %s overflow"), __func__);
free(gid_list);
sudo_gidlist_delref(gidlist);
goto bad;
}
cp += len;
glsize -= (size_t)len;
for (i = 0; i < gidlist->ngids; i++) {
if (gidlist->gids[i] != egid) {
len = snprintf(cp, glsize - (cp - gid_list), ",%u",
(unsigned int) gidlist->gids[i]);
if (len < 0 || (size_t)len >= glsize - (cp - gid_list)) {
len = snprintf(cp, glsize, ",%u",
(unsigned int)gidlist->gids[i]);
if (len < 0 || (size_t)len >= glsize) {
sudo_warnx(U_("internal error, %s overflow"), __func__);
free(gid_list);
sudo_gidlist_delref(gidlist);
goto bad;
}
cp += len;
glsize -= (size_t)len;
}
}
command_info[info_len++] = gid_list;

6
plugins/sudoers/pwutil.c
View File

@@ -902,7 +902,8 @@ done:
}
static void
sudo_debug_group_list(const char *user, char * const *groups, int level)
sudo_debug_group_list(const char *user, char * const *groups,
unsigned int level)
{
size_t i, len = 0;
debug_decl(sudo_debug_group_list, SUDOERS_DEBUG_NSS);
@@ -918,7 +919,8 @@ sudo_debug_group_list(const char *user, char * const *groups, int level)
if (groupstr != NULL) {
char *cp = groupstr;
for (i = 0; groups[i] != NULL; i++) {
size_t n = snprintf(cp, len, "%s%s", i ? "," : "", groups[i]);
size_t n = (size_t)snprintf(cp, len, "%s%s", i ? "," : "",
groups[i]);
if (n >= len)
break;
cp += n;

20
plugins/sudoers/pwutil_impl.c
View File

@@ -270,7 +270,7 @@ PREFIX(make_gidlist_item)(const struct passwd *pw, char * const *gidstrs,
ngids = 1;
for (i = 0; gidstrs[i] != NULL; i++)
ngids++;
gids = reallocarray(NULL, ngids, sizeof(GETGROUPS_T));
gids = reallocarray(NULL, (size_t)ngids, sizeof(GETGROUPS_T));
if (gids == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to allocate memory");
@@ -301,7 +301,7 @@ PREFIX(make_gidlist_item)(const struct passwd *pw, char * const *gidstrs,
type = ENTRY_TYPE_QUERIED;
if (sudo_user.max_groups > 0) {
ngids = sudo_user.max_groups;
gids = reallocarray(NULL, ngids, sizeof(GETGROUPS_T));
gids = reallocarray(NULL, (size_t)ngids, sizeof(GETGROUPS_T));
if (gids == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to allocate memory");
@@ -328,7 +328,7 @@ PREFIX(make_gidlist_item)(const struct passwd *pw, char * const *gidstrs,
/* Allocate in one big chunk for easy freeing. */
nsize = strlen(pw->pw_name) + 1;
total = sizeof(*glitem) + nsize;
total += sizeof(gid_t *) * ngids;
total += sizeof(gid_t *) * (size_t)ngids;
if ((glitem = calloc(1, total)) == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
@@ -345,7 +345,7 @@ PREFIX(make_gidlist_item)(const struct passwd *pw, char * const *gidstrs,
gidlist = &glitem->gidlist;
cp = (char *)(glitem + 1);
gidlist->gids = (gid_t *)cp;
cp += sizeof(gid_t) * ngids;
cp += sizeof(gid_t) * (size_t)ngids;
/* Set key and datum. */
memcpy(cp, pw->pw_name, nsize);
@@ -390,7 +390,7 @@ PREFIX(make_grlist_item)(const struct passwd *pw, char * const *unused1)
}
#ifdef _SC_LOGIN_NAME_MAX
groupname_len = MAX(sysconf(_SC_LOGIN_NAME_MAX), 32);
groupname_len = MAX((size_t)sysconf(_SC_LOGIN_NAME_MAX), 32);
#else
groupname_len = MAX(LOGIN_NAME_MAX, 32);
#endif
@@ -398,8 +398,8 @@ PREFIX(make_grlist_item)(const struct passwd *pw, char * const *unused1)
/* Allocate in one big chunk for easy freeing. */
nsize = strlen(pw->pw_name) + 1;
total = sizeof(*grlitem) + nsize;
total += sizeof(char *) * gidlist->ngids;
total += groupname_len * gidlist->ngids;
total += sizeof(char *) * (size_t)gidlist->ngids;
total += groupname_len * (size_t)gidlist->ngids;
again:
if ((grlitem = calloc(1, total)) == NULL) {
@@ -417,7 +417,7 @@ again:
grlist = &grlitem->grlist;
cp = (char *)(grlitem + 1);
grlist->groups = (char **)cp;
cp += sizeof(char *) * gidlist->ngids;
cp += sizeof(char *) * (size_t)gidlist->ngids;
/* Set key and datum. */
memcpy(cp, pw->pw_name, nsize);
@@ -437,7 +437,7 @@ again:
for (i = 0; i < gidlist->ngids; i++) {
if ((grp = sudo_getgrgid(gidlist->gids[i])) != NULL) {
len = strlen(grp->gr_name) + 1;
if (cp - (char *)grlitem + len > total) {
if ((size_t)(cp - (char *)grlitem) + len > total) {
total += len + groupname_len;
free(grlitem);
sudo_gr_delref(grp);
@@ -449,7 +449,7 @@ again:
sudo_gr_delref(grp);
}
}
grlist->ngroups = ngroups;
grlist->ngroups = (int)ngroups;
sudo_gidlist_delref(gidlist);
#ifdef HAVE_SETAUTHDB

