Remove a few more unnecessary uses of fatal().

plugins/sudoers/check.c

@@ -94,6 +94,10 @@ check_user_interactive(int validated, int mode, struct passwd *auth_pw)
 	/* Expand any escapes in the prompt. */
 	prompt = expand_prompt(user_prompt ? user_prompt : def_passprompt,
 	    auth_pw->pw_name);
+	if (prompt == NULL) {
+	    rval = -1;
+	    goto done;
+	}
 
 	rval = verify_user(auth_pw, prompt, validated);
 	if (rval == true && lectured)
@@ -116,25 +120,26 @@ int
 check_user(int validated, int mode)
 {
     struct passwd *auth_pw;
-    int rval = true;
+    int rval = -1;
     debug_decl(check_user, SUDO_DEBUG_AUTH)
 
     /*
      * Init authentication system regardless of whether we need a password.
      * Required for proper PAM session support.
      */
-    auth_pw = get_authpw(mode);
+    if ((auth_pw = get_authpw(mode)) == NULL)
-    if (sudo_auth_init(auth_pw) == -1) {
+	goto done;
-	rval = -1;
+    if (sudo_auth_init(auth_pw) == -1)
 	goto done;
-    }
 
     /*
      * Don't prompt for the root passwd or if the user is exempt.
      * If the user is not changing uid/gid, no need for a password.
      */
-    if (!def_authenticate || user_is_exempt())
+    if (!def_authenticate || user_is_exempt()) {
+	rval = true;
 	goto done;
+    }
     if (user_uid == 0 || (user_uid == runas_pw->pw_uid &&
 	(!runas_gr || user_in_group(sudo_user.pw, runas_gr->gr_name)))) {
 #ifdef HAVE_SELINUX
@@ -143,8 +148,11 @@ check_user(int validated, int mode)
 #ifdef HAVE_PRIV_SET
 	if (runas_privs == NULL && runas_limitprivs == NULL)
 #endif
+	{
+	    rval = true;
 	    goto done;
 	}
+    }
 
     rval = check_user_interactive(validated, mode, auth_pw);
 
@@ -219,7 +227,7 @@ user_is_exempt(void)
 static struct passwd *
 get_authpw(int mode)
 {
-    struct passwd *pw;
+    struct passwd *pw = NULL;
     debug_decl(get_authpw, SUDO_DEBUG_AUTH)
 
     if (ISSET(mode, (MODE_CHECK|MODE_LIST))) {
@@ -229,16 +237,19 @@ get_authpw(int mode)
     } else {
 	if (def_rootpw) {
 	    if ((pw = sudo_getpwuid(ROOT_UID)) == NULL)
-		log_fatal(0, N_("unknown uid: %u"), ROOT_UID);
+		log_warning(0, N_("unknown uid: %u"), ROOT_UID);
 	} else if (def_runaspw) {
 	    if ((pw = sudo_getpwnam(def_runas_default)) == NULL)
-		log_fatal(0, N_("unknown user: %s"), def_runas_default);
+		log_warning(0, N_("unknown user: %s"), def_runas_default);
 	} else if (def_targetpw) {
-	    if (runas_pw->pw_name == NULL)
+	    if (runas_pw->pw_name == NULL) {
-		log_fatal(NO_MAIL|MSG_ONLY, N_("unknown uid: %u"),
+		/* This should never be NULL as we fake up the passwd struct */
+		log_warning(NO_MAIL|MSG_ONLY, N_("unknown uid: %u"),
 		    (unsigned int) runas_pw->pw_uid);
+	    } else {
 		sudo_pw_addref(runas_pw);
 		pw = runas_pw;
+	    }
 	} else {
 	    sudo_pw_addref(sudo_user.pw);
 	    pw = sudo_user.pw;

plugins/sudoers/prompt.c

@@ -158,5 +158,6 @@ expand_prompt(const char *old_prompt, const char *auth_user)
 
 oflow:
     /* We pre-allocate enough space, so this should never happen. */
-    fatalx(U_("internal error, %s overflow"), __func__);
+    warningx(U_("internal error, %s overflow"), __func__);
+    debug_return_str(NULL);
 }

plugins/sudoers/set_perms.c

@@ -281,6 +281,10 @@ set_perms(int perm)
 	    goto bad;
 	}
 	state->grlist = runas_setgroups();
+	if (state->grlist == NULL) {
+	    errstr = N_("unable to set runas group vector");
+	    goto bad;
+	}
 	state->ruid = ostate->ruid;
 	state->euid = runas_pw ? runas_pw->pw_uid : user_uid;
 	state->suid = ostate->suid;
@@ -602,6 +606,10 @@ set_perms(int perm)
 	    goto bad;
 	}
 	state->grlist = runas_setgroups();
+	if (state->grlist == NULL) {
+	    errstr = N_("unable to set runas group vector");
+	    goto bad;
+	}
 	state->ruid = ostate->ruid;
 	state->euid = runas_pw ? runas_pw->pw_uid : user_uid;
 	state->suid = ostate->suid;
@@ -990,6 +998,10 @@ set_perms(int perm)
 	    goto bad;
 	}
 	state->grlist = runas_setgroups();
+	if (state->grlist == NULL) {
+	    errstr = N_("unable to set runas group vector");
+	    goto bad;
+	}
 	state->ruid = ROOT_UID;
 	state->euid = runas_pw ? runas_pw->pw_uid : user_uid;
 	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: "
@@ -1286,6 +1298,10 @@ set_perms(int perm)
 	    goto bad;
 	}
 	state->grlist = runas_setgroups();
+	if (state->grlist == NULL) {
+	    errstr = N_("unable to set runas group vector");
+	    goto bad;
+	}
 	state->ruid = ostate->ruid;
 	state->euid = runas_pw ? runas_pw->pw_uid : user_uid;
 	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: "
@@ -1591,8 +1607,10 @@ runas_setgroups(void)
 #ifdef HAVE_SETAUTHDB
     aix_restoreauthdb();
 #endif
-    if (sudo_setgroups(grlist->ngids, grlist->gids) < 0)
+    if (sudo_setgroups(grlist->ngids, grlist->gids) < 0) {
-	log_fatal(USE_ERRNO|MSG_ONLY, N_("unable to set runas group vector"));
+	sudo_grlist_delref(grlist);
+	grlist = NULL;
+    }
     debug_return_ptr(grlist);
 }
 #endif /* HAVE_SETRESUID || HAVE_SETREUID || HAVE_SETEUID */