isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Better warning message when the digest in sudoers is the wrong length.

Browse Source
This commit is contained in:
Todd C. Miller
2022-02-22 12:15:34 -07:00
parent 41bc52302b
commit b0fa769504
1 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
plugins/sudoers/match_digest.c
View File

@@ -106,10 +106,12 @@ digest_matches(int fd, const char *path, const char *runchroot,
/* Convert base64 to binary. */ /* Convert base64 to binary. */
size_t len = base64_decode(digest->digest_str, sudoers_digest, digest_len); size_t len = base64_decode(digest->digest_str, sudoers_digest, digest_len);
if (len != digest_len) { if (len != digest_len) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, if (len == (size_t)-1)
"incorrect length for digest, expected %zu, got %zu", goto bad_format;
digest_len, len); sudo_warnx(
goto bad_format; U_("digest for %s (%s) bad length %zu, expected %zu"),
path, digest->digest_str, len, digest_len);
goto done;
} }
} }
if (memcmp(file_digest, sudoers_digest, digest_len) == 0) { if (memcmp(file_digest, sudoers_digest, digest_len) == 0) {