Support EDITOR environment variable that includes quotes.
Quote support is limited to the beginning of a word. Also handles characters escaped with a backslash.
This commit is contained in:
Todd C. Miller
@@ -32,6 +32,82 @@
|
||||
|
||||
#include "sudoers.h"
|
||||
|
||||
/*
|
||||
* Non-destructive word-split that handles single and double quotes and
|
||||
* escaped white space. Quotes are only recognized at the start of a word.
|
||||
* They are treated as normal characters inside a word.
|
||||
*/
|
||||
static const char *
|
||||
wordsplit(const char *str, const char *endstr, const char **last)
|
||||
{
|
||||
const char *cp;
|
||||
debug_decl(wordsplit, SUDO_DEBUG_UTIL);
|
||||
|
||||
/* If no str specified, use last ptr (if any). */
|
||||
if (str == NULL) {
|
||||
str = *last;
|
||||
/* Consume end quote if present. */
|
||||
if (*str == '"' || *str == '\'')
|
||||
str++;
|
||||
}
|
||||
|
||||
/* Skip leading white space characters. */
|
||||
while (str < endstr && (*str == ' ' || *str == '\t'))
|
||||
str++;
|
||||
|
||||
/* Empty string? */
|
||||
if (str >= endstr) {
|
||||
*last = endstr;
|
||||
debug_return_ptr(NULL);
|
||||
}
|
||||
|
||||
/* If word is quoted, skip to end quote and return. */
|
||||
if (*str == '"' || *str == '\'') {
|
||||
const char *endquote = memchr(str + 1, *str, endstr - str);
|
||||
if (endquote != NULL) {
|
||||
*last = endquote;
|
||||
debug_return_const_ptr(str + 1);
|
||||
}
|
||||
}
|
||||
|
||||
/* Scan str until we encounter white space. */
|
||||
for (cp = str; cp < endstr; cp++) {
|
||||
if (*cp == '\\') {
|
||||
/* quoted char, do not interpret */
|
||||
cp++;
|
||||
continue;
|
||||
}
|
||||
if (*cp == ' ' || *cp == '\t') {
|
||||
/* end of word */
|
||||
break;
|
||||
}
|
||||
}
|
||||
*last = cp;
|
||||
debug_return_const_ptr(str);
|
||||
}
|
||||
|
||||
/* Copy len chars from string, collapsing chars escaped with a backslash. */
|
||||
static char *
|
||||
copy_arg(const char *src, size_t len)
|
||||
{
|
||||
const char *src_end = src + len;
|
||||
char *copy, *dst;
|
||||
debug_decl(copy_arg, SUDOERS_DEBUG_UTIL);
|
||||
|
||||
if ((copy = malloc(len + 1)) != NULL) {
|
||||
for (dst = copy; src < src_end; ) {
|
||||
if (*src == '\\') {
|
||||
src++;
|
||||
continue;
|
||||
}
|
||||
*dst++ = *src++;
|
||||
}
|
||||
*dst = '\0';
|
||||
}
|
||||
|
||||
debug_return_ptr(copy);
|
||||
}
|
||||
|
||||
/*
|
||||
* Search for the specified editor in the user's PATH, checking
|
||||
* the result against allowlist if non-NULL. An argument vector
|
||||
@@ -46,7 +122,7 @@ static char *
|
||||
resolve_editor(const char *ed, size_t edlen, int nfiles, char **files,
|
||||
int *argc_out, char ***argv_out, char * const *allowlist)
|
||||
{
|
||||
char **nargv, *editor, *editor_path = NULL;
|
||||
char **nargv = NULL, *editor = NULL, *editor_path = NULL;
|
||||
const char *cp, *ep, *tmp;
|
||||
const char *edend = ed + edlen;
|
||||
struct stat user_editor_sb;
|
||||
@@ -58,14 +134,12 @@ resolve_editor(const char *ed, size_t edlen, int nfiles, char **files,
|
||||
* The EDITOR and VISUAL environment variables may contain command
|
||||
* line args so look for those and alloc space for them too.
|
||||
*/
|
||||
cp = sudo_strsplit(ed, edend, " \t", &ep);
|
||||
cp = wordsplit(ed, edend, &ep);
|
||||
if (cp == NULL)
|
||||
debug_return_str(NULL);
|
||||
editor = strndup(cp, (size_t)(ep - cp));
|
||||
if (editor == NULL) {
|
||||
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
||||
debug_return_str(NULL);
|
||||
}
|
||||
editor = copy_arg(cp, ep - cp);
|
||||
if (editor == NULL)
|
||||
goto oom;
|
||||
|
||||
/* If we can't find the editor in the user's PATH, give up. */
|
||||
if (find_path(editor, &editor_path, &user_editor_sb, getenv("PATH"), NULL,
|
||||
@@ -76,30 +150,22 @@ resolve_editor(const char *ed, size_t edlen, int nfiles, char **files,
|
||||
}
|
||||
|
||||
/* Count rest of arguments and allocate editor argv. */
|
||||
for (nargc = 1, tmp = ep; sudo_strsplit(NULL, edend, " \t", &tmp) != NULL; )
|
||||
for (nargc = 1, tmp = ep; wordsplit(NULL, edend, &tmp) != NULL; )
|
||||
nargc++;
|
||||
if (nfiles != 0)
|
||||
nargc += nfiles + 1;
|
||||
nargv = reallocarray(NULL, nargc + 1, sizeof(char *));
|
||||
if (nargv == NULL) {
|
||||
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
||||
free(editor);
|
||||
free(editor_path);
|
||||
debug_return_str(NULL);
|
||||
}
|
||||
if (nargv == NULL)
|
||||
goto oom;
|
||||
|
||||
/* Fill in editor argv (assumes files[] is NULL-terminated). */
|
||||
nargv[0] = editor;
|
||||
for (nargc = 1; (cp = sudo_strsplit(NULL, edend, " \t", &ep)) != NULL; nargc++) {
|
||||
nargv[nargc] = strndup(cp, (size_t)(ep - cp));
|
||||
if (nargv[nargc] == NULL) {
|
||||
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
||||
free(editor_path);
|
||||
while (nargc--)
|
||||
free(nargv[nargc]);
|
||||
free(nargv);
|
||||
debug_return_str(NULL);
|
||||
}
|
||||
editor = NULL;
|
||||
for (nargc = 1; (cp = wordsplit(NULL, edend, &ep)) != NULL; nargc++) {
|
||||
/* Copy string, collapsing chars escaped with a backslash. */
|
||||
nargv[nargc] = copy_arg(cp, ep - cp);
|
||||
if (nargv[nargc] == NULL)
|
||||
goto oom;
|
||||
}
|
||||
if (nfiles != 0) {
|
||||
nargv[nargc++] = "--";
|
||||
@@ -111,6 +177,16 @@ resolve_editor(const char *ed, size_t edlen, int nfiles, char **files,
|
||||
*argc_out = nargc;
|
||||
*argv_out = nargv;
|
||||
debug_return_str(editor_path);
|
||||
oom:
|
||||
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
||||
free(editor);
|
||||
free(editor_path);
|
||||
if (nargv != NULL) {
|
||||
while (nargc--)
|
||||
free(nargv[nargc]);
|
||||
free(nargv);
|
||||
}
|
||||
debug_return_str(NULL);
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
Reference in New Issue
Block a user