18
plugins/sudoers/regress/fuzz/fuzz_policy.c
View File

@@ -435,11 +435,11 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
break;
case PASS_CHECK_LOG_LOCAL: {
/* sudo command w/ local I/O logging (MODE_RUN) */
sudoers_policy.check_policy(argv.len, argv.entries,
sudoers_policy.check_policy((int)argv.len, argv.entries,
env_add.entries, &command_info, &argv_out, &user_env_out,
&errstr);
/* call check_policy() again to check for leaks. */
sudoers_policy.check_policy(argv.len, argv.entries,
sudoers_policy.check_policy((int)argv.len, argv.entries,
env_add.entries, &command_info, &argv_out, &user_env_out,
&errstr);
/* sudo_auth_begin_session() is stubbed out below. */
@@ -448,11 +448,11 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
}
case PASS_CHECK_LOG_REMOTE:
/* sudo command w/ remote I/O logging (MODE_RUN) */
sudoers_policy.check_policy(argv.len, argv.entries,
sudoers_policy.check_policy((int)argv.len, argv.entries,
env_add.entries, &command_info, &argv_out, &user_env_out,
&errstr);
/* call check_policy() again to check for leaks. */
sudoers_policy.check_policy(argv.len, argv.entries,
sudoers_policy.check_policy((int)argv.len, argv.entries,
env_add.entries, &command_info, &argv_out, &user_env_out,
&errstr);
/* sudo_auth_begin_session() is stubbed out below. */
@@ -460,7 +460,7 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
break;
case PASS_CHECK_NOT_FOUND:
/* sudo command (not found) */
sudoers_policy.check_policy(argv.len, argv.entries,
sudoers_policy.check_policy((int)argv.len, argv.entries,
env_add.entries, &command_info, &argv_out, &user_env_out,
&errstr);
/* sudo_auth_begin_session() is stubbed out below. */
@@ -468,11 +468,11 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
break;
case PASS_CHECK_NOT_FOUND_DOT:
/* sudo command (found but in cwd) */
sudoers_policy.check_policy(argv.len, argv.entries,
sudoers_policy.check_policy((int)argv.len, argv.entries,
env_add.entries, &command_info, &argv_out, &user_env_out,
&errstr);
/* call check_policy() again to check for leaks. */
sudoers_policy.check_policy(argv.len, argv.entries,
sudoers_policy.check_policy((int)argv.len, argv.entries,
env_add.entries, &command_info, &argv_out, &user_env_out,
&errstr);
/* sudo_auth_begin_session() is stubbed out below. */
@@ -492,10 +492,10 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
break;
case PASS_LIST_CHECK:
/* sudo -l command (MODE_CHECK) */
sudoers_policy.list(argv.len, argv.entries, false, NULL,
sudoers_policy.list((int)argv.len, argv.entries, false, NULL,
&errstr);
/* call list() again to check for leaks. */
sudoers_policy.list(argv.len, argv.entries, false, NULL,
sudoers_policy.list((int)argv.len, argv.entries, false, NULL,
&errstr);
break;
case PASS_VALIDATE:

2
plugins/sudoers/regress/parser/check_addr.c
View File

@@ -52,7 +52,7 @@ check_addr(char *input)
cp = input + len;
while (isspace((unsigned char)*cp))
cp++;
expected = sudo_strtonum(cp, 0, 1, &errstr);
expected = (int)sudo_strtonum(cp, 0, 1, &errstr);
if (errstr != NULL)
sudo_fatalx("expecting 0 or 1, got %s", cp);
input[len] = '\0';

27
plugins/sudoers/regress/parser/check_fill.c
View File

@@ -48,8 +48,8 @@ YYSTYPE sudoerslval;
struct fill_test {
const char *input;
const char *output;
int len;
int addspace;
size_t len;
bool addspace;
};
/*
@@ -82,16 +82,16 @@ static struct fill_test cmd_data[] = {
* Arguments get appended.
*/
static struct fill_test args_data[] = {
{ "/", "/", 0, 0 },
{ "-type", "/ -type", 0, 1 },
{ "f", "/ -type f", 0, 1 },
{ "-exec", "/ -type f -exec", 0, 1 },
{ "ls", "/ -type f -exec ls", 0, 1 },
{ "{}", "/ -type f -exec ls {}", 0, 1 }
{ "/", "/", 0, false },
{ "-type", "/ -type", 0, true },
{ "f", "/ -type f", 0, true },
{ "-exec", "/ -type f -exec", 0, true },
{ "ls", "/ -type f -exec ls", 0, true },
{ "{}", "/ -type f -exec ls {}", 0, true }
};
static int
check_fill(const char *input, int len, int addspace, const char *expect, char **resultp)
check_fill(const char *input, size_t len, bool addspace, const char *expect, char **resultp)
{
if (sudoerslval.string != NULL) {
free(sudoerslval.string);
@@ -104,7 +104,7 @@ check_fill(const char *input, int len, int addspace, const char *expect, char **
}
static int
check_fill_cmnd(const char *input, int len, int addspace, const char *expect, char **resultp)
check_fill_cmnd(const char *input, size_t len, bool addspace, const char *expect, char **resultp)
{
if (sudoerslval.command.cmnd != NULL) {
free(sudoerslval.command.cmnd);
@@ -117,7 +117,7 @@ check_fill_cmnd(const char *input, int len, int addspace, const char *expect, ch
}
static int
check_fill_args(const char *input, int len, int addspace, const char *expect, char **resultp)
check_fill_args(const char *input, size_t len, bool addspace, const char *expect, char **resultp)
{
/* Must not free old sudoerslval.command.args as gets appended to. */
if (!fill_args(input, len, addspace))
@@ -127,11 +127,12 @@ check_fill_args(const char *input, int len, int addspace, const char *expect, ch
}
static int
do_tests(int (*checker)(const char *, int, int, const char *, char **),
do_tests(int (*checker)(const char *, size_t, bool, const char *, char **),
struct fill_test *data, size_t ntests)
{
int len, errors = 0;
int errors = 0;
unsigned int i;
size_t len;
char *result;
for (i = 0; i < ntests; i++) {

