isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MAX* + 1 -> MAX*

Browse Source
This commit is contained in:
Todd C. Miller
1998-04-06 03:15:39 +00:00
parent 96d7c59702
commit c27d678ff7
5 changed files with 22 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
check.c
View File

@@ -124,7 +124,7 @@ int user_is_exempt __P((void));
* Globals * Globals
*/ */
static int timedir_is_good; static int timedir_is_good;
static char timestampfile[MAXPATHLEN + 1]; static char timestampfile[MAXPATHLEN];
#ifdef HAVE_SECURID #ifdef HAVE_SECURID
union config_record configure; union config_record configure;
#endif /* HAVE_SECURID */ #endif /* HAVE_SECURID */

4
find_path.c
View File

@@ -94,7 +94,7 @@ extern char *strdup __P((const char *));
char * find_path(file) char * find_path(file)
char *file; /* file to find */ char *file; /* file to find */
{ {
static char command[MAXPATHLEN + 1]; /* qualified filename */ static char command[MAXPATHLEN]; /* qualified filename */
register char *n; /* for traversing path */ register char *n; /* for traversing path */
char *path = NULL; /* contents of PATH env var */ char *path = NULL; /* contents of PATH env var */
char *origpath; /* so we can free path later */ char *origpath; /* so we can free path later */
@@ -105,7 +105,7 @@ char * find_path(file)
command[0] = '\0'; command[0] = '\0';
if (strlen(file) > MAXPATHLEN) { if (strlen(file) >= MAXPATHLEN) {
errno = ENAMETOOLONG; errno = ENAMETOOLONG;
(void) fprintf(stderr, "%s: path too long: %s\n", Argv[0], file); (void) fprintf(stderr, "%s: path too long: %s\n", Argv[0], file);
exit(1); exit(1);

12
parse.c
View File

@@ -211,13 +211,15 @@ int command_matches(cmnd, user_args, path, sudoers_args)
struct stat pst; struct stat pst;
DIR *dirp; DIR *dirp;
struct dirent *dent; struct dirent *dent;
char buf[MAXPATHLEN+1]; char buf[MAXPATHLEN];
static char *c; static char *c;
/* don't bother with pseudo commands like "validate" */ /* don't bother with pseudo commands like "validate" */
if (strchr(cmnd, '/') == NULL) if (strchr(cmnd, '/') == NULL)
return(FALSE); return(FALSE);
plen = strlen(path);
/* only need to stat cmnd once since it never changes */ /* only need to stat cmnd once since it never changes */
if (cmnd_st.st_dev == 0) { if (cmnd_st.st_dev == 0) {
if (stat(cmnd, &cmnd_st) < 0) if (stat(cmnd, &cmnd_st) < 0)
@@ -249,7 +251,6 @@ int command_matches(cmnd, user_args, path, sudoers_args)
else else
return(FALSE); return(FALSE);
} else { } else {
plen = strlen(path);
if (path[plen - 1] != '/') { if (path[plen - 1] != '/') {
#ifdef FAST_MATCH #ifdef FAST_MATCH
char *p; char *p;
@@ -291,6 +292,9 @@ int command_matches(cmnd, user_args, path, sudoers_args)
return(FALSE); return(FALSE);
while ((dent = readdir(dirp)) != NULL) { while ((dent = readdir(dirp)) != NULL) {
/* ignore paths > MAXPATHLEN (XXX - log) */
if (plen + strlen(dent->d_name) >= sizeof(buf))
continue;
strcpy(buf, path); strcpy(buf, path);
strcat(buf, dent->d_name); strcat(buf, dent->d_name);
#ifdef FAST_MATCH #ifdef FAST_MATCH
@@ -404,13 +408,13 @@ int netgr_matches(netgr, host, user)
#ifdef HAVE_GETDOMAINNAME #ifdef HAVE_GETDOMAINNAME
/* get the domain name (if any) */ /* get the domain name (if any) */
if (domain == (char *) -1) { if (domain == (char *) -1) {
if ((domain = (char *) malloc(MAXHOSTNAMELEN + 1)) == NULL) { if ((domain = (char *) malloc(MAXHOSTNAMELEN)) == NULL) {
perror("malloc"); perror("malloc");
(void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]); (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]);
exit(1); exit(1);
} }
if (getdomainname(domain, MAXHOSTNAMELEN + 1) != 0 || *domain == '\0') { if (getdomainname(domain, MAXHOSTNAMELEN) != 0 || *domain == '\0') {
(void) free(domain); (void) free(domain);
domain = NULL; domain = NULL;
} }