36
plugins/sudoers/set_perms.c
View File

@@ -42,6 +42,10 @@
#include "sudoers.h"
#include "check.h"
/* No change when passed to setresuid(), etc. */
#define NO_UID (uid_t)-1
#define NO_GID (gid_t)-1
/*
* Prototypes
*/
@@ -72,9 +76,9 @@ static struct perm_state perm_stack[PERM_STACK_MAX];
static int perm_stack_depth = 0;
#undef ID
#define ID(x) (state->x == ostate->x ? (uid_t)-1 : state->x)
#define ID(x) (state->x == ostate->x ? NO_UID : state->x)
#undef OID
#define OID(x) (ostate->x == state->x ? (uid_t)-1 : ostate->x)
#define OID(x) (ostate->x == state->x ? NO_UID : ostate->x)
bool
rewind_perms(void)
@@ -396,7 +400,7 @@ restore_perms(void)
/* XXX - more cases here where euid != ruid */
if (OID(euid) == ROOT_UID) {
if (setresuid(-1, ROOT_UID, -1)) {
if (setresuid(NO_UID, ROOT_UID, NO_UID)) {
sudo_warn("setresuid() [%d, %d, %d] -> [%d, %d, %d]",
(int)state->ruid, (int)state->euid, (int)state->suid,
-1, ROOT_UID, -1);
@@ -742,7 +746,7 @@ restore_perms(void)
__func__, (int)state->rgid, (int)state->egid, (int)state->sgid,
(int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid);
if (OID(ruid) != (uid_t)-1 || OID(euid) != (uid_t)-1 || OID(suid) != (uid_t)-1) {
if (OID(ruid) != NO_UID || OID(euid) != NO_UID || OID(suid) != NO_UID) {
if (OID(euid) == ROOT_UID) {
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: setuidx(ID_EFFECTIVE, %d)",
__func__, ROOT_UID);
@@ -763,7 +767,7 @@ restore_perms(void)
(int)OID(ruid), (int)OID(euid), (int)OID(suid));
goto bad;
}
} else if (OID(ruid) == (uid_t)-1 && OID(suid) == (uid_t)-1) {
} else if (OID(ruid) == NO_UID && OID(suid) == NO_UID) {
/* May have already changed euid to ROOT_UID above. */
if (OID(euid) != ROOT_UID) {
sudo_debug_printf(SUDO_DEBUG_INFO,
@@ -775,7 +779,7 @@ restore_perms(void)
goto bad;
}
}
} else if (OID(suid) == (uid_t)-1) {
} else if (OID(suid) == NO_UID) {
/* Cannot set the real uid alone. */
sudo_debug_printf(SUDO_DEBUG_INFO,
"%s: setuidx(ID_REAL|ID_EFFECTIVE, %d)", __func__, OID(ruid));
@@ -796,7 +800,7 @@ restore_perms(void)
}
}
}
if (OID(rgid) != (gid_t)-1 || OID(egid) != (gid_t)-1 || OID(sgid) != (gid_t)-1) {
if (OID(rgid) != NO_GID || OID(egid) != NO_GID || OID(sgid) != NO_GID) {
if (OID(rgid) == OID(egid) && OID(egid) == OID(sgid)) {
sudo_debug_printf(SUDO_DEBUG_INFO,
"%s: setgidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
@@ -807,7 +811,7 @@ restore_perms(void)
(int)OID(rgid), (int)OID(egid), (int)OID(sgid));
goto bad;
}
} else if (OID(rgid) == (gid_t)-1 && OID(sgid) == (gid_t)-1) {
} else if (OID(rgid) == NO_GID && OID(sgid) == NO_GID) {
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: setgidx(ID_EFFECTIVE, %d)",
__func__, (int)OID(egid));
if (setgidx(ID_EFFECTIVE, OID(egid))) {
@@ -816,7 +820,7 @@ restore_perms(void)
(int)OID(rgid), (int)OID(egid), (int)OID(sgid));
goto bad;
}
} else if (OID(sgid) == (gid_t)-1) {
} else if (OID(sgid) == NO_GID) {
sudo_debug_printf(SUDO_DEBUG_INFO,
"%s: setgidx(ID_EFFECTIVE|ID_REAL, %d)", __func__, OID(rgid));
if (setgidx(ID_REAL|ID_EFFECTIVE, OID(rgid))) {
@@ -904,14 +908,14 @@ set_perms(int perm)
* setreuid(0, 0) may fail on some systems if euid is not already 0.
*/
if (ostate->euid != ROOT_UID) {
if (setreuid(-1, ROOT_UID)) {
if (setreuid(NO_UID, ROOT_UID)) {
(void)snprintf(errbuf, sizeof(errbuf),
"PERM_ROOT: setreuid(-1, %d)", ROOT_UID);
goto bad;
}
}
if (ostate->ruid != ROOT_UID) {
if (setreuid(ROOT_UID, -1)) {
if (setreuid(ROOT_UID, NO_UID)) {
(void)snprintf(errbuf, sizeof(errbuf),
"PERM_ROOT: setreuid(%d, -1)", ROOT_UID);
goto bad;
@@ -1121,7 +1125,7 @@ restore_perms(void)
if (OID(euid) == ROOT_UID) {
/* setuid() may not set the saved ID unless the euid is ROOT_UID */
if (ID(euid) != ROOT_UID) {
if (setreuid(-1, ROOT_UID) != 0) {
if (setreuid(NO_UID, ROOT_UID) != 0) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
"setreuid() [%d, %d] -> [-1, %d)", (int)state->ruid,
(int)state->euid, ROOT_UID);
@@ -1441,7 +1445,7 @@ restore_perms(void)
goto bad;
}
if (OID(egid) != (gid_t)-1 && setegid(ostate->egid)) {
if (OID(egid) != NO_GID && setegid(ostate->egid)) {
sudo_warn("setegid(%d)", (int)ostate->egid);
goto bad;
}
@@ -1451,7 +1455,7 @@ restore_perms(void)
goto bad;
}
}
if (OID(euid) != (uid_t)-1 && seteuid(ostate->euid)) {
if (OID(euid) != NO_UID && seteuid(ostate->euid)) {
sudo_warn("seteuid(%d)", (int)ostate->euid);
goto bad;
}
@@ -1593,7 +1597,7 @@ restore_perms(void)
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: gid: [%d] -> [%d]",
__func__, (int)state->rgid, (int)ostate->rgid);
if (OID(rgid) != (gid_t)-1 && setgid(ostate->rgid)) {
if (OID(rgid) != NO_GID && setgid(ostate->rgid)) {
sudo_warn("setgid(%d)", (int)ostate->rgid);
goto bad;
}
@@ -1604,7 +1608,7 @@ restore_perms(void)
}
}
sudo_gidlist_delref(state->gidlist);
if (OID(ruid) != (uid_t)-1 && setuid(ostate->ruid)) {
if (OID(ruid) != NO_UID && setuid(ostate->ruid)) {
sudo_warn("setuid(%d)", (int)ostate->ruid);
goto bad;
}

3
plugins/sudoers/sssd.c
View File

@@ -489,7 +489,8 @@ sudo_sss_result_get(const struct sudo_nss *nss, struct passwd *pw)
{
struct sudo_sss_handle *handle = nss->handle;
struct sss_sudo_result *sss_result = NULL;
uint32_t sss_error = 0, rc;
uint32_t sss_error = 0;
int rc;
debug_decl(sudo_sss_result_get, SUDOERS_DEBUG_SSSD);
sudo_debug_printf(SUDO_DEBUG_DIAG, " username=%s", pw->pw_name);

18
plugins/sudoers/starttime.c
View File

@@ -129,8 +129,8 @@ get_starttime(pid_t pid, struct timespec *starttime)
TIMEVAL_TO_TIMESPEC(&ki_proc->kp_proc.p_starttime, starttime);
#else
/* NetBSD and OpenBSD */
starttime->tv_sec = ki_proc->p_ustart_sec;
starttime->tv_nsec = ki_proc->p_ustart_usec * 1000;
starttime->tv_sec = (time_t)ki_proc->p_ustart_sec;
starttime->tv_nsec = (long)(ki_proc->p_ustart_usec * 1000);
#endif
sudo_debug_printf(SUDO_DEBUG_INFO,
"%s: start time for %d: { %lld, %ld }", __func__,
@@ -201,7 +201,7 @@ get_starttime(pid_t pid, struct timespec *starttime)
(void)snprintf(path, sizeof(path), "/proc/%u/stat", (unsigned int)pid);
if ((fd = open(path, O_RDONLY | O_NOFOLLOW)) != -1) {
cp = buf;
while ((nread = read(fd, cp, buf + sizeof(buf) - cp)) != 0) {
while ((nread = read(fd, cp, sizeof(buf) - (size_t)(cp - buf))) != 0) {
if (nread == -1) {
if (errno == EAGAIN || errno == EINTR)
continue;
@@ -211,7 +211,7 @@ get_starttime(pid_t pid, struct timespec *starttime)
if (cp >= buf + sizeof(buf))
break;
}
if (nread == 0 && memchr(buf, '\0', cp - buf) == NULL) {
if (nread == 0 && memchr(buf, '\0', (size_t)(cp - buf)) == NULL) {
/*
* Field 22 is the start time (%ull).
* Since the process name at field 2 "(comm)" may include
@@ -245,9 +245,9 @@ get_starttime(pid_t pid, struct timespec *starttime)
goto done;
/* Convert from ticks to timespec */
starttime->tv_sec = ullval / tps;
starttime->tv_sec = (time_t)(ullval / tps);
starttime->tv_nsec =
(ullval % tps) * (1000000000 / tps);
(long)(ullval % tps) * (1000000000 / tps);
ret = 0;
sudo_debug_printf(SUDO_DEBUG_INFO,
@@ -290,7 +290,7 @@ get_starttime(pid_t pid, struct timespec *starttime)
*/
rc = pstat_getproc(&pst, sizeof(pst), 0, pid);
if (rc != -1 || errno == EOVERFLOW) {
starttime->tv_sec = pst.pst_start;
starttime->tv_sec = (time_t)pst.pst_start;
starttime->tv_nsec = 0;
sudo_debug_printf(SUDO_DEBUG_INFO,
@@ -319,8 +319,8 @@ get_starttime(pid_t pid, struct timespec *starttime)
count = sizeof(info) / sizeof(integer_t);
error = task_info(target, TASK_BASIC_INFO, (task_info_t)&info, &count);
if (error == KERN_SUCCESS) {
starttime->tv_sec = info.creation_time.seconds;
starttime->tv_nsec = info.creation_time.microseconds * 1000;
starttime->tv_sec = (time_t)info.creation_time.seconds;
starttime->tv_nsec = (long)(info.creation_time.microseconds * 1000);
debug_return_int(0);
}
}

14
plugins/sudoers/sudoers.c
View File

@@ -623,13 +623,13 @@ sudoers_check_cmnd(int argc, char * const argv[], char *env_add[],
sudoers_gc_remove(GC_PTR, NewArgv);
free(NewArgv);
}
NewArgv = reallocarray(NULL, argc + 2, sizeof(char *));
NewArgv = reallocarray(NULL, (size_t)argc + 2, sizeof(char *));
if (NewArgv == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
goto error;
}
sudoers_gc_add(GC_PTR, NewArgv);
memcpy(NewArgv, argv, argc * sizeof(char *));
memcpy(NewArgv, argv, (size_t)argc * sizeof(char *));
NewArgc = argc;
NewArgv[NewArgc] = NULL;
if (ISSET(sudo_mode, MODE_LOGIN_SHELL) && runas_pw != NULL) {
@@ -691,7 +691,7 @@ sudoers_check_cmnd(int argc, char * const argv[], char *env_add[],
if (NewArgc > 1 && strcmp(NewArgv[0], "-bash") == 0 &&
strcmp(NewArgv[1], "-c") == 0) {
/* We allocated extra space for the --login above. */
memmove(&NewArgv[2], &NewArgv[1], sizeof(char *) * NewArgc);
memmove(&NewArgv[2], &NewArgv[1], (size_t)NewArgc * sizeof(char *));
NewArgv[1] = (char *)"--login";
NewArgc++;
}
@@ -896,7 +896,7 @@ sudoers_list(int argc, char * const argv[], const char *list_user, bool verbose)
}
}
NewArgv = reallocarray(NULL, argc + 2, sizeof(char *));
NewArgv = reallocarray(NULL, (size_t)argc + 2, sizeof(char *));
if (NewArgv == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
goto done;
@@ -904,7 +904,7 @@ sudoers_list(int argc, char * const argv[], const char *list_user, bool verbose)
sudoers_gc_add(GC_PTR, NewArgv);
NewArgv[0] = (char *)"list";
if (argc != 0)
memcpy(NewArgv + 1, argv, argc * sizeof(char *));
memcpy(NewArgv + 1, argv, (size_t)argc * sizeof(char *));
NewArgc = argc + 1;
NewArgv[NewArgc] = NULL;
@@ -1720,7 +1720,7 @@ cb_syslog_maxlen(const char *file, int line, int column,
{
debug_decl(cb_syslog_maxlen, SUDOERS_DEBUG_PLUGIN);
eventlog_set_syslog_maxlen(sd_un->ival);
eventlog_set_syslog_maxlen((size_t)sd_un->ival);
debug_return_bool(true);
}
@@ -1731,7 +1731,7 @@ cb_loglinelen(const char *file, int line, int column,
{
debug_decl(cb_loglinelen, SUDOERS_DEBUG_PLUGIN);
eventlog_set_file_maxlen(sd_un->ival);
eventlog_set_file_maxlen((size_t)sd_un->ival);
debug_return_bool(true);
}