12
sudo.c
View File

@@ -146,9 +146,9 @@ char *cmnd = NULL;
char *cmnd_args = NULL; char *cmnd_args = NULL;
char *tty = "unknown"; char *tty = "unknown";
char *prompt; char *prompt;
char host[MAXHOSTNAMELEN + 1]; char host[MAXHOSTNAMELEN];
char *shost; char *shost;
char cwd[MAXPATHLEN + 1]; char cwd[MAXPATHLEN];
FILE *sudoers_fp = NULL; FILE *sudoers_fp = NULL;
struct stat cmnd_st; struct stat cmnd_st;
static char *runas_homedir = NULL; static char *runas_homedir = NULL;
@@ -459,10 +459,10 @@ static void load_globals(sudo_mode)
/* /*
* so we know where we are... (do as user) * so we know where we are... (do as user)
*/ */
if (!getwd(cwd)) { if (!getcwd(cwd, sizeof(cwd))) {
/* try as root... */ /* try as root... */
set_perms(PERM_ROOT, sudo_mode); set_perms(PERM_ROOT, sudo_mode);
if (!getwd(cwd)) { if (!getcwd(cwd), sizeof(cwd)) {
(void) fprintf(stderr, "%s: Can't get working directory!\n", (void) fprintf(stderr, "%s: Can't get working directory!\n",
Argv[0]); Argv[0]);
(void) strcpy(cwd, "unknown"); (void) strcpy(cwd, "unknown");
@@ -474,7 +474,7 @@ static void load_globals(sudo_mode)
* load the host global variable from gethostname() and use * load the host global variable from gethostname() and use
* gethostbyname() if we want to be sure it is fully qualified. * gethostbyname() if we want to be sure it is fully qualified.
*/ */
if ((gethostname(host, MAXHOSTNAMELEN))) { if ((gethostname(host, sizeof(host)))) {
strcpy(host, "localhost"); strcpy(host, "localhost");
log_error(GLOBAL_NO_HOSTNAME); log_error(GLOBAL_NO_HOSTNAME);
inform_user(GLOBAL_NO_HOSTNAME); inform_user(GLOBAL_NO_HOSTNAME);
@@ -754,7 +754,7 @@ static void add_env(contiguous)
static void load_cmnd(sudo_mode) static void load_cmnd(sudo_mode)
int sudo_mode; int sudo_mode;
{ {
if (strlen(NewArgv[0]) > MAXPATHLEN) { if (strlen(NewArgv[0]) >= MAXPATHLEN) {
errno = ENAMETOOLONG; errno = ENAMETOOLONG;
(void) fprintf(stderr, "%s: %s: Pathname too long\n", Argv[0], (void) fprintf(stderr, "%s: %s: Pathname too long\n", Argv[0],
NewArgv[0]); NewArgv[0]);

8
testsudoers.c
View File

@@ -76,9 +76,9 @@ extern int num_interfaces;
char *cmnd = NULL; char *cmnd = NULL;
char *cmnd_args = NULL; char *cmnd_args = NULL;
char *runas_user = "root"; char *runas_user = "root";
char host[MAXHOSTNAMELEN+1]; char host[MAXHOSTNAMELEN];
char *shost; char *shost;
char cwd[MAXPATHLEN+1]; char cwd[MAXPATHLEN];
struct passwd *user_pw_ent; struct passwd *user_pw_ent;
char **Argv, **NewArgv; char **Argv, **NewArgv;
int Argc, NewArgc; int Argc, NewArgc;
@@ -224,13 +224,13 @@ int netgr_matches(netgr, host, user)
#ifdef HAVE_GETDOMAINNAME #ifdef HAVE_GETDOMAINNAME
/* get the domain name (if any) */ /* get the domain name (if any) */
if (domain == (char *) -1) { if (domain == (char *) -1) {
if ((domain = (char *) malloc(MAXHOSTNAMELEN + 1)) == NULL) { if ((domain = (char *) malloc(MAXHOSTNAMELEN)) == NULL) {
perror("malloc"); perror("malloc");
(void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]); (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]);
exit(1); exit(1);
} }
if (getdomainname(domain, MAXHOSTNAMELEN + 1) != 0 || *domain == '\0') { if (getdomainname(domain, MAXHOSTNAMELEN) != 0 || *domain == '\0') {
(void) free(domain); (void) free(domain);
domain = NULL; domain = NULL;
} }