39
plugins/sudoers/sudoreplay.c
View File

@@ -90,9 +90,9 @@ struct replay_closure {
bool interactive;
bool suspend_wait;
struct io_buffer {
unsigned int len; /* buffer length (how much produced) */
unsigned int off; /* write position (how much already consumed) */
unsigned int toread; /* how much remains to be read */
size_t len; /* buffer length (how much produced) */
size_t off; /* write position (how much already consumed) */
size_t toread; /* how much remains to be read */
int lastc; /* last char written */
char buf[64 * 1024];
} iobuf;
@@ -269,9 +269,9 @@ main(int argc, char *argv[])
if (dval <= 0.0) {
sudo_timespecclear(&max_delay_storage);
} else {
max_delay_storage.tv_sec = dval;
max_delay_storage.tv_nsec =
(dval - max_delay_storage.tv_sec) * 1000000000.0;
max_delay_storage.tv_sec = (time_t)dval;
max_delay_storage.tv_nsec = (long)
((dval - (double)max_delay_storage.tv_sec) * 1000000000.0);
}
max_delay = &max_delay_storage;
break;
@@ -857,7 +857,7 @@ fill_iobuf(struct replay_closure *closure)
if (nread <= 0) {
if (nread == 0) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"%s/%s: premature EOF, expected %u bytes",
"%s/%s: premature EOF, expected %zu bytes",
closure->iolog_dir, iolog_fd_to_name(timing->event),
closure->iobuf.toread);
} else {
@@ -869,8 +869,8 @@ fill_iobuf(struct replay_closure *closure)
closure->iolog_dir, iolog_fd_to_name(timing->event), errstr);
debug_return_bool(false);
}
closure->iobuf.toread -= nread;
closure->iobuf.len += nread;
closure->iobuf.toread -= (size_t)nread;
closure->iobuf.len += (size_t)nread;
}
debug_return_bool(true);
@@ -1096,10 +1096,11 @@ write_output(int fd, int what, void *v)
struct replay_closure *closure = v;
const struct timing_closure *timing = &closure->timing;
struct io_buffer *iobuf = &closure->iobuf;
unsigned iovcnt = 1;
int iovcnt = 1;
struct iovec iov[2];
bool added_cr = false;
size_t nbytes, nwritten;
size_t nbytes;
ssize_t nwritten;
debug_decl(write_output, SUDO_DEBUG_UTIL);
/* Refill iobuf if there is more to read and buf is empty. */
@@ -1136,7 +1137,7 @@ write_output(int fd, int what, void *v)
}
nwritten = writev(fd, iov, iovcnt);
switch ((ssize_t)nwritten) {
switch (nwritten) {
case -1:
if (errno != EINTR && errno != EAGAIN)
sudo_fatal(U_("unable to write to %s"), "stdout");
@@ -1145,9 +1146,9 @@ write_output(int fd, int what, void *v)
/* Should not happen. */
break;
default:
if (added_cr && nwritten >= nbytes - 1) {
if (added_cr && (size_t)nwritten >= nbytes - 1) {
/* The last char written was either '\r' or '\n'. */
iobuf->lastc = nwritten == nbytes ? '\n' : '\r';
iobuf->lastc = (size_t)nwritten == nbytes ? '\n' : '\r';
} else {
/* Stash the last char written. */
iobuf->lastc = *((char *)iov[0].iov_base + nwritten);
@@ -1156,7 +1157,7 @@ write_output(int fd, int what, void *v)
/* Subtract one for the carriage return we added above. */
nwritten--;
}
iobuf->off += nwritten;
iobuf->off += (size_t)nwritten;
break;
}
@@ -1266,7 +1267,7 @@ parse_expr(struct search_node_list *head, char *argv[], bool sub_expr)
goto bad;
if (!sub_expr)
sudo_fatalx("%s", U_("unmatched ')' in expression"));
debug_return_int(av - argv + 1);
debug_return_int((int)(av - argv) + 1);
default:
bad:
sudo_fatalx(U_("unknown search term \"%s\""), *av);
@@ -1309,7 +1310,7 @@ parse_expr(struct search_node_list *head, char *argv[], bool sub_expr)
if (not)
sudo_fatalx("%s", U_("illegal trailing \"!\""));
debug_return_int(av - argv);
debug_return_int((int)(av - argv));
}
static char *
@@ -1550,11 +1551,11 @@ find_sessions(const char *dir, regex_t *re, const char *user, const char *tty)
/* Check for dir with a log file. */
if (lstat(pathbuf, &sb) == 0 && S_ISREG(sb.st_mode)) {
pathbuf[sdlen + len - 4] = '\0';
pathbuf[sdlen + (size_t)(len - 4)] = '\0';
list_session(&lbuf, pathbuf, re, user, tty);
} else {
/* Strip off "/log" and recurse if a non-log dir. */
pathbuf[sdlen + len - 4] = '\0';
pathbuf[sdlen + (size_t)(len - 4)] = '\0';
if (checked_type ||
(lstat(pathbuf, &sb) == 0 && S_ISDIR(sb.st_mode)))
find_sessions(pathbuf, re, user, tty);

4
plugins/sudoers/testsudoers.c
View File

@@ -264,8 +264,8 @@ main(int argc, char *argv[])
if ((user_args = malloc(size)) == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
for (to = user_args, from = argv; *from; from++) {
n = strlcpy(to, *from, size - (to - user_args));
if (n >= size - (to - user_args))
n = strlcpy(to, *from, size - (size_t)(to - user_args));
if (n >= size - (size_t)(to - user_args))
sudo_fatalx(U_("internal error, %s overflow"), getprogname());
to += n;
*to++ = ' ';

4
plugins/sudoers/timeout.c
View File

@@ -50,7 +50,7 @@ parse_timeout(const char *timestr)
do {
char *ep;
char ch;
int ch;
long l;
/* Parse number, must be present and positive. */
@@ -99,7 +99,7 @@ parse_timeout(const char *timestr)
}
cp = ep;
timeout += l;
timeout += (int)l;
} while (*cp != '\0');
debug_return_int(timeout);

11
plugins/sudoers/timestamp.c
View File

@@ -390,8 +390,8 @@ ts_write(int fd, const char *fname, struct timestamp_entry *entry, off_t offset)
* based on auth user pw. Does not set the time stamp.
*/
static void
ts_init_key(struct timestamp_entry *entry, struct passwd *pw, int flags,
enum def_tuple ticket_type)
ts_init_key(struct timestamp_entry *entry, struct passwd *pw,
unsigned short flags, enum def_tuple ticket_type)
{
struct stat sb;
debug_decl(ts_init_key, SUDOERS_DEBUG_AUTH);
@@ -438,7 +438,8 @@ ts_init_key(struct timestamp_entry *entry, struct passwd *pw, int flags,
}
static void
ts_init_key_nonglobal(struct timestamp_entry *entry, struct passwd *pw, int flags)
ts_init_key_nonglobal(struct timestamp_entry *entry, struct passwd *pw,
unsigned short flags)
{
/*
* Even if the timestamp type is global or kernel we still want to do
@@ -701,7 +702,7 @@ timestamp_lock(void *vcookie, struct passwd *pw)
/* Old sudo record, convert it to TS_LOCKEXCL. */
entry.type = TS_LOCKEXCL;
memset((char *)&entry + offsetof(struct timestamp_entry, flags), 0,
nread - offsetof(struct timestamp_entry, flags));
(size_t)nread - offsetof(struct timestamp_entry, flags));
if (ts_write(cookie->fd, cookie->fname, &entry, 0) == -1)
debug_return_bool(false);
} else {
@@ -977,7 +978,7 @@ timestamp_update(void *vcookie, struct passwd *pw)
if (def_timestamp_type == kernel) {
int fd = open(_PATH_TTY, O_RDWR);
if (fd != -1) {
int secs = def_timestamp_timeout.tv_sec;
int secs = (int)def_timestamp_timeout.tv_sec;
if (secs > 0) {
if (secs > 3600)
secs = 3600; /* OpenBSD limitation */

36
plugins/sudoers/toke.c
View File

@@ -3324,7 +3324,7 @@ static int prev_state;
static unsigned int digest_type = SUDO_DIGEST_INVALID;
static bool pop_include(void);
static yy_size_t sudoers_input(char *buf, yy_size_t max_size);
static int sudoers_input(char *buf, yy_size_t max_size);
#ifndef TRACELEXER
static struct sudo_lbuf trace_lbuf;
@@ -3332,18 +3332,18 @@ static struct sudo_lbuf trace_lbuf;
int (*trace_print)(const char *msg) = sudoers_trace_print;
#define ECHO ignore_result(fwrite(sudoerstext, sudoersleng, 1, sudoersout))
#define ECHO ignore_result(fwrite(sudoerstext, (size_t)sudoersleng, 1, sudoersout))
#define YY_INPUT(buf, result, max_size) (result) = sudoers_input(buf, max_size)
#define YY_INPUT(buf, result, max_size) (result) = sudoers_input(buf, (yy_size_t)(max_size))
#define YY_USER_ACTION do { \
sudolinebuf.toke_start = sudolinebuf.toke_end; \
sudolinebuf.toke_end += sudoersleng; \
sudolinebuf.toke_end += (size_t)sudoersleng; \
} while (0);
#define sudoersless(n) do { \
sudolinebuf.toke_end = sudolinebuf.toke_start + (n); \
yyless(n); \
sudolinebuf.toke_end = sudolinebuf.toke_start + (size_t)(n); \
yyless((int)n); \
} while (0);
#line 3344 "toke.c"
@@ -3906,9 +3906,9 @@ YY_RULE_SETUP
#line 319 "toke.l"
{
/* Only return DIGEST if the length is correct. */
yy_size_t digest_len =
int digest_len =
sudo_digest_getlen(digest_type);
if ((yy_size_t)sudoersleng == digest_len * 2) {
if (sudoersleng == digest_len * 2) {
if (!fill(sudoerstext, sudoersleng))
yyterminate();
BEGIN INITIAL;
@@ -3924,7 +3924,7 @@ YY_RULE_SETUP
#line 334 "toke.l"
{
/* Only return DIGEST if the length is correct. */
yy_size_t len, digest_len =
int len, digest_len =
sudo_digest_getlen(digest_type);
if (sudoerstext[sudoersleng - 1] == '=') {
/* use padding */
@@ -3933,7 +3933,7 @@ YY_RULE_SETUP
/* no padding */
len = (4 * digest_len + 2) / 3;
}
if ((yy_size_t)sudoersleng == len) {
if (sudoersleng == len) {
if (!fill(sudoerstext, sudoersleng))
yyterminate();
BEGIN INITIAL;
@@ -5987,7 +5987,7 @@ expand_include(const char *src)
dst_size = 0;
for (cp = sudo_strsplit(path, path_end, ":", &ep); cp != NULL;
cp = sudo_strsplit(NULL, path_end, ":", &ep)) {
char *dirend = memrchr(cp, '/', ep - cp);
char *dirend = memrchr(cp, '/', (size_t)(ep - cp));
if (dirend != NULL) {
dst_size += (size_t)(dirend - cp) + 1;
}
@@ -6014,7 +6014,7 @@ expand_include(const char *src)
dst_size--;
}
dirend = memrchr(cp, '/', ep - cp);
dirend = memrchr(cp, '/', (size_t)(ep - cp));
if (dirend != NULL) {
len = (size_t)(dirend - cp) + 1;
if (len >= dst_size)
@@ -6250,7 +6250,7 @@ sudoers_trace_print(const char *msg)
int
sudoers_trace_print(const char *msg)
{
const int sudo_debug_subsys = SUDOERS_DEBUG_PARSER;
const unsigned int sudo_debug_subsys = SUDOERS_DEBUG_PARSER;
if (sudo_debug_needed(SUDO_DEBUG_DEBUG)) {
sudo_lbuf_append(&trace_lbuf, "%s", msg);
@@ -6273,7 +6273,7 @@ sudoers_trace_print(const char *msg)
* On success, buf is guaranteed to end in a newline and not contain
* embedded NULs. Calls YY_FATAL_ERROR on error.
*/
static yy_size_t
static int
sudoers_input(char *buf, yy_size_t max_size)
{
char *cp;
@@ -6291,12 +6291,12 @@ sudoers_input(char *buf, yy_size_t max_size)
if (ch == EOF)
goto sudoers_eof;
ungetc(ch, sudoersin);
avail = getdelim(&sudolinebuf.buf, &sudolinebuf.size, '\n', sudoersin);
avail = (size_t)getdelim(&sudolinebuf.buf, &sudolinebuf.size, '\n', sudoersin);
if (avail == (size_t)-1) {
sudoers_eof:
/* EOF or error. */
if (feof(sudoersin))
return 0;
debug_return_int(0);
YY_FATAL_ERROR("input in flex scanner failed");
}
@@ -6314,7 +6314,7 @@ sudoers_eof:
cp = realloc(sudolinebuf.buf, avail + 2);
if (cp == NULL) {
YY_FATAL_ERROR("unable to allocate memory");
return 0;
debug_return_int(0);
}
sudolinebuf.buf = cp;
sudolinebuf.size = avail + 2;
@@ -6336,6 +6336,6 @@ sudoers_eof:
memcpy(buf, sudolinebuf.buf + sudolinebuf.off, avail);
sudolinebuf.off += avail;
debug_return_size_t(avail);
debug_return_int((int)avail);
}

8
plugins/sudoers/toke.h
View File

@@ -34,10 +34,10 @@ extern struct sudolinebuf sudolinebuf;
extern int sudolineno;
extern char *sudoers_search_path;
bool append(const char *, size_t);
bool fill_args(const char *, size_t, int);
bool fill_cmnd(const char *, size_t);
bool fill(const char *, size_t);
bool append(const char *, int);
bool fill_args(const char *, int, bool);
bool fill_cmnd(const char *, int);
bool fill(const char *, int);
void init_lexer(void);
bool ipv6_valid(const char *s);
int sudoers_trace_print(const char *);

36
plugins/sudoers/toke.l
View File

@@ -64,7 +64,7 @@ static int prev_state;
static unsigned int digest_type = SUDO_DIGEST_INVALID;
static bool pop_include(void);
static yy_size_t sudoers_input(char *buf, yy_size_t max_size);
static int sudoers_input(char *buf, yy_size_t max_size);
#ifndef TRACELEXER
static struct sudo_lbuf trace_lbuf;
@@ -72,18 +72,18 @@ static struct sudo_lbuf trace_lbuf;
int (*trace_print)(const char *msg) = sudoers_trace_print;
#define ECHO ignore_result(fwrite(sudoerstext, sudoersleng, 1, sudoersout))
#define ECHO ignore_result(fwrite(sudoerstext, (size_t)sudoersleng, 1, sudoersout))
#define YY_INPUT(buf, result, max_size) (result) = sudoers_input(buf, max_size)
#define YY_INPUT(buf, result, max_size) (result) = sudoers_input(buf, (yy_size_t)(max_size))
#define YY_USER_ACTION do { \
sudolinebuf.toke_start = sudolinebuf.toke_end; \
sudolinebuf.toke_end += sudoersleng; \
sudolinebuf.toke_end += (size_t)sudoersleng; \
} while (0);
#define sudoersless(n) do { \
sudolinebuf.toke_end = sudolinebuf.toke_start + (n); \
yyless(n); \
sudolinebuf.toke_end = sudolinebuf.toke_start + (size_t)(n); \
yyless((int)n); \
} while (0);
%}
@@ -318,9 +318,9 @@ DEFVAR [a-z_]+
<WANTDIGEST>[[:xdigit:]]+ {
/* Only return DIGEST if the length is correct. */
yy_size_t digest_len =
int digest_len =
sudo_digest_getlen(digest_type);
if ((yy_size_t)sudoersleng == digest_len * 2) {
if (sudoersleng == digest_len * 2) {
if (!fill(sudoerstext, sudoersleng))
yyterminate();
BEGIN INITIAL;
@@ -333,7 +333,7 @@ DEFVAR [a-z_]+
<WANTDIGEST>[A-Za-z0-9\+/=]+ {
/* Only return DIGEST if the length is correct. */
yy_size_t len, digest_len =
int len, digest_len =
sudo_digest_getlen(digest_type);
if (sudoerstext[sudoersleng - 1] == '=') {
/* use padding */
@@ -342,7 +342,7 @@ DEFVAR [a-z_]+
/* no padding */
len = (4 * digest_len + 2) / 3;
}
if ((yy_size_t)sudoersleng == len) {
if (sudoersleng == len) {
if (!fill(sudoerstext, sudoersleng))
yyterminate();
BEGIN INITIAL;
@@ -1208,7 +1208,7 @@ expand_include(const char *src)
dst_size = 0;
for (cp = sudo_strsplit(path, path_end, ":", &ep); cp != NULL;
cp = sudo_strsplit(NULL, path_end, ":", &ep)) {
char *dirend = memrchr(cp, '/', ep - cp);
char *dirend = memrchr(cp, '/', (size_t)(ep - cp));
if (dirend != NULL) {
dst_size += (size_t)(dirend - cp) + 1;
}
@@ -1235,7 +1235,7 @@ expand_include(const char *src)
dst_size--;
}
dirend = memrchr(cp, '/', ep - cp);
dirend = memrchr(cp, '/', (size_t)(ep - cp));
if (dirend != NULL) {
len = (size_t)(dirend - cp) + 1;
if (len >= dst_size)
@@ -1471,7 +1471,7 @@ sudoers_trace_print(const char *msg)
int
sudoers_trace_print(const char *msg)
{
const int sudo_debug_subsys = SUDOERS_DEBUG_PARSER;
const unsigned int sudo_debug_subsys = SUDOERS_DEBUG_PARSER;
if (sudo_debug_needed(SUDO_DEBUG_DEBUG)) {
sudo_lbuf_append(&trace_lbuf, "%s", msg);
@@ -1494,7 +1494,7 @@ sudoers_trace_print(const char *msg)
* On success, buf is guaranteed to end in a newline and not contain
* embedded NULs. Calls YY_FATAL_ERROR on error.
*/
static yy_size_t
static int
sudoers_input(char *buf, yy_size_t max_size)
{
char *cp;
@@ -1512,12 +1512,12 @@ sudoers_input(char *buf, yy_size_t max_size)
if (ch == EOF)
goto sudoers_eof;
ungetc(ch, sudoersin);
avail = getdelim(&sudolinebuf.buf, &sudolinebuf.size, '\n', sudoersin);
avail = (size_t)getdelim(&sudolinebuf.buf, &sudolinebuf.size, '\n', sudoersin);
if (avail == (size_t)-1) {
sudoers_eof:
/* EOF or error. */
if (feof(sudoersin))
return 0;
debug_return_int(0);
YY_FATAL_ERROR("input in flex scanner failed");
}
@@ -1535,7 +1535,7 @@ sudoers_eof:
cp = realloc(sudolinebuf.buf, avail + 2);
if (cp == NULL) {
YY_FATAL_ERROR("unable to allocate memory");
return 0;
debug_return_int(0);
}
sudolinebuf.buf = cp;
sudolinebuf.size = avail + 2;
@@ -1557,5 +1557,5 @@ sudoers_eof:
memcpy(buf, sudolinebuf.buf + sudolinebuf.off, avail);
sudolinebuf.off += avail;
debug_return_size_t(avail);
debug_return_int((int)avail);
}

24
plugins/sudoers/toke_util.c
View File

@@ -37,8 +37,8 @@
#include "toke.h"
#include <gram.h>
static unsigned int arg_len = 0;
static unsigned int arg_size = 0;
static size_t arg_len = 0;
static size_t arg_size = 0;
/*
* Copy the string and collapse any escaped characters.
@@ -52,7 +52,7 @@ copy_string(char *dst, const char *src, size_t len)
while (len--) {
if (*src == '\\' && len) {
if (src[1] == 'x' && len >= 3 && (h = sudo_hexchar(src + 2)) != -1) {
*dst++ = h;
*dst++ = (char)h;
src += 4;
len -= 3;
} else {
@@ -68,8 +68,9 @@ copy_string(char *dst, const char *src, size_t len)
}
bool
fill(const char *src, size_t len)
fill(const char *src, int ilen)
{
const size_t len = (size_t)ilen;
char *dst;
debug_decl(fill, SUDOERS_DEBUG_PARSER);
@@ -87,8 +88,9 @@ fill(const char *src, size_t len)
}
bool
append(const char *src, size_t len)
append(const char *src, int ilen)
{
const size_t len = (size_t)ilen;
size_t olen = 0;
char *dst;
debug_decl(append, SUDOERS_DEBUG_PARSER);
@@ -118,8 +120,9 @@ append(const char *src, size_t len)
((c) == ',' || (c) == ':' || (c) == '=' || (c) == ' ' || (c) == '\t' || (c) == '#')
bool
fill_cmnd(const char *src, size_t len)
fill_cmnd(const char *src, int ilen)
{
const size_t len = (size_t)ilen;
char *dst;
size_t i;
debug_decl(fill_cmnd, SUDOERS_DEBUG_PARSER);
@@ -170,9 +173,10 @@ fill_cmnd(const char *src, size_t len)
}
bool
fill_args(const char *s, size_t len, int addspace)
fill_args(const char *s, int ilen, bool addspace)
{
unsigned int new_len;
size_t len = (size_t)ilen;
size_t new_len;
char *p;
debug_decl(fill_args, SUDOERS_DEBUG_PARSER);
@@ -192,7 +196,7 @@ fill_args(const char *s, size_t len, int addspace)
if (new_len >= arg_size) {
/* Allocate in increments of 128 bytes to avoid excessive realloc(). */
arg_size = (new_len + 1 + 127) & ~127;
arg_size = (new_len + 1 + 127) & ~127U;
parser_leak_remove(LEAK_PTR, sudoerslval.command.args);
p = realloc(sudoerslval.command.args, arg_size);
@@ -208,7 +212,7 @@ fill_args(const char *s, size_t len, int addspace)
p = sudoerslval.command.args + arg_len;
if (addspace)
*p++ = ' ';
len = arg_size - (p - sudoerslval.command.args);
len = arg_size - (size_t)(p - sudoerslval.command.args);
if (strlcpy(p, s, len) >= len) {
sudo_warnx(U_("internal error, %s overflow"), __func__);
parser_leak_remove(LEAK_PTR, sudoerslval.command.args);

4
plugins/sudoers/tsgetgrpw.c
View File

@@ -360,7 +360,7 @@ testsudoers_getgrouplist2(const char *name, GETGROUPS_T basegid,
grpsize = sysconf(_SC_NGROUPS_MAX);
if (grpsize < 0)
grpsize = NGROUPS_MAX;
groups = reallocarray(NULL, grpsize, 4 * sizeof(*groups));
groups = reallocarray(NULL, (size_t)grpsize, 4 * sizeof(*groups));
if (groups == NULL)
return -1;
grpsize <<= 2;
@@ -398,7 +398,7 @@ testsudoers_getgrouplist2(const char *name, GETGROUPS_T basegid,
/* Static group vector. */
goto done;
}
tmp = reallocarray(groups, grpsize, 2 * sizeof(*groups));
tmp = reallocarray(groups, (size_t)grpsize, 2 * sizeof(*groups));
if (tmp == NULL) {
free(groups);
groups = NULL;

6
plugins/sudoers/visudo.c
View File

@@ -514,7 +514,7 @@ edit_sudoers(struct sudoersfile *sp, char *editor, int editor_argc,
(void) lseek(sp->fd, (off_t)0, SEEK_SET);
while ((nread = read(sp->fd, buf, sizeof(buf))) > 0) {
if (write(tfd, buf, nread) != nread)
if (write(tfd, buf, (size_t)nread) == -1)
sudo_fatal("%s", U_("write error"));
lastch = buf[nread - 1];
}
@@ -522,7 +522,7 @@ edit_sudoers(struct sudoersfile *sp, char *editor, int editor_argc,
/* Add missing newline at EOF if needed. */
if (lastch != '\n') {
lastch = '\n';
if (write(tfd, &lastch, 1) != 1)
if (write(tfd, &lastch, 1) == -1)
sudo_fatal("%s", U_("write error"));
}
}
@@ -1068,7 +1068,7 @@ new_sudoers(const char *path, bool doedit)
cp != NULL; cp = sudo_strsplit(NULL, path_end, ":", &ep)) {
char fname[PATH_MAX];
len = ep - cp;
len = (size_t)(ep - cp);
if (len >= sizeof(fname)) {
errno = ENAMETOOLONG;
break;